[WEB SECURITY] Fingerprinting web applications (Joomla, Mediawiki and Wordpress)
MustLive
mustlive at websecurity.com.ua
Mon Mar 1 16:55:50 EST 2010
Hello dd, Emilio Casbas and Henri Salo!
Topic of fingerprinting of web applications is also interesting for me (as
also topic of fingerprinting of server software, especially via web
applications). For last years I did my researches in this area, found many
of such Information leakage vulnerabilities in webapps and as already
mentioned in the list, I wrote a series of articles Information leakage
about version of the system. Which you can look at
(http://www.webappsec.org/lists/websecurity/archive/2010-02/msg00071.html).
And I'll read more in detail about your methods and applications, such as
WhatWeb and WAFP.
Advanced method of webapps fingerprinting, such as in WAFP, is good. But I
need to note, that they are not always needed (and also they not always can
work).
1. In many web applications there are Information leakage vulnerabilities
(as those mentioned in my series of articles). So in many cases this simple
method of fingerprinting can be used instead of advanced methods (like using
of relative file locations in webapps in conjunction with their md5
checksums).
2. This method (relative file locations + their md5 checksums) not always
applicable. For example, there are Webapp 1.0 and 1.0.1, which has only one
difference in one php file, where one hole was fixed (and this file has the
same response in both versions). It's possible to make md5 checksums only of
static files, not dynamic ones, so in this case this method will not help.
And if there is Information Leakage hole in webapp (leaking of the version),
then it'll help in this case. So simple method can help even in cases, when
advanced methods failed (so better to know this method).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
From: Henri Salo <henri at xxxxxxx>
Subject: Re: [WEB SECURITY] Fingerprinting web applications (Joomla,
Mediawiki and Wordpress)
Date: Thu, 4 Feb 2010 17:49:19 +0200
> Check <http://www.mytty.org/wafp/>.
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list