| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5F9D803B30A8E4418166E637D50E9E2A2E4F13@miraculix.scip.ch> Date: Sun, 13 Sep 2009 09:13:39 +0200 From: "Marc Ruef" <maru@...p.ch> To: <full-disclosure@...ts.grok.org.uk>, <news@...uriteam.com>, <submissions@...ketstormsecurity.org> Subject: Presentation of Message-ID Fingerprinting Tool Hello, Within penetration tests client-oriented attacks become more and more important. I have created a script which is able to determine the mail client from the message-id which is included in an email. Midfp (Message-ID Fingerprinter) is going to analyze the structure of the message-id and compare it with regular expressions against a data base. Thus, no further analysis of the email (e.g. the header structures as like in my browserrecon project; http://www.computec.ch/projekte/browserrecon/) is required. * Discussion of the Implementation (German only) http://www.scip.ch/?labs.20090911 http://www.scip.ch/?labs.20090717 * Online Demo http://www.scip.ch/labs/files/midfp/ * Download midfp-1.0php http://www.scip.ch/labs/files/midfp-1.0.tar.gz Regards, Marc Ruef -- Marc Ruef | maru@...p.ch scip AG | Badenerstrasse 551 | 8048 Zurich T +41 44 404 13 13 | F +41 44 404 13 14 Aktuelle Forschungen: http://www.scip.ch/?labs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists