The BlindElephant is a Web Application Fingerprinter attempts to discover the
version of a (known) web application by comparing static files at known
locations against precomputed hashes for versions of those files in all
all available releases. The technique is fast, low-bandwidth,
non-invasive, generic, and highly automatize.
Tutorials ::
Discussion and Forum :: Click Here
Installation ::
Installation is only required if you plan to use BlindElephant as a
library. Make sure that your python installation has distutils, and then
do:
cd blindelephant/src
sudo python setup.py install
Example Usage (Command Line) ::
setup.py will have placed BlindElephant.py in your /usr/local/bin dir.
$ BlindElephant.py
Usage: BlindElephant.py [options] url appName
Options:
-h, --help show this help message and exit
-p PLUGINNAME, --pluginName=PLUGINNAME
Fingerprint version of plugin (should apply to web app
given in appname)
-s, --skip Skip fingerprinting webpp, just fingerprint plugin
-n NUMPROBES, --numProbes=NUMPROBES
Number of files to fetch (more may increase accuracy).
Default: 15
-w, --winnow If more than one version are returned, use winnowing
to attempt to narrow it down (up to numProbes
additional requests).
-l, --list List supported webapps and plugins
Use "guess" as app or plugin name to attempt to attempt to
discover which supported apps/plugins are installed.
$ python BlindElephant.py http://laws.qualys.com movabletype
Loaded /usr/local/lib/python2.6/dist-packages/blindelephant/dbs/movabletype.pkl with 96 versions, 2229 differentiating paths, and 209 version groups.
Starting BlindElephant fingerprint for version of movabletype at http://laws.qualys.com
Fingerprinting resulted in:
4.22-en
4.22-en-COM
4.23-en
4.23-en-COM
Best Guess: 4.23-en-COM
More Help :: Click Here
Download ::
Linux Command ::
svn co https://blindelephant.svn.sourceforge.net/svnroot/blindelephant/trunk blindelephant
Official Website :: http://blindelephant.sourceforge.net/
0 comments :
Post a Comment