|
HTTP Fingerprinting Simplified
With latest version of httprint tool, you can collect as well as analyze signatures of Web servers, detect changes in Web servers, and also perform Web server inventory
Swapnil Arora
Friday, November 02, 2007
httprint is a Web server fingerprinting tool that identifies the type of the
running HTTP server, and also detects whether a Web server is obfuscated using a
third party software or not. It uses the HTTP fingerprinting technique that is
quite popular amongst pen testers. One can use it for Web server inventory and
detecting Web enabled devices.
This tool supports automatic SSL detection and analysis. You can gather
various details about SSL certificates such as who is the issuer, issue date,
certificate's expiry date etc. Its signatures database is in a text file, and
these signatures are used to analyze the signatures that the scanned Web server
generates. You can also customize its signature database. It lets you import Web
server's details from an nmap scan and can be installed on all versions of
Windows, Linux, and Mac OS X.
 |
 |
| Below 'Host' option
provide the name & port no of the Web server. To add more hosts, right click
and choose 'Add new' option. Click on Start to begin the scanning process |
Once the scanning is
done, you can view the banner reported by the Web server and banner deduced
by the http print. A difference between the two implies obfuscation |
| |
 |
 |
| After selecting the
detected Web server, you can see the http signature returned from the server
and also the OS on which the Web server is running |
httprint also
generates a detailed report of the scan performed. In the screenshot above,
you can see a detailed SSL analysis done by httprint tool |
Page(s) 1
|
