Hello, Within penetration tests client-oriented attacks become more and more important.
I have created a script which is able to determine the mail client from the message-id which is included in an email. Midfp (Message-ID Fingerprinter) is going to analyze the structure of the message-id and compare it with regular expressions against a data base. Thus, no further analysis of the email (e.g. the header structures as like in my browserrecon project; http://www.computec.ch/projekte/browserrecon/) is required. * Discussion of the Implementation (German only) http://www.scip.ch/?labs.20090911 http://www.scip.ch/?labs.20090717 * Online Demo http://www.scip.ch/labs/files/midfp/ * Download midfp-1.0php http://www.scip.ch/labs/files/midfp-1.0.tar.gz Regards, Marc Ruef -- Marc Ruef | m...@scip.ch scip AG | Badenerstrasse 551 | 8048 Zurich T +41 44 404 13 13 | F +41 44 404 13 14 Aktuelle Forschungen: http://www.scip.ch/?labs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/