Features • Dependencies • Installation • Usage • Testing • Security
getos.c is an Open Source tool that tries to fingerprint the operating system of a remote host using the default TTL reply of ping. It combines the observed TTL with the hop count from traceroute to reconstruct the original TTL, then matches it against known defaults.
The results are valid only if the remote host has not changed its default TTL value. Use at your own risk.
Detected OS families:
| TTL | OS |
|---|---|
| 32 | Windows 95 / 98 / ME |
| 64 | Unix / Linux / FreeBSD / macOS |
| 128 | Windows Vista / 7 / 10 / 11 / Server 2008 |
| 255 | Solaris / AIX / Cisco |
Requires ping and traceroute to be installed and available on $PATH.
# Debian / Ubuntu
sudo apt install iputils-ping traceroute
# Arch
sudo pacman -S inetutils traceroute
# macOS (ping built-in, traceroute built-in)Compile with GCC:
gcc getos.c -o getos./getos www.example.com
./getos 192.168.1.1Example output:
Observed TTL: 54 Hops: 10 Reconstructed TTL: 64
Script finished. google.com is probably running Unix / Linux / FreeBSD / MacOSX.
Build and run the unit tests:
gcc -DTESTING test_getos.c -o test_getos && ./test_getosTests cover is_valid_host, find_executable, getClosest, and findClosest.
- Input is validated against an allowlist of characters valid in hostnames and IP addresses before being passed to the shell. Shell metacharacters are rejected.
- Dependencies are located by searching
$PATHat runtime rather than hardcoded paths. - Do not install this binary setuid. Running it as a normal user requires no elevated privileges.
Athanasios Emmanouilidis - MIT License