search

mandatoryprogrammer / sonar.js

A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration combined with WebSockets and external resource fingerprinting.
MIT License
540 stars 76 forks source link

Schema Redesign #14

Open moloch-- opened 8 years ago

moloch-- commented 8 years ago

Updated JSON schema to remove ambiguity around what constitutes a "fingerprint," and allow for us to more easily add more attributes:

Single "Fingerprint" Object

{
    "name": "ASUS RT-N66U",
    "created": "2015-09-07 01:02:10.229153",
    "resources": ["/images/New_ui/asustitle.png","/images/loading.gif","/images/alertImg.png","/images/New_ui/networkmap/line_one.png","/images/New_ui/networkmap/lock.png","/images/New_ui/networkmap/line_two.png","/index_style.css","/form_style.css","/NM_style.css","/other.css"],
}
 [
    {
        "name": "ASUS RT-N66U",
        "created": "2015-09-07 01:02:10.229153",
        "resources": ["/images/New_ui/asustitle.png","/images/loading.gif","/images/alertImg.png","/images/New_ui/networkmap/line_one.png","/images/New_ui/networkmap/lock.png","/images/New_ui/networkmap/line_two.png","/index_style.css","/form_style.css","/NM_style.css","/other.css"],

    },
    {
        "name": "Linksys WRT54G",
        "created": "2015-08-07 01:02:10.229153",
        "resources": ["/UILinksys.gif","/UI_10.gif","/UI_07.gif","/UI_06.gif","/UI_03.gif","/UI_02.gif","/UI_Cisco.gif","/style.css"],

    },
]
CheatCodes commented 8 years ago

+1 for the new schema. An fingerprint object would allow the fingerprint to be more flexible like specifying IP addresses or ranges for a fingerprint, this could be useful for #10. It could also by used to specify the device is only accessible over https or to add a separate version field to help automate post discovery actions like exploitation.

 [
    {
        "name": "Some device",
        "version": "1.2.3",
        "created": "2015-09-07 01:02:10.229153",
        "resources": ["/someresource.css"],
        "address": ["192.168.1.1"],
        "protocol": "https",
    },
]
mandatoryprogrammer commented 8 years ago

Yep this is a good idea - I'll start coding on it today (thanks @moloch-- and @x0e-foobar)

mandatoryprogrammer commented 8 years ago

Changed scheme to reflect what @moloch-- suggested, will add more functionality for things such as protocol and address soon :smile:

Google Chrome fingerprint generator update should be approval in an hour or two.

moloch-- commented 8 years ago

Adding a version is also a very good idea