Friday, February 26, 19:25
Home how To p0f: How to use the open source web analytics tool

p0f: How to use the open source web analytics tool

In our current article we will deal with one more . tool ethical hacking, p0f. P0f belongs to the category of tools that one can use in gathering information (goal gathering). Specifically, it uses fingerprinting mechanisms to identify the systems behind any TCP / IP communication, without realizing its presence. P0f is now in the 3 version, and contains several enhancements and new features that its previous releases did not contain. Some of the uses of p0f can be seen below:

  • Profiling and espionage: The tool can be used to collect statistics and information about hosts and users. It also collects distance information in order to determine the remote network topology, which can be of great use in the part of pre-attack intelligence gathering.
  • Network Troubleshooting: The RST + function can be used to detect network errors and connection problems that you or your guests are experiencing.
  • Bypass a firewall: p0f can penetrate most NAT devices, firewalls etc. Its SYN + ACK function can be used to identify information in a connection where the firewall allows, even if the remaining packets are blocked.

p0f

How to install it

Using p0f can be done in a Windows environment, Linux and Kali Linux. Especially in Kali Linux you will find p0f pre-installed and under the "Information Gathering" category.

Windows

A prerequisite for using p0f in Windows is to install WinPcap. To download WinPcap visit the official tool's website here and download the latest installer version. Follow the Setup Wizard instructions and complete the installation.

p0f

Having successfully installed WinPcap, you can proceed with the installation of p0f by downloading the latest version of the tool from here (At the time of writing, the latest release is 3.07b).

p0f

You will notice that you downloaded a compressed folder. Unzip it and run the p0f.exe file.

Running the file will see it running in a cmd environment. After a few seconds it will return us the first information about the devices on the same network.

Linux

To install p0f in a Ubuntu Linux environment simply run one of the following commands:

sudo apt-get update

sudo apt-get install p0f

How to use it

Let's start our tour of p0f. To get started, at Kali Linux we can go to the "Information Gathering" category and choose p0f. So we'll look at all the possible parameters that we can use with this tool.

--- p0f 3.09b by Michal Zalewski --- p0f: invalid option - 'h' Usage: p0f [... options ...] ['filter rule'] Network interface options: -i iface - listen on the specified network interface -r file - read offline pcap data from a given file -p - put the listening interface in promiscuous mode -L - list all available interfaces Operating mode and output settings: -f file - read fingerprint database from 'file' (/etc/p0f/p0f.fp) -o file - write information to the specified log file -s name - answer to API queries at a named unix socket -u user - switch to the specified unprivileged account and chroot -d - fork into background (requires -o or -s) Performance-related options: -S limit - limit number of parallel API connections (20) -tc, h - set connection / host cache age limits (30s, 120m) -mc, h - cap the number of active connections / hosts (1000,10000 , 0) Optional filter expressions (man tcpdump) can be specified in the command line to prevent pXNUMXf from looking at incidental network tr affic. Problems? You can reach the author at .

In the example below we will intercept the eth0 interface in promiscuous mode to see all the traffic that is visible on this interface.

p0f

We will now open a browser and browse any page (e.g. www.twitter.com). We will see directly related to this traffic at the terminal.

We see through her IP address of our machine (in my case 192.168.142.132) and the connection he just completed with his twitter server with the 104.244.42.193 IP address on the 443 door.

We can discern useful information, such as the client using a Linux machine, which is valid as we made the connection from Kali Linux environment.

More information can be found at git repo of p0f. We look forward to your feedback.

 

 

LEAVE ANSWER

Please enter your comment!
Please enter your name here

stormi
stormi
Here's the crazy ones, the misfits, the rebels, the troublemakers ...

LIVE NEWS

Los Angeles: Flying cars in the city sky by 2024

Flying cars are now one step closer to becoming a reality, as one of the biggest players in the field has committed ...

How to hide the Tab bar in Safari for iPad (or reset it)

By default, Safari for iPad displays a toolbar full of browser tabs when you have more than one tab open. If you prefer ...

Bill Gates says he prefers Android smartphones to iPhones

Microsoft co-founder Bill Gates, this week participated in his first meeting with the company Clubhouse, which has the ...

Cybercriminals offer hacking services to governments

Hacking groups involved in various cybercrime are now so specialized that state governments use them for their own ...

Intel fixes bugs in Wi-Fi and Wireless Bluetooth drivers

Intel has encountered issues with Wi-Fi and Wireless Bluetooth drivers causing BSOD errors in Windows 10 and Bluetooth devices ...
00:03:10

Hyundai: The recall of 82.000 electric vehicles will be one of the most expensive in history

https://www.youtube.com/watch?v=TJxiFe0HESw Η Hyundai θα ανακαλέσει 82.000 ηλεκτρικά αυτοκίνητα για να αντικαταστήσει τις μπαταρίες τους, καθώς έγιναν 15...
00:02:35

Star Wars: Republic Commando is coming to PS4 and Nintendo Switch

https://www.youtube.com/watch?v=b1whMXAa8p8 Ήταν το 1977 όταν ο George Lucas μας έβαλε στον φανταστικό κόσμο του Star Wars, μέσω...

Npower: Disables mobile app after credential stuffing attacks

One of the largest energy companies in the United Kingdom, Npower, was forced to disable its mobile app when it learned about a ...
00:10:11

Virtual Reality (VR): What is it and how does it change our lives?

We often hear the term Virtual Reality (VR) in innovations in the field of gaming. However, this technology is not limited to ...

Giant company Sequoia Capital reveals data breach

The American company VC, Sequoia Capital, reveals that it was attacked by a hacker. Since its establishment in 1972, the venture capital company ...