winzip icon

httprecon 1.0

Submitted on: 2/18/2015 10:08:00 AM
By: Marc Ruef (from psc cd)  
Level: Advanced
User Rating: By 4 Users
Compatibility: VB 6.0
Views: 3030
     httprecon provides the possibility of advanced web server fingerprinting: Besides the well-known enumeration of http response status codes and header-ordering several other fingerprinting mechanisms were introduced. For example the capitalization of header lines, the use of spaces and the structure of ETag values (e.g. length and quotes). There are nine test cases in which the behavior of the target service is mapped. These are: - legitimate GET request for an existing resource - very long GET request (>1024 bytes in URI) - common GET request for a non-existing resource - common HEAD request for an existing resource - allowed method enumeration with OPTIONS - usually not permitted http method DELETE - not defined http method TEST - non-existing protocol version HTTP/9.8 - GET request including attack patterns (e.g. ../ and %%) This increases the amount of fingerprints to distinguish the given implementation. Thus, the accuracy of the fingerprinting series is very high. Theoretically httprecon 1.x is able to generate approx. 198 fingerprint atoms per full scan run (usually between 80 and 120 are given). More details and a documentation is available on the project web site. New fingerprints can be saved within the local data base. A simple flat file structure is used which introduces the possibility of manual editing and verification. There is also the possibility to suggest new fingerprints for the official repositories. Scans and the results can be exported to an XHTML 1.0 report. Other formats (TXT, CVS, XML, Word) are planned. The current software release is written in VB6 for win32 and provided under the General Public License (GPL). Ports to other platforms (a Linux command line edition is under developement) will come. The fingerprint data base is also available on the project web site which allows the creation of statistical analysis for surveys (e.g. most common is this kind of content-type in default installation of Apache 1.2.34). This implementation is a kind of proof-of-concept within a bigger picture: It shall be the foundation for a framework which is able to identify different services (e.g. smtp, ftp, telnet, ssh, oracle-tns, ...). The long-term goal is the developement of a very fast an reliable vulnerability scanner which combines this approach with the plugin and exploiting technique known by solutions like Nessus or ATK... Feel free to test and use the application. A appriciate new fingerprints of course. Upload them via the built-in save & submit function. Bug reports and feature requests can be sent via email to me directly. Thank you.

winzip iconDownload code

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come out every day, so no prevention program can catch 100% of them. For your own safety, please:
  1. Re-scan downloaded files using your personal virus checker before using it.
  2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
  3. Scan the source code with Minnow's Project Scanner

If you don't have a virus scanner, you can get one at many places on the net

Other 6 submission(s) by this author


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this code (in the Advanced category)?
(The code with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)

Other User Comments

 There are no comments on this submission.

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular code, please click here instead.)

To post feedback, first please login.