OSfooler-ng prevents remote OS active/passive fingerprinting by tools like nmap or p0f. This fork based on change of Python nfqueue (NetfilterQueue) version from 0.5 to 0.8.1 for the sake of run the OSfooler-ng on different distros, not just deb-based.
Check original repo for info and stuff. You may also be interested of the OSfooler-ng author's speech at DEF CON 27 (running at Aug 8-11 2019)
This fork based on change of Python's nfqueue (NetfilterQueue) version from 0.5 to 0.8.1 for the sake of run the OSfooler-ng on different distros, not just deb-based.
You may help hugely by trying this on different distros. By now it's been tested fine on Arch and CentOS7.
To get this version, just use git:
$ git clone https://github.com/moonbaseDelta/OSfooler-ng.git
You need to install python NetfilterQueue (v0.8.1 or more) linux package. Download from PyPi:
$ wget https://files.pythonhosted.org/packages/39/c4/8f73f70442aa4094b3c37876c96cddad2c3e74c058f6cd9cb017d37ffac0/NetfilterQueue-0.8.1.tar.gz
$ tar -xzf NetfilterQueue-0.8.1.tar.gz
$ cd NetfilterQueue-0.8.1
$ sudo python setup.py install
or try:
$ pip install NetfilterQueue
Install OSfooler-ng in the standard way:
$ sudo python setup.py install
No such device IO error (error code 19):
$ <osfooler command> -i 'YOURINTERFACE'
To get the full list of OS to emulate, just use the flag '-n':
$ osfooler-ng -n
[+] Please, select nmap OS to emulate
+ "2N Helios IP VoIP doorbell"
+ "2Wire BT2700HG-V ADSL modem"
+ "2Wire 1701HG wireless ADSL modem"
[...]
+ "ZyXEL Prestige 660HW-61 ADSL router (ZyNOS 3.40)"
+ "ZyXEL Prestige 660HW-D1 wireless ADSL router"
+ "ZyXEL ZyWALL 2 Plus firewall"
To emulate an specific OS, just use the flag '-o' with the OS you want to emulate:
$ osfooler-ng -m "Sony Ericsson W705 or W715 Walkman mobile phone"
[+] Mutating to nmap:
Fingerprint Sony Ericsson W705 or W715 Walkman mobile phone
Class Sony Ericsson | embedded || phone
CPE cpe:/h:sonyericsson:w705
CPE cpe:/h:sonyericsson:w715
SEQ(CI=RD%II=I)
OPS(R=N)
WIN(R=N)
ECN(R=N)
T1(R=N)
T2(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)
T3(R=N)
T4(R=Y%DF=N%T=3B-45%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T5(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=N%T=3B-45%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T7(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(DF=N%T=3B-45%TG=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
IE(DFI=N%T=3B-45%TG=40%CD=S)
[+] Activating queues
[->] Process-1: nmap packet processor
To get the full list of OS to emulate, just use the flag '-l':
$ osfooler-ng -p
Please, select p0f OS Genre and Details
OS Genre="AIX" Details="4.3"
OS Genre="AIX" Details="4.3.2 and earlier"
OS Genre="AIX" Details="4.3.3-5.2 (1)"
[...]
OS Genre="-*NMAP" Details="OS detection probe w/flags (3)"
OS Genre="-*NMAP" Details="OS detection probe w/flags (4)"
OS Genre="-*NAST" Details="syn scan"
To emulate any p0f OS, just use the flag '-o' with the OS Genre. This will choose the main OS and custom version will be randomly loaded when a SYN packet is detected. For example:
$ osfooler-ng -o "PalmOS"
[+] Mutating to p0f:
WWW:S9|TTL:255|D:0|SS:44|OOO:M536|QQ:.|OS:PalmOS|DETAILS:Tungsten T3/C
WWW:S5|TTL:255|D:0|SS:44|OOO:M536|QQ:.|OS:PalmOS|DETAILS:3/4
WWW:S4|TTL:255|D:0|SS:44|OOO:M536|QQ:.|OS:PalmOS|DETAILS:3.5
WWW:2948|TTL:255|D:0|SS:44|OOO:M536|QQ:.|OS:PalmOS|DETAILS:3.5.3 (Handera)
WWW:S29|TTL:255|D:0|SS:44|OOO:M536|QQ:.|OS:PalmOS|DETAILS:5.0
WWW:16384|TTL:255|D:0|SS:44|OOO:M1398|QQ:.|OS:PalmOS|DETAILS:5.2 (Clie)
WWW:S14|TTL:255|D:0|SS:44|OOO:M1350|QQ:.|OS:PalmOS|DETAILS:5.2.1 (Treo)
WWW:16384|TTL:255|D:0|SS:44|OOO:M1400|QQ:.|OS:PalmOS|DETAILS:5.2 (Sony)
[+] Activating queues
[->] Process-1: p0f packet processor
You can also emulate the full p0f OS, using '-' with the OS Genre and '-d' with custom details:
$ osfooler-ng -o "Windows" -d "XP bare-bone"
[+] Mutating to p0f:
WWW:65520|TTL:128|D:1|SS:48|OOO:M*,N,N,S|QQ:.|OS:Windows|DETAILS:XP bare-bone
[+] Activating queues
[->] Process-1: p0f packet processor
OSfooler-ng is also capable os emulating both OS to defeat nmap and p0f. Just combine the parameters above:
$ osfooler-ng -m "Microsoft Windows 2000 SP4" -o "Windows" -d "2000 SP4"
[+] Mutating to nmap:
Fingerprint Microsoft Windows 2000 SP4
Class Microsoft | Windows | 2000 | general purpose
CPE cpe:/o:microsoft:windows_2000::sp4
SEQ(SP=7C-86%GCD=1-6%ISR=95-9F%TI=I%II=I%SS=O|S%TS=0)
OPS(O1=NNT11|M5B4NW0NNT00NNS%O2=NNT11|M5B4NW0NNT00NNS%O3=NNT11|M5B4NW0NNT00%O4=NNT11|M5B4NW0NNT00NNS%O5=NNT11|M5B4NW0NNT00NNS%O6=NNT11|M5B4NNT00NNS)
WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4=FFFF%W5=FFFF%W6=FFFF)
ECN(R=Y%DF=N%T=7B-85%TG=80%W=0%O=%CC=N%Q=U)
T1(R=Y%DF=Y%T=7B-85%TG=80%S=O%A=O|S+%F=A|AS%RD=0%Q=|U)
T2(R=Y%DF=N%T=7B-85%TG=80%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=U)
T3(R=Y%DF=N%T=7B-85%TG=80%W=0%S=Z%A=O%F=AR%O=%RD=0%Q=U)
T4(R=Y%DF=N%T=7B-85%TG=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=U)
T5(R=Y%DF=N%T=7B-85%TG=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=U)
T6(R=Y%DF=N%T=7B-85%TG=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=U)
T7(R=Y%DF=N%T=7B-85%TG=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=U)
U1(DF=N%T=7B-85%TG=80%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
IE(DFI=S%T=7B-85%TG=80%CD=Z)
[+] Mutating to p0f:
WWW:40320|TTL:128|D:1|SS:48|OOO:M*,N,N,S|QQ:.|OS:Windows|DETAILS:2000 SP4
[+] Activating queues
[->] Process-1: nmap packet processor
[->] Process-2: p0f packet processor
You can search inside nmap/p0f database for a specific OS, instead of getting the whole list. Just use the flag '-s' and enter the keyword you want to search for (case insensitive). You'll get any match found, and if it belongs to nmap or p0f databases:
$ osfooler-ng -s playstation
[+] Searching databases for: 'playstation'
[nmap] "Sony Playstation 4 or FreeBSD 10.2-RELEASE"
[nmap] "Sony PlayStation 2 game console test kit 2.2.1"
[nmap] "Sony PlayStation 3 game console"
[nmap] "Sony PlayStation 3 game console test kit"
[nmap] "Sony PlayStation 2 game console"
[p0f] OS: "Sony" DETAILS: "Playstation 2 (SOCOM?)"
Use the flag '-u' to check if there's a new version of nmap's database avaiable and to download it
$ osfooler-ng -u
[+] Checking nmap database... latest!
There are other interesting flags:
This project is licensed under the The GNU General Public License v3.0 - see the LICENSE.md file for details
FAQs
OSfooler-ng prevents remote OS active/passive fingerprinting by tools like nmap or p0f. This fork based on change of Python nfqueue (NetfilterQueue) version from 0.5 to 0.8.1 for the sake of run the OSfooler-ng on different distros, not just deb-based.
We found that OSfooler-ng-openwrt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.