valdikss / p0f-mtu-script Goto Github PK

Hello, can you put the/home/p0f - logs/above the socket on the socket open source? Thank you for

Hello, i install p0f. Then i tried open your script in web. I see nothing about OS. Only PTR = r-239-60-62-5.consumer-pool.prcdn.net ... in index.php i change to
exec("/opt/p0f-3.09b/tools/p0f-client /opt/p0f-3.09b/p0f-socket ".$_SERVER['REMOTE_ADDR'], $pof_output);
that actual folder where p0f located... Can you halp me please...

hello whene we try the script is back
HTTP software | nginx 1.x (ID is fake)
Network link | DSL
and in http://witch.valdikss.org.ru/
HTTP software = Chrome 60.x or newer (ID seems legit)
MTU = 1492
Network link = PPPoE

any fix please ?

My server:
First seen = 2017/03/30 01:53:30
Last update = 2017/03/30 01:53:38
Total flows = 8
Detected OS = Linux 2.2.x-3.x (no timestamps) [generic]
HTTP software = ???
MTU = 1500
Network link = Ethernet or modem
Language = Portuguese
Distance = 10
IP sharing = 2017/03/30 01:53:37
Sys change = 2017/03/30 01:53:39

PTR test = Probably home user
Fingerprint and OS match. No proxy detected (this test does not include headers detection).
No OpenVPN detected.
Getting your NTLM hash…

Your site http://witch.valdikss.org.ru/:
First seen = 2017/03/30 02:10:05
Last update = 2017/03/30 02:41:17
Total flows = 4
Detected OS = Linux 3.11 and newer
HTTP software = Chrome 51.x or newer (ID seems legit)
MTU = 1408
Network link = OpenVPN UDP bs64 SHA1 lzo
Language = Portuguese
Distance = 14
Uptime = 10 days 3 hrs 36 min (modulo 198 days)

PTR test = Probably home user
Fingerprint and OS match. No proxy detected (this test does not include headers detection).
OpenVPN detected. Block size is 64 bytes long (probably Blowfish), MAC is SHA1, LZO compression enabled.
No NTLM hash is leaked. Try to manually copy&paste
file://witch.valdikss.org.ru/a to the address bar (Windows with IE/Edge/Chrome) or
\witch.valdikss.org.ru\a (Windows with Firefox).

As I see read the code of index.php, it tries to execute two local scripts:

• /opt/p0f-mtu/tools/p0f-client
• /opt/p0f-mtu/p0f-socket

in this line:

exec("/opt/p0f-mtu/tools/p0f-client /opt/p0f-mtu/p0f-socket ".$_SERVER['REMOTE_ADDR'], $pof_output);

The scripts are missing from the package. Can you please add them? It's where the whole work is done, right? ;-)

in gethash.php, there's references to Responder.db that's not part of the source base. As such, the functionality of the gethash.php script is limited.