v0.0.5

2023-10-09 15:23:31 +08:00
parent 1a559eba99
commit 56e3dec5f0
29 changed files with 433055 additions and 184 deletions
--- a/README.md
+++ b/README.md
@@ -1,83 +1,20 @@
 # libosfp

-Libosfp is a C libaray for OS fingerprinting.
+Libosfp is a C library for OS fingerprinting.

 ## install
+
 ```
 # osfp_example depends on libpcap
 yum install -y libpcap-devel
-# build and install to ./target
-./autogen.sh; ./configure --prefix="$(pwd)/target"; make clean; make install
+# build and install
+./package.sh
+yum install package/*.rpm
 ```

 ## run example
-```
-# load the fingerprint file ./fp.json and capture on eth0, filter tcp port 8888
-./target/bin/osfp_example -f ./fp.json -i eth0 "tcp port 8888"
-# outputs like this
-# ---------------------------  SYN
-# Example ipv4 header detect: --------------------------
-# Connection info: 114.64.231.114:57570 -> 172.21.0.10:8888
-# Most likely os class: Windows
-# Details:
-# {
-#         "likely":       {
-#                 "name": "Windows",
-#                 "score":        20
-#         },
-#         "detail":       [{
-#                         "name": "Windows",
-#                         "score":        20
-#                 }, {
-#                         "name": "Linux",
-#                         "score":        10
-#                 }, {
-#                         "name": "Mac OS",
-#                         "score":        1
-#                 }, {
-#                         "name": "iOS",
-#                         "score":        0
-#                 }, {
-#                         "name": "Android",
-#                         "score":        7
-#                 }]
-# }
-```

-## sample
 ```
-#include "stdio.h" 
-#include "osfp.h" 
- 
-char iph[] = { 
-  0x45, 0x00, 0x00, 0x34, 0x51, 0xc4, 0x40, 0x00, 
-  0x80, 0x06, 0xe7, 0x27, 0xc0, 0xa8, 0x73, 0x08, 
-  0x6a, 0xb9, 0x23, 0x6e 
-}; 
- 
-char tcph[] = { 
-  0xc1, 0xbd, 0x00, 0x50, 0x3d, 0x58, 0x51, 0x60, 
-  0x00, 0x00, 0x00, 0x00, 0x80, 0x02, 0x20, 0x00, 
-  0x3d, 0x3a, 0x00, 0x00, 0x02, 0x04, 0x04, 0xec, 
-  0x01, 0x03, 0x03, 0x08, 0x01, 0x01, 0x04, 0x02 
-};  
- 
-int main(int argc, char **argv) 
-{ 
-    const char *json_file_path = "./fp.json";
- 
-    struct iphdr *l3_hdr = (struct iphdr *)iph; 
-    struct tcphdr *l4_hdr = (struct tcphdr *)tcph; 
-    size_t l4_hdr_len = sizeof(tcph); 
- 
-    struct osfp_db *db = osfp_db_new(json_file_path); 
-    if (db) {
-        struct osfp_result *result = osfp_ipv4_identify(db, l3_hdr, l4_hdr, l4_hdr_len); 
-        if (result) { 
-            printf("likely os: %s\n", osfp_result_os_name_get(result)); 
-            printf("details: \n%s\n", osfp_result_score_detail_export(result)); 
-            osfp_db_free(db); 
-        } 
-    }
-}
+# load the fingerprint file and capture on eth0, filter tcp port 8888
+osfp_example -f /usr/var/lib/libosfp/fp.json -i eth0 "tcp port 8888"
 ```