Using Automated Scanning ToolsĪs stated earlier, web server fingerprinting is often included as a functionality of automated scanning tools. One way to compel a server to present these is by sending intentionally incorrect or malformed requests.įor example, here is the response to a request for the non-existent method SANTA CLAUS from an Apache server.Īs default error pages offer many differentiating factors between types of web servers, their examination can be an effective method for fingerprinting even when server header fields are obscured.
Web servers may be identified by examining their error responses, and in the cases where they have not been customized, their default error pages. However, considering that a number of different web servers may share the same field ordering and fields can be modified or removed, this method is not definite. Testers can use this information to guess that the obscured server is nginx. However, in both the nginx and obscured server examples, the fields in common follow this order: Note that in the Apache example above, the fields follow this order: In cases where the server information is obscured, testers may guess the type of server based on the ordering of the header fields. This can be accomplished using a variety of tools, including telnet for HTTP requests, or openssl for requests over TLS/SSL.įor example, here is the response to a request from an Apache server. Banner GrabbingĪ banner grab is performed by sending an HTTP request to the web server and examining its response header. They all strive to elicit some response from the web server which can then be compared to a database of known responses and behaviors, and thus matched to a known server type. The fundamental premise by which all these techniques operate is the same. Techniques used for web server fingerprinting include banner grabbing, eliciting responses to malformed requests, and using automated tools to perform more robust scans that use a combination of tactics. Determine the version and type of a running web server to enable further discovery of any known vulnerabilities.
#LITESPEED WEB SERVER VULNERABILITIES SOFTWARE#
In particular, servers running older versions of software without up-to-date security patches can be susceptible to known version-specific exploits. While web server fingerprinting is often encapsulated in automated testing tools, it is important for researchers to understand the fundamentals of how these tools attempt to identify software, and why this is useful.Īccurately discovering the type of web server that an application runs on can enable security testers to determine if the application is vulnerable to attack. Web server fingerprinting is the task of identifying the type and version of web server that a target is running on. Home > Latest > 4-Web Application Security Testing > 01-Information Gathering Fingerprint Web Server ID
0 kommentar(er)
