Enumerate a web client

6 posts, 0 answers
  1. John
    John avatar
    3 posts
    Member since:
    Nov 2014

    Posted 24 Nov 2014 Link to this post

    Hi,

    Want to know if there is any option to enumerate a web client requesting a HTTP session and get the maximum information about the web client, at least the following information:

    1.    MAC/Hardware address of the client
    2.    Computer name
    3.   OS type
    4.    IP address
    5.   Current user logged in or users list

    Fiddler will be configured to act as reverse proxy.

    Thank you,
    JD

  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 24 Nov 2014 Link to this post

    Servers (including proxies, like Fiddler), in general have a limited ability to learn information about remote clients.

    + You can easily determine a client's IP address (as it's inherent in the request itself).
    - You cannot readily determine the client's OS, unless the OS information is included in the request. It happens that it often is included in the User-Agent string header sent by browsers, but this information is obviously easily spoofed.
    - You cannot readily determine a client's "Computer name" unless the PC is configured in the DNS such that looking up its IP address returns the computer name.
    - There's no way to determine "users list" from a request. If you prompt for authentication and if the client computer is configured to respond to authentication challenges, you may be able to determine a login username.
    - You may or may not be able to determine the Mac/Hardware address of the client, depending on what networking equipment is located between the client and the server.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  3. John
    John avatar
    3 posts
    Member since:
    Nov 2014

    Posted 25 Nov 2014 in reply to Eric Lawrence Link to this post

    Firstly, Thank you for the reply.
    I totally agree with your mentioned points and it will not be a Out of the box solution.
    But still can we initiative a response script to gather the information when ever a client request for a session?
    Many thanks,
    JD
  4. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 26 Nov 2014 Link to this post

    Hello, John--

    For security reasons, browsers do not expose scriptable methods that expose the information you hope to obtain.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  5. John
    John avatar
    3 posts
    Member since:
    Nov 2014

    Posted 26 Nov 2014 in reply to Eric Lawrence Link to this post

    Hello Eric,

    I am not sure if I am getting it right.
    Please correct me if i am wrong.

    Sequential approach:

    1. Web client requests a web session from a web server.
    2. Fiddler intercepts the connection as a reverse proxy
    3. Fiddler initiates a script to scan the client, like a nmap script or any other enumeration scripts. (considering there is no firewall between the fiddler and client) nmap enumerates the client and provides the OS, IP address, MAC and other information.

    Thanks & Regards,
    JD


  6. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 26 Nov 2014 Link to this post

    The Session's oFlags["X-ClientIP"] property holds the connecting client's IP address. You can do with that whatever you like.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
Back to Top