Looking for some tips on browser fingerprinting.
In context, this is specifically what I'm trying to do (in a lab):
There's a client which is periodically browsing a webpage. I've got root on the webserver, and added a simple iframe to the page the browser gets, with a source address to my attacking machine. Now that it's sending GETs to me, I want to fingerprint it to try and attack the browser somewhat intelligently.
1) Googled the User Agent, as it shows in the access log on the webserver. Got absolutely nothing useful (that is, nothing new compared to what I got in item 2)
2) metasploit browser_autopwn ACTION=DefangedDetection tells me that it's Microsoft Windows Vista, x86. Nothing about the browser, sadly.
I am going to try BeEF... just found the tool via google, looks like it is already installed, and I just need to set it up:
Does anyone else have any other tools/methods they would recommend?