[Owasp-testing] New article on Web Application Fingerprint

Javier Fernandez-Sanguino jfernandez at germinus.com
Thu Dec 7 07:05:24 EST 2006

Mauro Bregolin dijo:
> I would add looking at cookies as another viable technique to perform
> fingerprinting. Depending on cookies names and formats it is possible to
> infer what web server / application server is being used.

True. It can also be used to detect elements inline which need to 
per-session tracking and avoid sending users to different backend 
servers. Nortel's Application Switch (formerly Alteon), Arrowpoint, F5's 
BIG-IPs and others do this.

> The idea is documented in a couple of posts (and maybe in other places I am
> not aware of)
> http://seclists.org/pen-test/2006/Jan/att-0210/cookie_fingerprinting_txt
> http://seclists.org/pen-test/2006/Jan/0249.html
> Don't know if Javier or others pursued further the idea or expanded the
> cookie db.

I did not pursue this much, attached is my latest version of the file. 
If you do some Google research on this subject you can probably fill it 
up more.



-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cookie_fingerprinting.txt
Url: http://lists.owasp.org/pipermail/owasp-testing/attachments/20061207/ec63025e/attachment.txt 

More information about the Owasp-testing mailing list