BlindElephant – WebApp Fingerprinting tool..so cool

Just found a new cool web app fingerprinting tool BlindElephant. It was presented at BlackHat USA 2010.

A really cool tool that computes hashes of files from the target server and compares with the hashes of known versions to identify the webapp version

 

$./BlindElephant.py http://www.andrewhay.ca/ wordpress

Loaded wordpresswith 159 versions, 599 differentiating paths, and 226 version groups.

Starting BlindElephantfingerprint for version of wordpressat http://www.andrewhay.ca

Fingerprinting resulted in:

3.0-RC1

3.0-RC1-IIS

 

Best Guess: 3.0-RC1

 

http://blindelephant.sourceforge.net/

 


 

Advertisements

About wikihead

A security freak
This entry was posted in security and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s