Government Security
Network Security Resources

Jump to content

Photo

Remote OS Detection

- - - - -
  • Please log in to reply
9 replies to this topic

#1 hacked47

hacked47

    Private

  • Members
  • 7 posts

Posted 28 September 2008 - 06:15 AM

I have been trying to code a vb app that will detect the remote operating system of a computer.

So far all I have been able to do is to ping an ip, then by the TTL I can guess what OS is in use.

Does anyone know of a better way, that can be achieved in visual basic?

#2 webdevil

webdevil

    Retired GSO General

  • Sergeant Major
  • 1,195 posts

Posted 28 September 2008 - 09:31 AM

Well nmap uses known signatures to detect the OS version.
So if you can build on its database you will probably have better OS detection.

The best way is to club two or three modes of OS detection commonly used for the best possible detection, then again nmap probably does that.
I believe there is some sort of documentation(book) out for nmap which should help you understand how they do it.

I have a page bookmarked which can provide some insight to too.
/http://www.honeynet.org/papers/finger/

Best of Luck!

#3 hacked47

hacked47

    Private

  • Members
  • 7 posts

Posted 29 September 2008 - 10:52 AM

Thanks for that link, I now know what I need to be looking for but im unsure how.

I know how to find the TTL and the TOS but I don't know how to find the Window Size.

If anyone knows how to find the window size I will be able to narrow down the possible operating systems considerably.

I will post here if I find out how.

#4 meathive

meathive

    Staff Sergeant

  • Sergeant Major
  • 254 posts

Posted 30 September 2008 - 04:16 AM

http://www.sans.org/...tocols/1891.php
...oO oO oO kinqpinz.info Oo Oo Oo...
---------------------------------------------------------
# angelheaded hipsters
## burning for the ancient heavenly connection
### to the starry dynamo
#### in the machinery of night.

#5 hacked47

hacked47

    Private

  • Members
  • 7 posts

Posted 03 October 2008 - 10:20 AM

thanks, thats a useful link

I have an okay method of os detection, now im looking into the syn > syn/ack > rst method of scanning

thanks again,

#6 webdevil

webdevil

    Retired GSO General

  • Sergeant Major
  • 1,195 posts

Posted 03 October 2008 - 10:59 AM

A couple of days ago, Irongeek had a question which should probably help you.
Refer to the link in this post
http://governmentsec.......c=30254&hl=

He is trying to fail the OS detection by multiple scanners and you are trying to build on it. You should get useful info. ;)

#7 Guest_Dennis_*

Guest_Dennis_*
  • Guests

Posted 31 October 2008 - 08:22 AM

Also try p0f v2: http://lcamtuf.coredump.cx/p0f-help/

#8 GhostShell

GhostShell

    Staff Sergeant

  • Members
  • 345 posts

Posted 31 October 2008 - 09:21 PM

Search for the application I believe illwill had a part in I think it was called "OS Detector".
I liked it and think it might have been open source it can help.
it ran off p445 I think.

Good Luck,
m8
http://pcsubject.com/ <- My new Blog

"As a young boy, I was taught in high school that hacking was cool." -Kevin Mitnick

"It's easy to point and click programs, but thats not real hacking." -illwill

#9 Guest_DiabloHorn_*

Guest_DiabloHorn_*
  • Guests

Posted 01 November 2008 - 06:35 AM

try performing applicaion os detection, this week som1 published a paper about it.

easier to do in visual basic instead of low level stuff. You could of course always make a C dll and use it with vb, so that vb is only responsible for the gui stuff.

#10 zarox

zarox

    Private

  • Members
  • 4 posts

Posted 19 January 2009 - 06:39 AM

Private Declare Function GetVersionExA Lib "kernel32" _
(lpVersionInformation As OSVERSIONINFO) As Integer
Public Type OSVERSIONINFO
dwOSVersionInfoSize As Long
dwMajorVersion As Long
dwMinorVersion As Long
dwBuildNumber As Long
dwPlatformId As Long
szCSDVersion As String * 128
End Type
Private Function LPSTRToVBString$(ByVal s$)
Dim nullpos&
nullpos& = InStr(s$, Chr$(0))
If nullpos > 0 Then
LPSTRToVBString = Left$(s$, nullpos - 1)
Else
LPSTRToVBString = ""
End If
End Function
Public Function GetVersion1() As String
Dim osinfo As OSVERSIONINFO
Dim retvalue As Integer
osinfo.dwOSVersionInfoSize = 148
osinfo.szCSDVersion = Space$(128)
retvalue = GetVersionExA(osinfo)
With osinfo
Select Case .dwPlatformId
Case 1
Select Case .dwMinorVersion
Case 0
getVersion1 = "Windows 95"
Case 10
getVersion1 = "Windows 98"
Case 90
getVersion1 = "Windows Millenium"
End Select
Case 2
Select Case .dwMajorVersion
Case 3
getVersion1 = "Windows NT 3.51"
Case 4
getVersion1 = "Windows NT 4.0"
Case 5
If .dwMinorVersion = 0 Then
getVersion1 = "Windows 2000"
Else
getVersion1 = "Windows XP"
End If
Case 6
getVersion1 = "Windows Vista"
End Select
Case Else
getVersion1 = "Unknown"
End Select
End With
End Function