httprint

Introduction

httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database.

More details on how httprint works can be found in the Introduction to HTTP fingerprinting paper. It is printer-friendly.

Features

  • Identification of web servers despite the banner string and any other obfuscation. httprint can successfully identify the underlying web servers when their headers are mangled by either patching the binary, by modules such as mod_security.c or by commercial products such as ServerMask. Click here to see an example of how httprint detects disguised servers.
  • Inventorying of web enabled devices such as printers, routers, switches, wireless access points, etc. Click on the sample HTML report.
  • Confidence Ratings. httprint now picks the best matches based on confidence ratings, derived using a fuzzy logic technique, instead of going by the highest weight. More details on the significance of confidence ratings can be found in section 8.4 of the Introduction to HTTP fingerprinting paper.
  • [new]  Multi-threaded engine. httprint v301 is a complete re-write, featuring a multi-threaded scanner, to process multiple hosts in parallel. This greatly saves scanning time. *multi-threading is not yet supported in the FreeBSD version.
  • [new] SSL information gathering. httprint now gathers SSL certificate information, which helps you identify expired SSL certificates, ciphers used, certificate issuer, and other such SSL related details.
  • [new] Automatic SSL detection. httprint can detect if a port is SSL enabled or not, and can automatically switch to SSL connections when needed.
  • Automatic traversal of HTTP 301 and 302 redirects. Many servers who have transferred their content to other servers send a default redirect response towards all HTTP requests. httprint now follows the redirection and fingerprints the new server pointed to. This feature is enabled by default and can be turned off, if needed.
  • Ability to import web servers from nmap network scans. httprint can import nmap’s xml output files.
  • Reports in HTML, CSV and XML formats.
  • Available on Linux, Mac OS X, FreeBSD (command line only) and Win32 (command line and GUI).

Downloads

httprint 301: (released on 22/12/05)
Platform
VER
URL
md5
Win32 GUI and cmd line 301
[DOWNLOAD]
a66408308c3f540030bbb0d59716b032
Linux 301
[DOWNLOAD] af53704de9c1851bd439cbe3fab3e0ad
Mac OS X   
301
[DOWNLOAD] 6b188cd60df6eca5409694fa40859f0d
FreeBSD 301
[DOWNLOAD] d5efd9463f671ce92f50ce3222f1774e

Usage

The Win32 GUI version usage is quite straightforward. The Win32, Linux, FreeBSD and Mac OS X command line version usage syntax is given here.

Signature File

If you are just looking for the updated httprint signatures, they can be found here. If you have signatures to contribute to the httprint signature database, please send us an email to httprint@net-square.com and we shall include in our database. We would appreciate your efforts in contributing signatures.


Download signatures.txt

Screenshots and reports


httprint v301 win32 GUI (click image to enlarge)



sample HTML report (click on image to enlarge)



httprint detecting disguised web servers (click on image for details)


Licensing

httprint is not open source, however, it is available at no cost for personal, educational and non-commercial use. Should you require httprint technology for commercial use, please contact us at: httprint@net-square.com

Credits

Please report bugs, send us feedback, or help us increase our web servers signature database. A note of thanks goes to the members of our Net-Square team, for helping build and test httprint – Shreeraj Shah, Amish Shah, Hemil Shah and Dhaval Vasa. Special thanks go to all who have helped us test httprint – Ofir Arkin and Nitesh Dhanjani. A note of recognition is also given to Kuntal Daftary of Cisco for his thoughts and ideas during early phases of research. Their relentless effort has brought httprint to fruition.

We would also like to thank Jussi Jaakonaho, Simon B, Arthur Quintalino, Joel Friedman, Sascha, Ritchie, Xavier Kaotico, fbi-at-the-futureistoday-dot-com, Daniele Muscetta, Brahmdeep Jandir, Zarco Zwier, Ralf Glauberman, Richard Reiner and John Miller for their signature contributions.
httprint@net-square.com


Home | Services | Products | Training | Research | About Us | Join Us | Contact Us

©2012 - 2015 Net-square Solutions Pvt Ltd. All rights reserved.