Wednesday, October 27, 2021

Fingerprinting device properties on Windows via DCERPC without authentication

Correctly identifying and categorizing network-connected systems without credentials is a tricky challenge and one of the fun parts of working at Rumble. This process of “fingerprinting” uses thousands of rules, pattern matches, and internal databases to take observed properties of a system and produce a set of weighted matches. These matches cover the device type, operating system, physical hardware make/model, and services, but sometimes that isn’t enough.

A fingerprint challenge we’ve been w…

Read More

Latest news
Related news