- Added fingerprinting to the public version. Poison does single packet OS fingerprinting. This means it doesn't send any additional packets. It sends syns to detect open ports, as usual, and determines the OS based on the syn/ack it receives.
Example:
X.Y.172.222 port 80 open Microsoft Small Business Server 2003
- Massively improved banner grabbing
Posion can now do several reads, times out, parses and replies to telnet options, and assembles telnet banners into easier readable chunks. Banner length can be adjusted in banner.h
Example:
X.Y.45.208 port 23 Banner: .HP JetDirect Password is not set Please type menu"for the MENU system,or for help,or for current settings.
So I am working on a project which is an ugly hack (but works). I'm using Wireshark to do something it wasn't intended to do. I'd be interested in starting the project from scratch though. But as I miss quality GUI coding abilities, I so far decided against it.
If you're willing to help in an open-source project which could (imho) develop a following, are a more or less skilled GUI(wxWidgets??) coder and reliable, contact me please (email: warlord / nologin.org).
Description: In-game message snarfing utility for Microsofts Age of Empires 2. Tested with AoE2, Conquerors expansion, version 1.0c. In-game chat messages are sent to all players, not just the intended recipients, and filtered client-side. This little utility displays _all_ the messages, even those players of the other team(s) send to their mates.
Just make sure the machine running AgeMessageSnarf can see the game traffic.
As there's plenty of things to keep me busy I haven't updated the site in a while, even though I have content to add. Within the next days I want to add a newer version of poison (written in September 07) which has massive improvements in banner grabbing, especially for port 23.
Also, I'll release a new tool, which can be used for cheating purposes in an old game. I never got the newer version of the game to see whether they still use the same protocol.
Also, I want to release a pretty big and cool project I originally wrote in 2006. While it works fine, I feel like it requires some finishing touches to be useful for a more general public.
So these are my plans for the upcoming weeks.
Due to a typo in receive.c, poison sometimes worked and sometimes didn't on Linux. Those bugs are really annoying, and that's also why I didn't catch it before posting version 1.5. It worked after all....
So here's 1.5.1. Enjoy!