Description
First
steps when performing a web application penetration test is to find the
version of the web server and the web application. The reason for that
is, it permits us
to discover all the known vulnerabilities that are affecting the web
server and the web application. For doing this we will get a lot of
information like application name, software version, web server info,
OS, and more
How to Test
There are several way to identify the web server and web application details. here we will use some of them.
HTTP response header to Fingerprint Web Server and Web Application.
It can be perform different way but here we will do with netcat and telnet command.
We will send an HTTP request by using the HEAD method through Netcat command
We will send an HTTP request by using the HEAD method via telnet command
As we can identify from the above HTTP response header,
1. Type of the web server from the Server filed name along with the version.
2. Type of the technology from the
X-Powered-By field name along with the version.
3. Web application is
running on the web server which is a Ubuntu.
Cookies to Fingerprint Web Application
Another way to determine the web application framework are looking for framework specific cookies.
HTML Source code to fingerprint web application
In
some cases the web application framework and version can be discovered
through
source code inspection. So it is always to look there as
well.You can see in the following example that we have discovered the
application framework by looking at the comments and footer tag.
File Extensions to fingerprint web application
Some time file extension will disclosure the web application technology.
In
above post we saw few methods to identify the web server and web
application fingerprinting. There are more methods and different tools
available to verify the fingerprinting result precisely.
https://www.owasp.org/index.php/Testing_for_Web_Application_Fingerprint_(OWASP-IG-004)
No comments:
Post a Comment