Nmap Development mailing list archives
Re: NSE - Sitecore version detection
From: David Fifield <david () bamsoftware com>
Date: Mon, 10 Sep 2012 13:23:43 -0700
On Thu, Sep 06, 2012 at 06:51:23PM +0100, Hani Benhabiles wrote:
On 09/04/2012 07:51 PM, Jesper Kückelhahn wrote:Hi,Hi Jesper,Thanks for your reply, Hani. I've looked into the http-enum script (and the fingerprint file), and it does make sense to extend this instead of creating a bunch of new stand-alone scripts. I've attached the diff output for nmap/nselib/data/http-fingerprints.lua with the Sitecore version extraction.Are you sure about these fingerprints, especially the /sitecore/ prefix which could be just the folder used for the application you are testing against. (ie. something like /blog/ is not related to wordpress itself). I am trying to find out any occurrences in the wild but so far my Google-fu returned nothing valuable, yet. Do you know of any which are on the internet. (you could email me off-list if needed)
I'm fine with adding these fingerprints now, and then perhaps changing them in the future if it turns out that /sitecore/ isn't a hardcoded prefix. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE - Sitecore version detection Jesper Kückelhahn (Sep 03)
- Re: NSE - Sitecore version detection Hani Benhabiles (Sep 03)
- Re: NSE - Sitecore version detection Jesper Kückelhahn (Sep 04)
- Re: NSE - Sitecore version detection Hani Benhabiles (Sep 06)
- Re: NSE - Sitecore version detection David Fifield (Sep 10)
- Message not available
- Re: NSE - Sitecore version detection Hani Benhabiles (Sep 12)
- Re: NSE - Sitecore version detection Jesper Kückelhahn (Sep 04)
- Re: NSE - Sitecore version detection Hani Benhabiles (Sep 03)
- <Possible follow-ups>
- NSE - Sitecore version detection Jesper Kückelhahn (Sep 05)