-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPKG-INFO
149 lines (110 loc) · 5.97 KB
/
PKG-INFO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
Metadata-Version: 2.1
Name: WebServerIdentifier
Version: 1.1.0
Summary: This package identifies Web servers using an aggressive technique based on the maximum size of the URI.
Home-page: https://github.com/mauricelambert/WebServerIdentifier
Author: Maurice Lambert
Author-email: [email protected]
Maintainer: Maurice Lambert
Maintainer-email: [email protected]
License: GPL-3.0 License
Project-URL: Documentation, https://mauricelambert.github.io/info/python/security/WebServerIdentifier.html
Project-URL: Executable, https://mauricelambert.github.io/info/python/security/WebServerIdentifier.pyz
Project-URL: Presentation, https://www.slideshare.net/MauriceLambert1/webmaxuriidentifierpdf
Keywords: ARP,arpcachepoisonning,arpcachepoison,network,ManInTheMiddle,MIM,Security,DoS,DenialOfService
Platform: Windows
Platform: Linux
Platform: MacOS
Classifier: Programming Language :: Python
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Web Environment
Classifier: Environment :: Console
Classifier: Topic :: Security
Classifier: Topic :: Internet :: WWW/HTTP :: HTTP Servers
Classifier: Natural Language :: English
Classifier: Programming Language :: Python :: 3.9
Classifier: Operating System :: POSIX :: Linux
Classifier: Operating System :: Microsoft :: Windows
Classifier: Operating System :: MacOS
Requires-Python: >=3.6
Description-Content-Type: text/markdown
License-File: LICENSE.txt
# WebServerIdentifier
## Description
This package identifies Web servers using an aggressive technique based on the maximum size of the URI. In some configurations this technique can even identify web servers placed behind a proxy web server without any identifiable content.
For more information about this technique, please read this [PDF](https://www.slideshare.net/MauriceLambert1/webmaxuriidentifierpdf) ([github.io](https://mauricelambert.github.io/info/python/security/Web-MaxUriIdentifier.pdf)).
This technique performs an in depth identification with certain configurations. An example is available at the [bottom of this README](https://github.com/mauricelambert/WebServerIdentifier#in-depth-identification).
## Requirements
This package require:
- python3
- python3 Standard Library
- PythonToolsKit
## Installation
```bash
pip install WebServerIdentifier
```
## Usages
### Command lines
```bash
python3 -m WebServerIdentifier -h # Use python module
python3 WebServerIdentifier.pyz --help # Use python executable
WebIdentify -d -v -m HEAD identify 127.0.0.1 # Use console script entry point
WebIdentify -i 1 identify 127.0.0.1:8000 # Spoof multiple targets (verbose mode)
WebIdentify -m HEAD getmaxuri 127.0.0.1:8000 # Spoof range of targets
WebIdentify -d -v -m HEAD -i 1 getmaxuri 127.0.0.1 # Spoof all network
WebIdentify 127.0.0.1 127.0.0.0/29 -s -t 1 # Semi (spoof only gateway IP for the targets, interval is 1 seconds)
WebIdentify 127.0.0.1 127.0.0.0/29 -i 127.0. # Use the loopback interface
WebIdentify 172.16.10.1 172.16.0.33 -p # Passive mode
```
### Python3
```python
from WebServerIdentifier import WebServerIdentifier, _create_unverified_context
identifier = WebServerIdentifier("127.0.0.1", baseuri="/", ssl=True, context=_create_unverified_context(), port=8000, interval=0.5, timeout=2)
identifier = WebServerIdentifier("127.0.0.1")
response = identifier.request()
response.status
response.reason
r = identifier.request(method="HEAD", size=65535)
r.status
r.reason
for size, r in identifier.get_max_URI_size():
print(size, r.status, r.reason)
for size, r in identifier.get_max_URI_size(method="HEAD"): pass
for r, size, servers in identifier.identify_server(): pass
for r, size, servers in identifier.identify_server(method="HEAD"):
print(size, r.status, r.reason, servers)
server = server.pop()
```
## In depth identification
In this example, we have a ruby web server protected by an NGINX web proxy. The maximum ruby web server URI size is 2015 characters and the maximum NGINX web proxy URI size is 6132 characters. It is possible to detect the ruby web server without any specific content, this screenshot proves it:
## Links
- [Github Page](https://github.com/mauricelambert/WebServerIdentifier)
- [Pypi](https://pypi.org/project/WebServerIdentifier/)
- [Documentation](https://mauricelambert.github.io/info/python/security/WebServerIdentifier.html)
- [Executable](https://mauricelambert.github.io/info/python/security/WebServerIdentifier.pyz)
- [PDF](https://www.slideshare.net/MauriceLambert1/webmaxuriidentifierpdf) ([github.io](https://mauricelambert.github.io/info/python/security/Web-MaxUriIdentifier.pdf)))
## Help
```text
usage: WebServerIdentifier.py [-h] [--method METHOD] [--baseuri BASEURI] [--interval INTERVAL] [--ssl] [--timeout TIMEOUT] [--verbose] [--debug] {identify,getmaxuri} target
This package identifies target's web server.
positional arguments:
{identify,getmaxuri} Identify the target's web server or get the maximum size of the URI.
target Host targeted (examples: 10.101.10.101:8000, example.com)
optional arguments:
-h, --help show this help message and exit
--method METHOD, -m METHOD
HTTP method to request the Web Server
--baseuri BASEURI, -b BASEURI
Base URI to request the target.
--interval INTERVAL, -i INTERVAL
Requests interval.
--ssl, -s Use HTTPS (SSL, encryption).
--timeout TIMEOUT, -t TIMEOUT
Set timeout for HTTP requests.
--verbose, -v Active verbose mode.
--debug, -d Active debugging mode (set level debug for all loggers).
```
## Licence
Licensed under the [GPL, version 3](https://www.gnu.org/licenses/).