07 Apr, 2023

Finger

Penetration Testing as a service (PTaaS)

Tests security measures and simulates attacks to identify weaknesses.

The Finger protocol is a simple text-based protocol used to retrieve information about a user or system on a network. It was originally developed in the early days of the internet as a way for users to see who was logged into a particular system and what they were working on. The protocol works by sending a query to a remote system and receiving a response that includes information about the requested user or system, such as their username, full name, email address, and the time they last logged in. While the Finger protocol is not widely used today due to security concerns, it was an important early tool for network administrators and users to connect and communicate.

Finger common ports

Port 79: This is the default port used for the Finger protocol.

Port 2003: This port is sometimes used as an alternative to port 79 for Finger communication.

Port 4444: This port is also sometimes used for Finger communication.

Standard commands from unauthorized users

Querying a user: An unauthorized user can use the Finger protocol to query information about a specific user on the network. This can be done by sending a command in the following format: finger username@hostname. This will return information about the specified user, such as their full name, email address, and the time they last logged in.

Listing all users: An unauthorized user can use the Finger protocol to list all users on the network. This can be done by sending a command in the following format: finger @hostname. This will return a list of all users on the network, along with their full name and the time they last logged in.

Querying a system: An unauthorized user can also use the Finger protocol to query information about a specific system on the network. This can be done by sending a command in the following format: finger @hostname. This will return information about the specified system, such as its name, version, and other system information.

Tools for using protocol Finger

Manual Tools:

  • Finger – The original Finger command-line tool that is used to query information about users on a remote system, including their login name, full name, and the last time they logged in.

  • Telnet – A protocol that allows you to connect to a remote system and interact with it using a command-line interface. You can use Telnet to connect to a Finger server and query user information.

  • Netcat – A utility that can be used to establish TCP or UDP connections to remote systems and transfer data. You can use Netcat to connect to a Finger server and query user information.

  • PuTTY – A popular Telnet and SSH client for Windows that allows you to connect to a remote system and interact with it using a command-line interface. You can use PuTTY to connect to a Finger server and query user information.

  • TeraTerm – A free Telnet and SSH client for Windows that allows you to connect to a remote system and interact with it using a command-line interface. You can use TeraTerm to connect to a Finger server and query user information.

  • Minicom – A serial communication program that can be used to connect to remote systems using a modem or serial cable. You can use Minicom to connect to a Finger server and query user information.

  • HyperTerminal – A terminal emulation program that is included with some versions of Windows. You can use HyperTerminal to connect to a Finger server and query user information.

Automated Tools:

  • Nmap – A network exploration and security auditing tool that can be used to scan for open Finger ports on remote systems.

  • Metasploit – A popular framework for developing and executing exploits against remote systems. Metasploit includes a module for Finger exploitation that can be used to gather user information.

  • Nessus – A vulnerability scanner that can be used to identify security issues on remote systems, including open Finger ports.

  • OpenVAS – A free and open-source vulnerability scanner that can be used to identify security issues on remote systems, including open Finger ports.

  • Nikto – A web server scanner that can be used to identify vulnerabilities in web servers, including those that are running Finger services.

  • Skipfish – A web application security scanner that can be used to identify vulnerabilities in web applications, including those that are running Finger services.

  • OWASP ZAP – An intercepting proxy that can be used to identify and exploit vulnerabilities in web applications, including those that are running Finger services.

  • Burp Suite – A web application security testing tool that can be used to identify and exploit vulnerabilities in web applications, including those that are running Finger services.

  • Sqlmap – A tool for identifying and exploiting SQL injection vulnerabilities in web applications, including those that are running Finger services.

  • Fierce – A DNS reconnaissance tool that can be used to gather information about a target domain, including Finger services that may be running on associated hosts.

  • theHarvester – A tool for gathering email addresses, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

Browser Plugins:

  • Finger Search – A Chrome extension that allows you to perform Finger queries directly from your browser.

  • Fingerprints – A Firefox extension that allows you to perform Finger queries directly from your browser.

Last known CVE for Finger

CVE-2019-10059 – The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.

Useful information

– Finger ports are used for the Finger protocol, which is used to retrieve information about users or systems on a network.

– The Finger protocol is based on Request for Comments document RFC 742 (December 1977) and is an interface to the name and finger programs that provide status reports on a particular computer system or a particular person at network sites.

– The Finger protocol is typically used to retrieve information such as a user’s full name, email address, and the time they last logged in.

– Port 79 is the default port used for the Finger protocol.

– The Finger protocol has several security concerns, and many modern systems and networks have disabled it entirely.

– Unauthorized users should not have access to use the Finger protocol, as it can potentially expose sensitive information and compromise the security of the network.

– Manual tools such as Telnet, Netcat, and PuTTY can be used to test Finger ports.

– Automated tools such as Nessus, OpenVAS, and Metasploit can be used to automatically test for vulnerabilities in the Finger protocol on a remote system.

– Browser plugins such as FoxyProxy and Burp Suite can be used to test the Finger protocol by intercepting and analyzing Finger traffic in the browser.

– It’s important to secure Finger ports on a network to prevent unauthorized access and protect against potential security vulnerabilities.

Known banners

Unix Finger daemon – This is the default banner that is displayed when a Finger daemon is running on a Unix-based system.

Windows NT Finger daemon – This is the default banner that is displayed when a Finger daemon is running on a Windows NT-based system.

CERN httpd Finger daemon – This banner may be displayed when a CERN httpd Finger daemon is running.

Cisco IOS Finger daemon – This banner may be displayed when a Cisco IOS device is running a Finger daemon.

OpenBSD Finger daemon – This banner may be displayed when an OpenBSD system is running a Finger daemon.

Debian GNU/Linux Finger daemon – This banner may be displayed when a Debian GNU/Linux system is running a Finger daemon.

Solaris Finger daemon – This banner may be displayed when a Solaris system is running a Finger daemon.

Books for studies Finger

“Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning” by Gordon Fyodor Lyon – This book includes a section on scanning for Finger services using Nmap.

“Metasploit: The Penetration Tester’s Guide” by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni – This book includes information on using Metasploit to test for Finger services on a network.

“The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference” by Charles Kozierok – This book includes a brief overview of the Finger protocol and its usage.

“Network Security Assessment: Know Your Network” by Chris McNab – This book includes a section on fingerprinting and identifying services, including Finger, on a network.

“Hacking: The Art of Exploitation” by Jon Erickson – This book includes a chapter on using the Finger protocol to gather information about users on a remote system.

“The Basics of Hacking and Penetration Testing” by Patrick Engebretson – This book includes a section on reconnaissance and information gathering, which covers using Finger to gather information about users on a remote system.

Mitigation

  1. The easiest way to mitigate the risks associated with Finger is to disable it altogether. This can be done by blocking the Finger protocol on the network or by disabling the Finger service on individual systems.

  2. If Finger is required for certain users, limit access to the protocol to only those users who need it. This can be done by using access control lists (ACLs) or group policies to restrict access to the Finger service.

  3. Use strong authentication methods such as Kerberos or SSL/TLS to ensure that only authorized users can access the Finger service.

  4. Ensure that all software associated with the Finger protocol is up to date with the latest security patches. This includes both the operating system and any applications that use the Finger protocol.

  5. Monitor the logs generated by the Finger service for any unusual activity or traffic patterns that could indicate a potential security breach. This can be done through the use of security information and event management (SIEM) tools.

  6. Educate users on the risks associated with the Finger protocol and the importance of not sharing sensitive information over the network.

Conclusion

Finger is a protocol that allows users to access information about a specific user on a remote system. Finger ports are used to communicate with the Finger service, which is typically running on port 79. However, Finger has been largely deprecated due to security concerns, as it can potentially expose sensitive information and allow attackers to gather reconnaissance about a target system or network.

Other Services

Ready to secure?

Let's get in touch