

Fingerprinting web applications (Wordpress, Joomla and Mediawiki) - j_lagof
http://sucuri.net/?page=docs&title=fingerprinting-web-apps

======
tptacek
This is fairly primitive. The techniques used by tools like nmap to
fingerprint operating systems were established in the early 90's by Comer, and
they involve behavioral testing. You should assume that even if you modify
_all_ the files in your (say) Wordpress distribution, an attacker can still
fingerprint it.

~~~
scorxn
Even though this technique is primitive, how would you say it compares to the
techniques used by run-of-the-mill comment spammers to identify and exploit
outdated installations? Are most of them stopping at meta generator?

~~~
bensummers
I doubt it's worth doing much more than looking at version comments in the
HTML, because the majority of people won't go to the effort of hiding the
version.

~~~
fossguy
Joomla, for example doesn't dump their version in the generator field (nor
does mediawiki, I believe). Only wordpress like to do that.

------
j_lagof
Very interesting research describing a simple way to detect which version a
web app is running.

They just fingerprint a few css/js files, get their md5sums and create a list
of them for each version...

