httprecon – Advanced Web Server Fingerprinting
httprecon is a tool for advanced web server fingerprinting, similar to httprint that we mentioned previously.The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.
Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easiness and efficiency of this kind of enumeration. Traditional approaches as like banner-grabbing, status code enumeration and header ordering analysis are used. However, many other analysis techniques were introduced to increase the possibilities of accurate web server fingerprinting.
There are nine test cases in which the behavior of the target service ismapped. These are:
- legitimate GET request for an existing resource
- very long GET request (>1024 bytes in URI)
- common GET request for a non-existing resource
- common HEAD request for an existing resource
- allowed method enumeration with OPTIONS
- usually not permitted http method DELETE
- not defined http method TEST
- non-existing protocol version HTTP/9.8
- GET request including attack patterns (e.g. ../ and %%)
You can download httprecon 4.3 here:
Binary – httprecon-4.3.zip
Source – httprecon-4.3src.zip
0 comments:
Post a Comment