Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Web server passive Googleprints

From: offtopic <offtopic () mail ru>
Date: Mon, 13 Sep 2004 09:57:17 +0400
According to Johnny Long where is two major method of  Web-server passive fingerprint via Google. 
It is  directory browsing footer/header 
(for example "[To Parent Directory]" "<dir>" shows IIS pages), and default web pages 
(for example intitle:Under.Construction "Disabling Dynamic" shows IIS 6.0 on W2K3).

I discovered another interesting and new (AFAIK) method which uses Netcraft Web servers monitoring service to provide 
more accurate Googleprints.

Examples:

site:netcraft.com intitle:That.Site.Running Apache 
site:netcraft.com intitle:That.Site.Running "Windows Server 2003"
site:netcraft.com intitle:That.Site.Running "Netscape-Enterprise/3.6" 

So, Netcraft scans Web servers, Google scans Netcraft, and we scan Google.

(c)oded by offtopic () mail ru

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: