Penetration Testing mailing list archives

RE: http fingerprinting

From: "Dieter Sarrazyn" <dsr () ascure com>
Date: Thu, 10 Apr 2003 11:41:24 +0200

Hi,

I'm not sure if it's this you're looking for but a little trick I used
with such a webserver was the following:

The webserver didn't give away it's type & version when I used nc or
telnet to grab it's banners but the following did work:

Start a sniffer (e.g. ethereal) and browse to the website (on the same
host). Then use the follow tcp stream function of ethereal on the first
Syn, Syn/Ack, Ack combination and you should see the server version. At
least this worked in my case, something worth to try?

Regards,
Dieter

-----Original Message-----
From: Rick Hoekman [mailto:rick () paranoia nl] 
Sent: woensdag 9 april 2003 2:57
To: pen-test () securityfocus com
Subject: http fingerprinting


Anyone know if there are tools to fingerprint webservers that 
do not give away their type and version?

As far as I know there is a paper/thesis on one tool called 
HMAP.pl. You can read it here 
http://seclab.cs.ucdavis.edu/papers/hmap-> thesis.pdf

Thanks!


Rick

-- 
"I know that you all think 
that I'm paranoid" -- anonymous "Paranoia is knowing all the 
facts" -- Woody Allen "Paranoia is reality seen on a finer 
scale." -- Philo Gant, Strange Days "Paranoia is heightened 
awareness" -- anonymous


--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. 
http://www.securityfocus.com/SurfControl-pen-> test2
Download a 
free trial and see just
what's going in and 
out of your organization. 
--------------------------------------------------------------


--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization.
--------------------------------------------------------------

Current thread:

http fingerprinting Rick Hoekman (Apr 09)
- Re: http fingerprinting Eric Haugh (Apr 10)
- Re: http fingerprinting Franck Veysset (Apr 10)
- Re: http fingerprinting Nicolas Gregoire (Apr 10)
- Re: http fingerprinting Wojciech Pawlikowski (Apr 10)
- Re: http fingerprinting shawnmer (Apr 11)
- <Possible follow-ups>
- Re: http fingerprinting Bill Pennington (Apr 10)
- RE: http fingerprinting Dieter Sarrazyn (Apr 10)