Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8f74fe2

Browse files
committed
Added new HTTP response headers on which fingerprint web app technology and web server OS.
Updated documentation.
1 parent 736b2e7 commit 8f74fe2

12 files changed

Lines changed: 305 additions & 162 deletions

File tree

doc/README.html

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -317,6 +317,17 @@ <H2><A NAME="s3">3.</A> <A HREF="#toc3">Download and update</A></H2>
317317
option to update it to the latest stable version available on its
318318
<A HREF="http://sourceforge.net/project/showfiles.php?group_id=171598&amp;package_id=196107">SourceForge File List page</A>.</P>
319319

320+
<P>You can also checkout the source code from the sqlmap
321+
<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">Subversion</A>
322+
repository to give a try to the development release:</P>
323+
<P>
324+
<BLOCKQUOTE><CODE>
325+
<PRE>
326+
$ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
327+
</PRE>
328+
</CODE></BLOCKQUOTE>
329+
</P>
330+
320331

321332
<H2><A NAME="s4">4.</A> <A HREF="#toc4">License and copyright</A></H2>
322333

doc/README.pdf

617 Bytes
Binary file not shown.

doc/README.sgml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -280,6 +280,15 @@ option to update it to the latest stable version available on its
280280
<htmlurl url="http://sourceforge.net/project/showfiles.php?group_id=171598&amp;package_id=196107"
281281
name="SourceForge File List page">.
282282

283+
<p>
284+
You can also checkout the source code from the sqlmap
285+
<htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/" name="Subversion">
286+
repository to give a try to the development release:
287+
288+
<tscreen><verb>
289+
$ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
290+
</verb></tscreen>
291+
283292

284293
<sect>License and copyright
285294

doc/THANKS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,9 @@ Will Holcomb <[email protected]>
5151
Luke Jahnke <[email protected]>
5252
for reporting a bug when running against MySQL < 5.0
5353

54+
Nico Leidecker <[email protected]>
55+
for providing with feedback on a few features
56+
5457
Pavol Luptak <[email protected]>
5558
for reporting a bug when injecting on a POST data parameter
5659

lib/parse/headers.py

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -41,28 +41,30 @@ def headersParser(headers):
4141
and the web application technology
4242
"""
4343

44+
# It is enough to parse the headers on first four HTTP responses
4445
if kb.headersCount > 3:
4546
return
4647

4748
kb.headersCount += 1
4849

49-
# TODO: ahead here
5050
topHeaders = {
51-
#"cookie": "%s/cookie.xml" % paths.SQLMAP_XML_BANNER_PATH,
52-
#"microsoftsharepointteamservices": "%s/microsoftsharepointteamservices.xml" % paths.SQLMAP_XML_BANNER_PATH,
51+
"cookie": "%s/cookie.xml" % paths.SQLMAP_XML_BANNER_PATH,
52+
"microsoftsharepointteamservices": "%s/sharepoint.xml" % paths.SQLMAP_XML_BANNER_PATH,
5353
"server": "%s/server.xml" % paths.SQLMAP_XML_BANNER_PATH,
54-
#"servlet-engine": "%s/servlet-engine.xml" % paths.SQLMAP_XML_BANNER_PATH,
55-
#"set-cookie": "%s/cookie.xml" % paths.SQLMAP_XML_BANNER_PATH,
56-
#"www-authenticate": "%s/www-authenticate.xml" % paths.SQLMAP_XML_BANNER_PATH,
57-
#"x-aspnet-version": "%s/x-aspnet-version.xml" % paths.SQLMAP_XML_BANNER_PATH,
54+
"servlet-engine": "%s/servlet.xml" % paths.SQLMAP_XML_BANNER_PATH,
55+
"set-cookie": "%s/cookie.xml" % paths.SQLMAP_XML_BANNER_PATH,
56+
"x-aspnet-version": "%s/x-aspnet-version.xml" % paths.SQLMAP_XML_BANNER_PATH,
5857
"x-powered-by": "%s/x-powered-by.xml" % paths.SQLMAP_XML_BANNER_PATH,
5958
}
6059

6160
for header in headers:
6261
if header in topHeaders.keys():
63-
value = headers[header]
62+
value = headers[header]
6463
xmlfile = topHeaders[header]
64+
6565
checkFile(xmlfile)
66+
6667
handler = FingerprintHandler(value, kb.headersFp)
68+
6769
parse(xmlfile, handler)
6870
parse(paths.GENERIC_XML, handler)

xml/banner/cookie.xml

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
3+
<!--
4+
References:
5+
* http://www.http-stats.com/Set-Cookie2
6+
* http://www.owasp.org/index.php/Category:OWASP_Cookies_Database
7+
-->
8+
9+
<root>
10+
<regexp value="ASPSESSIONID">
11+
<info technology="Microsoft IIS|ASP" type="Windows" distrib="2000"/>
12+
</regexp>
13+
14+
<regexp value="ASP\.NET_SessionId">
15+
<info technology="Microsoft IIS|ASP.NET" type="Windows" distrib="2003"/>
16+
</regexp>
17+
18+
<regexp value="JSESSIONID">
19+
<info technology="JSP"/>
20+
</regexp>
21+
22+
<regexp value="PHPSESSION">
23+
<info technology="PHP"/>
24+
</regexp>
25+
26+
<regexp value="Apache">
27+
<info technology="Apache"/>
28+
</regexp>
29+
30+
<regexp value="JServSessionId">
31+
<info technology="Apache|JSP"/>
32+
</regexp>
33+
</root>

xml/banner/generic.xml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
<root>
44
<!-- Windows -->
5+
56
<regexp value="(Microsoft|Windows|Win32)">
67
<info type="Windows"/>
78
</regexp>
@@ -39,6 +40,7 @@
3940
</regexp>
4041

4142
<!-- Linux -->
43+
4244
<regexp value="Linux">
4345
<info type="Linux"/>
4446
</regexp>
@@ -88,6 +90,7 @@
8890
</regexp>
8991

9092
<!-- Unices -->
93+
9194
<regexp value="FreeBSD">
9295
<info type="FreeBSD"/>
9396
</regexp>

0 commit comments

Comments
 (0)