Posted by: jasonk2600 | January 1, 2010

Web Application Fingerprinting


This how to explains how to fingerprint web applications using the WAFP tool on a system running Debian GNU/Linux.  The WAFP tool can also run on any other system that can run Ruby with SQLite3 and OpenSSL libraries.


Download the WAFP (Web Application Finger Printing) tool.

Install the required dependencies for the WAFP tool using the aptitude software package management utility.

# aptitude install ruby libsqlite3-ruby libopenssl-ruby


Finally, extract the WAFP archive.

# tar -xvzf wafp-0.01-26c3.tar.gz
# cd wafp-0.01-26c4



Using the WAFP tool is very straightforward.  Simply run the tool with the URL of the Web application that you want to attempt to fingerprint.

# ./wafp.rb
Collecting and fetching the files we need to identify the product ...
found the following matches (limited to 10):
 serendipity-1.3      430 / 571  (75.31%)
 serendipity-1.3.1    430 / 571  (75.31%)
 serendipity-1.2      407 / 554  (73.47%)
 serendipity-1.2.1    408 / 556  (73.38%)
 serendipity-1.0.2    326 / 448  (72.77%)
 serendipity-1.0      326 / 448  (72.77%)
 serendipity-1.0.4a   326 / 448  (72.77%)
 serendipity-1.0.1    326 / 448  (72.77%)
 serendipity-1.0.3a   326 / 449  (72.61%)
 serendipity-1.1.3    349 / 482  (72.41%)
 WAFP 0.01-26c3  - - - - - - - - -


The process of fingerprinting a Web application can be greatly spead up if you have some idea of what the application may be. WAFP can be instructed to only compare the URL to specific Web application fingerprints by using the -p command line options.

# ./wafp.rb -p wordpress


The preceding is the basic usage of WAFP, for more information on other options see the included README and HOWTO files.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: