This method allows you to interogate the Fingerbank database with a device information and get the details about it.
Code | Description |
---|---|
404 | No device profiling result was found for the signatures that were provided. |
Example body: {"dhcp_fingerprint":"1,15,3,6,44,46,47,31,33,121,249,43"}
Example response: { "created_at": "2014-10-13T03:14:45.000Z", "device": { "created_at": "2014-09-09T15:09:51.000Z", "id": 33, "inherit": null, "mobile?": false, "name": "Microsoft Windows Vista/7 or Server 2008 (Version 6.0)", "parent_id": 1, "parents": [ { "approved": true, "created_at": "2014-09-09T15:09:50.000Z", "id": 1, "inherit": null, "mobile": null, "name": "Windows", "parent_id": null, "submitter_id": null, "tablet": null, "updated_at": "2014-09-09T15:09:50.000Z" } ], "updated_at": "2014-09-09T15:09:52.000Z" }, "id": 5733, "score": 50, "updated_at": "2014-11-13T17:39:36.000Z", "version": null }
Example using curl using DHCPv4 fingerprint: curl -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=
Example using curl without a body payload: curl 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?dhcp_fingerprint=1,15,3,6,44,46,47,31,33,121,249,43&key='
Example using curl using DHCPv4 fingerprint, User-Agent and MAC address: curl -X GET -d "{\"dhcp_fingerprint\":\"1,121,3,6,15,119,252\", \"user_agent\":\"Mozilla/5.0 (iPad; CPU OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G36 Safari/601.1\", \"mac\": \"e0b9ba88158a\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=
Example using curl with behavioral analysis: curl -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\", \"destination_hosts\":[\"updates.microsoft.com\"], \"mdns_services\":[\"_printer._tcp.local\"]}" --header "Content-type: application/json" 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?behavioral_analysis=true&key='
Param name | Description |
---|---|
key required |
Your API key Validations:
Metadata: Type: URL |
debug optional |
Whether or not to add additionnal debug information in the response. ‘on’ activates it Validations:
Metadata: Type: URL |
user_agent optional |
The User Agent of the device Validations:
Metadata: Type: payload |
dhcp_fingerprint optional |
The DHCP fingerprint of the device Validations:
Metadata: Type: payload |
dhcp6_fingerprint optional |
The DHCPv6 fingerprint of the device Validations:
Metadata: Type: payload |
dhcp_vendor optional |
The DHCP vendor of the device Validations:
Metadata: Type: payload |
dhcp6_enterprise optional |
The DHCPv6 enterprise of the device Validations:
Metadata: Type: payload |
mac optional |
The MAC address of the device Validations:
Metadata: Type: payload |
behavioral_analysis optional |
Whether or not to perform behavioral analysis during this query. Validations:
Metadata: Type: URL |
destination_hosts optional |
The destination hosts (domains) this combination has send data to Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. |
mdns_services optional |
The MDNS services that this combination has advertised Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. |
upnp_user_agents optional |
The UPnP User Agents (USER-AGENT header) that this combination has advertised Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. |
upnp_server_strings optional |
The UPnP Server strings (SERVER header) that this combination has advertised Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. |
tcp_syn_signatures optional |
The TCP SYN signatures detected for this combination. The signatures must follow the p0f standard. Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0 |
tcp_syn_ack_signatures optional |
The TCP SYN-ACK signatures detected for this combination. The signatures must follow the p0f standard. Validations:
Metadata: Type: payload Behavioral data: This is behavioral data and will not be persisted to the database. Make sure you include the behavioral_analysis parameter in your query. Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0 |