MCPcopy Index your code
hub / github.com/secdev/scapy / p0f

Function p0f

scapy/modules/p0fv2.py:292–311  ·  view source on GitHub ↗

Passive OS fingerprinting: which OS emitted this TCP packet ? p0f(packet) -> accuracy, [list of guesses]

(pkt)

Source from the content-addressed store, hash-verified

290
291@conf.commands.register
292def p0f(pkt):
293 """Passive OS fingerprinting: which OS emitted this TCP packet ?
294p0f(packet) -> accuracy, [list of guesses]
295"""
296 db, sig = packet2p0f(pkt)
297 if db:
298 pb = db.get_base()
299 else:
300 pb = []
301 if not pb:
302 warning("p0f base empty.")
303 return []
304 # s = len(pb[0][0])
305 r = []
306 max = len(sig[4].split(",")) + 5
307 for b in pb:
308 d = p0f_correl(sig, b)
309 if d == max:
310 r.append((b[6], b[7], b[1] - pkt[IP].ttl))
311 return r
312
313
314def prnp0f(pkt):

Callers 1

prnp0fFunction · 0.70

Calls 5

warningFunction · 0.90
p0f_correlFunction · 0.85
packet2p0fFunction · 0.70
get_baseMethod · 0.45
appendMethod · 0.45

Tested by

no test coverage detected