[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Presentation of Message-ID Fingerprinting Tool



Hello,

Within penetration tests client-oriented attacks become more and more
important.

I have created a script which is able to determine the mail client from
the message-id which is included in an email. Midfp (Message-ID
Fingerprinter) is going to analyze the structure of the message-id and
compare it with regular expressions against a data base. Thus, no
further analysis of the email (e.g. the header structures as like in my
browserrecon project; http://www.computec.ch/projekte/browserrecon/) is
required.

* Discussion of the Implementation (German only)
http://www.scip.ch/?labs.20090911
http://www.scip.ch/?labs.20090717

* Online Demo
http://www.scip.ch/labs/files/midfp/

* Download midfp-1.0php
http://www.scip.ch/labs/files/midfp-1.0.tar.gz

Regards,

Marc Ruef

-- 
Marc Ruef | maru@xxxxxxx
scip AG | Badenerstrasse 551 | 8048 Zurich
T +41 44 404 13 13 | F +41 44 404 13 14
Aktuelle Forschungen: http://www.scip.ch/?labs

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/