Jump to content

GET TARGET_OS issue


arash53@gmail.com

Recommended Posts

I was wondering if someone could help me out understand why I cant get output from GET TARGET_OS

Today after watching the Darren's video about  GET TARGET_OS and AUTO_ETHERNET wanted to write a simple code ,I'm running the latest firmware 1.5_298

This is my code :

LED SETUP
ATTACKMODE  AUTO_ETHERNET ETHERNET_TIMEOUT_40
#ATTACKMODE RNDIS_ETHERNET ETHERNET_TIMEOUT_40
LED ATTACK

GET TARGET_OS
GET TARGET_IP 
GET TARGET_HOSTNAME
GET HOST_IP

ATTACKMODE HID
LED B
RUN WIN notepad.exe


Q ENTER
Q STRING "Target ip is : $TARGET_IP"
Q ENTER
Q STRING "Target OS is : $TARGET_OS"
Q ENTER
Q STRING "Target hostname is : $TARGET_HOSTNAME"
Q ENTER
Q STRING "HOST IP Address is : $HOST_IP"
Q ENTER

case "$TARGET_OS" in
    WINDOWS)
        LED C
        ;;
    MACOS)
        LED G
        ;;
    LINUX)
        LED B
        ;;
esac
 

The result for GET TARGET_OS is null, also when I use AUTO_ETHERNET the result for GET TARGET_IP is also null (TARGET_IP has result with RNDIS_ETHERNET)

Thanks,

Arash

 

 

Link to comment
Share on other sites

  • 2 weeks later...

From what I understand AUTO_ETHERNET takes a little longer for it to setup a connection (since it has to detect the OS first). I suggest waiting around 5-10 seconds before checking for an IP and an OS.

Also, your script is running "notepad.exe" no matter what OS it detects - so that won't work if you use anything other than a Windows machine. I know you're just doing it for testing purposes but I'm just making sure you know that, haha.

Link to comment
Share on other sites

So, I was looking through videos on scapy trying to figure out how to do something when I ran across a video of a guy writing an OS detection python module with scapy.  It was very small and very fast and worked off of one concept he discovered.  The default ttl returned by the machine.  It looked like Linux machines default set their ttl to 64 and Windows was what looked to be around 128 so he wrote a script to send a simple ping and if the ttl of the reply was less than 65 then it was linux else it was windows.

So, I decided to do a simple test.  From a Windows box I pinged my linux box and the ttl was 64.

I ping my Windows box from linux and the ttls were 128.

Maybe, the os detection can be done with a simple ping and reading the ttl though I do not know how OSX responds.  :-P.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...