| 关键词: nbsp http OPTIONS www Apache com server 1.1 host Microsoft |
作者:cnbird 来自:http://cnbird.99blog.com/ 题目:鉴定web服务器的指纹 1.发送相同的HTTP请求并且得到不同的回应 执行一单进程或者标准的HTTP向一服务器发送请求.考虑到准确的确定指纹应该在答复中改变差别. 2.为什么要确定指纹呢? ⑴确定版本的细节和可能安装的补丁 ⑵确定基本配置 ⑶对指纹发展对策 3.普通的web服务器 web server July 2003 Percent August 2003 百分率 变化 Apache 21353498 57.62 22859123 63.51 5.89 Microsoft 11866718 31.87 9139785 25.39 -6.48 Zeus 787071 2.11 765115 2.13 0.02 iPlanet 494568 1.33 486868 1.35 0.01 4.服务器的banner HEAD / HTTP/1.1 host:www.host.com Server: Apache/1.3.26(Unix) Server: Microsoft-IIS/5.0 Server: Netscape-Enterprise/4.1 5.WhiteHat 抓banner的工具 $wh_banner.pl http://host.com Server: Apache/1.3.26(Unix) 这个工具找了好长时间都没有找到,我打算自己写一个,近期我讲发布在我的blgo上欢迎大家来掏宝. 6.HTTP/1.1 RFC 2616 http;//www.ietf.org/rfc/rfc2616.txt 7.Apache的banner [cnbird@localhost]#telnet www.wiretrip.net 80 Trying 66.21.117.200..... Connect to www.wiretrip.net Escape character is '^]'. OPTIONS * HTTP/1.1 Host:www.wiretrip.net HTTP/1.1 200 OK Date:Thu,12 Sep 2003 01:55:09 GMT Content-Langth:0 Allow:GET,HEAD,OPTIONE,TRACE 8.OPTIONS * HTTP的请求: OPTIONS * HTTP/1.1 Host:www.host.com HTTP的答复: Allow:GET,HEAD,POST 9.Apache 1.3.x [cnbird@localhost]$telnet www.netcraft.com 80 Trying 195.92.95.5... Connected to www.netcraft.com. Escape character is '^]'. OPTIONS * HTTP/1.1 Host:www.netcraft.com HTTP/1.1 200 OK Date:Thu,12 Sep 2003 01:49:01 GMT Server:Apache/1.3.26(Unix) mod_perl/1.27 Content-Length:0 Allow:GET,HEAD,OPTIONS,TRACE Connection:close 10.Apache 2.0.x [cnbird@localhost]$telnet www.apache.org 80 Trying 63.251.56.142... Connected to www.apache.org. Escape character is '^]'. OPTIONS * HTTP/1.1 Host:www.apache.org HTTP/1.1 200 OK Date:Thu,12 Sep 2003 01:11:24 GMT Server:Apache/2.0.41-dev (Unix) Cache-Control:max-age=86400 Expires:Fri, 13 Sep 2003 01:11:24 GMT Allow:GET,HEAD,POST,OPTIONS,TRACE Content-Length:0 Content-Type:text/plain 11. Microsoft IIS 4.0 [cnbird@localhost]$telnet www8.compaq.com 80 Trying 161.114.19.218... Connected to www8.compaq.com. Escape character is '^]'. OPTIONS * HTTP/1.1 Host:www8.compaq.com HTTP/1.1 200 OK Server:Microsoft-IIS/4.0 Date:Thu, 12 Sep 2003 02:11:!2 GMT Public:OPTIONS,TRACE,GET,HEAD,POST,PUT,DELETE Content-Length:0 12. Microsoft IIS 5.0/6.0 [cnbird@localhost]$telnet www.dell.com 80 Trying 143.166.83.63... Connected to www.dell.com. Escape character is '^]'. OPTIONS * HTTP/1.1 Host:www.dell.com HTTP/1.1 200 OK Server:Microsoft-IIS/5.0 Date:Thu, 12 Sep 2003 02:02:24 GMT P3P: CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" PICS-Label: (pics-1.1 http://www.icra.org/ratingsv02.html" 1 r (cb 1 lz 1 nz 1 oz 1 vz 1) http://www.rsac.org/ratingsv01.htl 1 r (n 0 s 0 v 0 l 0)) P3P:policyref="http://www.dell.co/w3c/p3p.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Expires: Thu, 01 Dec 1994 8:00:00 GMT Set-Cookie:SITESERVER=ID=538382e81a644ec3b74518d300cf567d;domain=.dell.com;path=/;expires=Wed, 12-Sep-2007 02:02:24 GMT; Set-Cookie: SITESERVER_SESSION=ID=538382e81a644ec3b74518d300cf567d;domain=.dell.com;path=/; Content-Length:0 Accept-Ranges:bytes DASL:<DAV:sql> DAV:1,2 Public:OPTIONS,TRACE,GET,HEAD,DELETE,PUT,POST,COPY,MOVE,MKOL,PROPFIND,PROPPATCH,LOCK,UNLOCK,SEARCH Allow:OPTIONS,TRACE,GET,HEAD,DELETE,PUT,POST,COPY,MOVE,MKOL,PROPFIND,PROPPATCH,LOCK,UNLOCK,SEARCH Cache-Control:private 13:剩下的都是不经常用的web服务器了,我就不列举了.... 有兴趣的可以向我要原文..........同时也欢迎大家和我(550669)讨论关于UNIX的入侵方法和防御办法, |
|
声明:文章版权归原作者所有 部分文章转自互联网 如有侵权请联系
[邮箱地址] 删除
|