Re: New script - http-favicon.nse

[Fyodor <fyodor () insecure org>]

On Thu, Nov 06, 2008 at 10:32:54AM -0600, Kris Katterjohn wrote:
> I think this idea is very cool, and I notice your NSE script seems to be based
> on a Nessus script[1].  I just want to make sure there are no copyright issues
> here, since your script seems to have more in common than just the idea (MD5s
> and names for the first six look like verbatim copies).  Correct me if I'm
> wrong, but I don't see even a mention of this in your email or script.

Great catch!  It is very important that we credit our sources.

I do think the script itself has potential.  What would be
particularly useful is if someone did an -iR scan (-p80 -n -PN) with
the script and collected all the favicon fingerprints.  Then you could
reverse-sort them by frequency and figure out the software behind the
most common ones (and add it to the DB).  Neither the Nessus plugin
nor the Nikto one seem very comprehensive.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org