forked from vecna/sniffjoke
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TODO.txt
37 lines (28 loc) · 1.43 KB
/
TODO.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
TODO list for SniffJoke 0.5
SERVICE
. testing IP options over different target OS
. implement passive OS fingerprint with p0f in SessionTrack
. verify gateway usage, implement ip source selection
. accept whitelist/blacklist as configuration by client
. implement server side support and port listening protection
. NetIO.cc and UserConf.cc need to became an extension of a generic superclass
to supports different OS easily.
CLIENT
. make a C#/Windows porting for sniffjokecli
. develop a better protocol instead of SJ-PROTOCOL.txt based on C struct
. make a firefox button in order to add in the whitelist the sites in use
PLUGINS
. layer 5 malformation, will support:
- expansion of fake_data in order to inject layer 5 acceptable data and not
simply random
- expand fake data with a template model, in order to exploit fault in
layer 5 sniffer flow reassembler
BUGS - HEADER OPTIONS
The main problems in IP/TCP options handling is:
- you need to probe each of them for every destination, like ttlbruteforce does
- you need a incominfilter like the plugins, for understood if a packet is generate
by an options error and thus need to be stripped off
- is needed a condition too, because in IP header options is not a problem use/abuse
but in the TCP, the flags and the connection status *does matter*, and a
condition() became required.
- this will be solved developing the Scramble classes