web application – blindElephant web app fingerprinter

The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable.

backtrack 5 r1

/pentest/web/blindelephant/src/blindelephant

Use “guess” as app or plugin name to attempt to attempt to discover which supported apps/plugins are installed.

root@bt:/pentest/web/blindelephant/src/blindelephant# python BlindElephant.py http://ip-address guess

you can replace guess with a dbs exsample

root@bt:/pentest/web/blindelephant/src/blindelephant#python BlindElephant.py http://ip-address confluence

/pentest/web/blindelephant/src/blindelephant/dbs

confluence
drupal
joomla
liferay
mediawiki
moodle
movabletype
oscommerce
phpbb
phpmyadmin
phpnuke
spip
tikiwiki
twiki
wordpress

2 thoughts on “web application – blindElephant web app fingerprinter

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s