[Owasp-testing] New article on Web Application Fingerprint

Javier Fernandez-Sanguino jfernandez at germinus.com
Thu Dec 7 07:05:24 EST 2006


Mauro Bregolin dijo:
> I would add looking at cookies as another viable technique to perform
> fingerprinting. Depending on cookies names and formats it is possible to
> infer what web server / application server is being used.

True. It can also be used to detect elements inline which need to 
per-session tracking and avoid sending users to different backend 
servers. Nortel's Application Switch (formerly Alteon), Arrowpoint, F5's 
BIG-IPs and others do this.

> 
> The idea is documented in a couple of posts (and maybe in other places I am
> not aware of)
> http://seclists.org/pen-test/2006/Jan/att-0210/cookie_fingerprinting_txt
> http://seclists.org/pen-test/2006/Jan/0249.html
> 
> Don't know if Javier or others pursued further the idea or expanded the
> cookie db.

I did not pursue this much, attached is my latest version of the file. 
If you do some Google research on this subject you can probably fill it 
up more.

Regards

Javier

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cookie_fingerprinting.txt
Url: http://lists.owasp.org/pipermail/owasp-testing/attachments/20061207/ec63025e/attachment.txt 


More information about the Owasp-testing mailing list