add ua fingerprinting for chrome and opera

git-svn-id: file:///home/svn/framework3/trunk@10717 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/core/exploit/http/server.rb

@@ -124,87 +124,91 @@ module Exploit::Remote::HttpServer
 	end
 
 	def fingerprint_user_agent(ua_str)
+		fp = { :ua_string => ua_str }
+
 		# always check for IE last because everybody tries to
 		# look like IE
-		case (ua_str)
-			when /version\/(\d+\.\d+\.\d+).*safari/
-				ua_name = HttpClients::SAFARI
-				ua_ver = $1
+		case (ua_str.downcase)
+			# Chrome tries to look like Safari, so check it first
+			when /chrome\/(\d+(:?\.\d+)*)/
+				# Matches, e.g.:
+				# Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
+				fp[:ua_name] = HttpClients::CHROME
+				fp[:ua_ver] = $1
+			when /version\/(\d+(:?\.\d+)*)\s*safari/
+				fp[:ua_name] = HttpClients::SAFARI
+				fp[:ua_ver] = $1
 			when /firefox\/((:?[0-9]+\.)+[0-9]+)/
-				ua_name = HttpClients::FF
-				ua_ver = $1
+				fp[:ua_name] = HttpClients::FF
+				fp[:ua_ver] = $1
+			when /opera\/(\d+(:?\.\d+)*)/
+				fp[:ua_name] = HttpClients::OPERA
+				fp[:ua_ver] = $1
 			when /mozilla\/[0-9]\.[0-9] \(compatible; msie ([0-9]\.[0-9]+)/
-				ua_name = HttpClients::IE
-				ua_ver = $1
+				fp[:ua_name] = HttpClients::IE
+				fp[:ua_ver] = $1
 			else
-				ua_name = HttpClients::UNKNOWN
+				fp[:ua_name] = HttpClients::UNKNOWN
 		end
-		case (ua_str)
+		case (ua_str.downcase)
 			when /(en-us|en-gb)/
-				os_lang = $1
+				fp[:os_lang] = $1
 		end
-		case (ua_str)
+		case (ua_str.downcase)
 			when /windows/
-				os_name = OperatingSystems::WINDOWS
-				arch = ARCH_X86
+				fp[:os_name] = OperatingSystems::WINDOWS
+				fp[:arch] = ARCH_X86
 			when /linux/
-				os_name = OperatingSystems::LINUX
+				fp[:os_name] = OperatingSystems::LINUX
 			when /iphone/
-				os_name = OperatingSystems::MAC_OSX
-				arch = 'armle'
+				fp[:os_name] = OperatingSystems::MAC_OSX
+				fp[:arch] = 'armle'
 			when /mac os x/
-				os_name = OperatingSystems::MAC_OSX
+				fp[:os_name] = OperatingSystems::MAC_OSX
 			else
-				os_name = OperatingSystems::UNKNOWN
+				fp[:os_name] = OperatingSystems::UNKNOWN
 		end
-		case (ua_str)
+		case (ua_str.downcase)
 			when /windows 95/
-				os_flavor = '95'
+				fp[:os_flavor] = '95'
 			when /windows 98/
-				os_flavor = '98'
+				fp[:os_flavor] = '98'
 			when /windows nt 4/
-				os_flavor = 'NT'
+				fp[:os_flavor] = 'NT'
 			when /windows nt 5.0/
-				os_flavor = '2000'
+				fp[:os_flavor] = '2000'
 			when /windows nt 5.1/
-				os_flavor = 'XP'
+				fp[:os_flavor] = 'XP'
 			when /windows nt 5.2/
-				os_flavor = '2003'
+				fp[:os_flavor] = '2003'
 			when /windows nt 6.0/
-				os_flavor = 'Vista'
+				fp[:os_flavor] = 'Vista'
 			when /windows nt 6.1/
-				os_flavor = '7'
+				fp[:os_flavor] = '7'
 			when /gentoo/
-				os_flavor = 'Gentoo'
+				fp[:os_flavor] = 'Gentoo'
 			when /debian/
-				os_flavor = 'Debian'
+				fp[:os_flavor] = 'Debian'
 			when /ubuntu/
-				os_flavor = 'Ubuntu'
+				fp[:os_flavor] = 'Ubuntu'
 			else
-				os_flavor = ''
+				fp[:os_flavor] = ''
 		end
-		case (ua_str)
+		case (ua_str.downcase)
 			when /ppc/
-				arch = ARCH_PPC
+				fp[:arch] = ARCH_PPC
 			when /x64|x86_64/
-				arch = ARCH_X86_64
+				fp[:arch] = ARCH_X86_64
 			when /i.86|wow64/
 				# WOW64 means "Windows on Windows64" and is present
 				# in the useragent of 32-bit IE running on 64-bit
 				# Windows
-				arch = ARCH_X86
+				fp[:arch] = ARCH_X86
 			else
-				arch = ARCH_X86
+				fp[:arch] = ARCH_X86
 		end
 
-		fp = {
-			:os_name   => os_name,
-			:os_flavor => os_flavor,
-			:arch      => arch,
-			:ua_string => ua_str,
-			:ua_name   => ua_name,
-			:ua_ver    => ua_ver
-		}
+		fp
 	end
 
 	#