WhatWeb
adalah tools yang berguna untuk mengidentifikasi website. Tujuannya
adalah untuk menjawab pertanyaan, “Apa dan informasi apakah yang
terdapat pada Website itu?”. WhatWeb support terhadap teknologi web
termasuk sistem manajemen konten (CMS), platform blogging, statistik /
analisis paket, JavaScript library , web server, dan embedded device.
WhatWeb memiliki lebih dari 900 plugin. WhatWeb juga mengidentifikasi
nomor versi, alamat email, ID account, modul web framework, kesalahan
SQL, dan banyak lagi.
s
WhatWeb mendukung tingkat agresi untuk mengontrol trade off antara
kecepatan dan kehandalan. Ketika Anda mengunjungi situs web pada browser
Anda, transaksi mencakup banyak petunjuk tentang apa teknologi web
powering bahwa situs web. Kadang-kadang tunggal kunjungi halaman web
berisi informasi yang cukup untuk mengidentifikasi sebuah website tetapi
ketika tidak, WhatWeb bisa menginterogasi website lebih lanjut. Tingkat
default agresi, disebut ‘pasif’, adalah tercepat dan hanya memerlukan
satu permintaan HTTP dari sebuah website. Ini cocok untuk pemindaian
situs web publik. Mode lebih agresif dikembangkan untuk dalam tes
penetrasi.
Plugin WhatWeb Kebanyakan menyeluruh dan mengakui berbagai isyarat
dari halus untuk jelas. Sebagai contoh, sebagian besar situs WordPress
dapat diidentifikasi oleh meta tag HTML, tetapi minoritas website
WordPress menghapus tag ini agar terhindar dari penetrasi gathering
information namun hal ini tidak menyurutkan sepak terjang WhatWeb. The
WhatWeb WordPress plugin memiliki lebih dari 15 tes, termasuk memeriksa
favicon, file default instalasi, halaman login, dan memeriksa “/
wp-content /” dalam link relatif.
Features:
* Over 900 plugins
* Control the trade off between speed/stealth and reliability
* Plugins include example URLs
* Performance tuning. Control how many websites to scan concurrently.
* Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB.
* Recursive web spidering
* Proxy support including TOR
* Custom HTTP headers
* Basic HTTP authentication
* Control over webpage redirection
* Nmap-style IP ranges
* Fuzzy matching
* Result certainty awareness
* Custom plugins defined on the command line
* Over 900 plugins
* Control the trade off between speed/stealth and reliability
* Plugins include example URLs
* Performance tuning. Control how many websites to scan concurrently.
* Multiple log formats: Brief (greppable), Verbose (human readable), XML, JSON, MagicTree, RubyObject, MongoDB.
* Recursive web spidering
* Proxy support including TOR
* Custom HTTP headers
* Basic HTTP authentication
* Control over webpage redirection
* Nmap-style IP ranges
* Fuzzy matching
* Result certainty awareness
* Custom plugins defined on the command line
The following types of logging are supported
–log-brief=FILE Brief, one-line, greppable format
–log-verbose=FILE Verbose
–log-xml=FILE XML format. XSL stylesheet is provided
–log-json=FILE JSON format
–log-json-verbose=FILE JSON verbose format
–log-magictree=FILE MagicTree XML format
–log-object=FILE Ruby object inspection format
–log-mongo-database Name of the MongoDB database
–log-mongo-collection Name of the MongoDB collection. Default: whatweb
–log-mongo-host MongoDB hostname or IP address. Default: 0.0.0.0
–log-mongo-username MongoDB username. Default: nil
–log-mongo-password MongoDB password. Default: nil
–log-errors=FILE Log errors. This is usually printed to the screen in red.
–log-verbose=FILE Verbose
–log-xml=FILE XML format. XSL stylesheet is provided
–log-json=FILE JSON format
–log-json-verbose=FILE JSON verbose format
–log-magictree=FILE MagicTree XML format
–log-object=FILE Ruby object inspection format
–log-mongo-database Name of the MongoDB database
–log-mongo-collection Name of the MongoDB collection. Default: whatweb
–log-mongo-host MongoDB hostname or IP address. Default: 0.0.0.0
–log-mongo-username MongoDB username. Default: nil
–log-mongo-password MongoDB password. Default: nil
–log-errors=FILE Log errors. This is usually printed to the screen in red.
Perintah-perintah pada whatweb …
Matches are made with:
* Text strings (case sensitive)
* Regular expressions
* Google Hack Database queries (limited set of keywords)
* MD5 hashes
* URL recognition
* HTML tag patterns
* Custom ruby code for passive and aggressive operations
* Text strings (case sensitive)
* Regular expressions
* Google Hack Database queries (limited set of keywords)
* MD5 hashes
* URL recognition
* HTML tag patterns
* Custom ruby code for passive and aggressive operations
$ ./whatweb -l
WhatWeb Plugin List
Plugin Name Description
——————————————————————————-
1024-CMS 1024 is one of a few CMS’s leading the way with the i
360-Web-Manager 360-Web-Manager – homepage: http://www.360webmanager.
4images 4images is a powerful web-based image gallery managem
… (truncated – there are a lot)
——————————————————————————-
1024-CMS 1024 is one of a few CMS’s leading the way with the i
360-Web-Manager 360-Web-Manager – homepage: http://www.360webmanager.
4images 4images is a powerful web-based image gallery managem
… (truncated – there are a lot)
Untuk melihat plugin detail
$ ./whatweb -I phpBB
WhatWeb Plugin Information
Searching for phpBB
——————————————————————————–
Plugin Name Details
phpBB
Author: Andrew Horton
Version: 0.3
Examples: 16
Matches: 7
Passive function: Yes
Aggressive function: Yes
Version detection: Yes
Description:
phpBB is a free forum phpbb.org
WhatWeb Plugin Information
Searching for phpBB
——————————————————————————–
Plugin Name Details
phpBB
Author: Andrew Horton
Version: 0.3
Examples: 16
Matches: 7
Passive function: Yes
Aggressive function: Yes
Version detection: Yes
Description:
phpBB is a free forum phpbb.org
Jika anda inginkan tools tersebut terkolaburasi dengan backtrack anda .. silahkan mengikuti instalasi berikut ini ..
root@IBTeam:# cd /pentest/enumaration
root@IBTeam:/pentest/enumeration# wget http://www.morningstarsecurity.com/downloads/whatweb-0.4.2.tar.gz
root@IBTeam:/pentest/enumeration# tar xvf whatweb*
root@IBTeam:/pentest/enumeration# rm whatweb-0.4.2.tar.gz
root@IBTeam:# cd /pentest/enumaration
root@IBTeam:/pentest/enumeration# wget http://www.morningstarsecurity.com/downloads/whatweb-0.4.2.tar.gz
root@IBTeam:/pentest/enumeration# tar xvf whatweb*
root@IBTeam:/pentest/enumeration# rm whatweb-0.4.2.tar.gz
root@IBTeam:/pentest/enumeration/whatweb-0.4.2# ./whatweb -v kaskus.us
http://kaskus.us [302] title[302 Found], server-header[lumanau.web.id], redirect-location[http://www.kaskus.us/], md5[9e605d3059406c1333cc6ba597e00151], header-hash[9e605d3059406c1333cc6ba597e00151]
Identifying: http://kaskus.us
HTTP-Status: 302
[["header-hash",
[{:probability=>100,
:name=>"hash",
:string=>"9e605d3059406c1333cc6ba597e00151"}]],
["md5",
[{:probability=>100,
:name=>"page title",
:string=>"9e605d3059406c1333cc6ba597e00151"}]],
["redirect-location",
[{:probability=>100, :name=>"location", :string=>"http://www.kaskus.us/"}]],
["server-header",
[{:probability=>100, :name=>"server string", :string=>"lumanau.web.id"}]],
["title", [{:probability=>100, :name=>"page title", :string=>"302 Found"}]]]
http://www.kaskus.us/ [200] Prototype, vbulletin[3.8.0],
uncommon-headers[cluster], title[Kaskus - The Largest Indonesian
Community], server-header[lumanau.web.id], meta-generator[vBulletin
3.8.0], md5[69059d0c1bf01a42f72f94128f8dd384],
header-hash[cb249759273386faa5da51b9764e333e],
footer-hash[77a4f031bdd4a39d1e39560f4c0be5e9],
div-span-structure[b0ce091ebaa57bb5844701099a280a1e]
Identifying: http://www.kaskus.us/
HTTP-Status: 200
[["Prototype",
[{:regexp=>/// ]*.js)[^>]*/,
:probability=>100,
:name=>”js tag”}]],
["div-span-structure",
[{:probability=>100,
:name=>"div structure",
:string=>"b0ce091ebaa57bb5844701099a280a1e"}]],
["footer-hash",
[{:probability=>100,
:name=>"hash",
:string=>"77a4f031bdd4a39d1e39560f4c0be5e9"}]],
["header-hash",
[{:probability=>100,
:name=>"hash",
:string=>"cb249759273386faa5da51b9764e333e"}]],
["md5",
[{:probability=>100,
:name=>"page title",
:string=>"69059d0c1bf01a42f72f94128f8dd384"}]],
["meta-generator",
[{:probability=>100,
:name=>"meta generator tag",
:string=>"vBulletin 3.8.0"}]],
["server-header",
[{:probability=>100, :name=>"server string", :string=>"lumanau.web.id"}]],
["title",
[{:probability=>100,
:name=>"page title",
:string=>"Kaskus - The Largest Indonesian Community"}]],
["uncommon-headers",
[{:probability=>100, :name=>"headers", :string=>"cluster"}]],
["vbulletin",
[{:regexp=>/100,
:name=>"meta generator tag"},
{:regexp=>/\* vBulletin [0-9a-z.]+ CSS/,
:probability=>75,
:name=>”CSS comments”},
{:regexp=>
/100,
:name=>”vbulletin_global.js”},
{:probability=>100, :name=>”meta generator tag”, :version=>”3.8.0″},
{:probability=>100, :name=>”css comments”, :version=>”3.8.0″}]]]
// ]]>
Identifying: http://www.kaskus.us/
HTTP-Status: 200
[["Prototype",
[{:regexp=>/// ]*.js)[^>]*/,
:probability=>100,
:name=>”js tag”}]],
["div-span-structure",
[{:probability=>100,
:name=>"div structure",
:string=>"b0ce091ebaa57bb5844701099a280a1e"}]],
["footer-hash",
[{:probability=>100,
:name=>"hash",
:string=>"77a4f031bdd4a39d1e39560f4c0be5e9"}]],
["header-hash",
[{:probability=>100,
:name=>"hash",
:string=>"cb249759273386faa5da51b9764e333e"}]],
["md5",
[{:probability=>100,
:name=>"page title",
:string=>"69059d0c1bf01a42f72f94128f8dd384"}]],
["meta-generator",
[{:probability=>100,
:name=>"meta generator tag",
:string=>"vBulletin 3.8.0"}]],
["server-header",
[{:probability=>100, :name=>"server string", :string=>"lumanau.web.id"}]],
["title",
[{:probability=>100,
:name=>"page title",
:string=>"Kaskus - The Largest Indonesian Community"}]],
["uncommon-headers",
[{:probability=>100, :name=>"headers", :string=>"cluster"}]],
["vbulletin",
[{:regexp=>/100,
:name=>"meta generator tag"},
{:regexp=>/\* vBulletin [0-9a-z.]+ CSS/,
:probability=>75,
:name=>”CSS comments”},
{:regexp=>
/100,
:name=>”vbulletin_global.js”},
{:probability=>100, :name=>”meta generator tag”, :version=>”3.8.0″},
{:probability=>100, :name=>”css comments”, :version=>”3.8.0″}]]]
// ]]>
Untuk informasi lebih detail silahkan mengunjungi situs resmi dari development
http://www.morningstarsecurity.com/
Tidak ada komentar:
Posting Komentar