Minor enhancement to fingerprint the web server operating system and

the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog.
2025-12-09 22:21:30 +00:00 · 2008-11-18 17:42:46 +00:00
parent 7d0724843f
commit 727664aea7
15 changed files with 588 additions and 207 deletions
--- a/plugins/dbms/mssqlserver.py
+++ b/plugins/dbms/mssqlserver.py
@@ -29,7 +29,7 @@ import time
 from lib.core.agent import agent
 from lib.core.common import dataToStdout
 from lib.core.common import formatDBMSfp
-from lib.core.common import formatOSfp
+from lib.core.common import formatFingerprint
 from lib.core.common import getHtmlErrorFp
 from lib.core.common import randomInt
 from lib.core.common import readInput
@@ -43,7 +43,6 @@ from lib.core.session import setDbms
 from lib.core.settings import MSSQL_ALIASES
 from lib.core.settings import MSSQL_SYSTEM_DBS
 from lib.core.unescaper import unescaper
-from lib.parse.banner import bannerParser
 from lib.request import inject
 from lib.request.connect import Connect as Request

@@ -123,14 +122,17 @@ class MSSQLServerMap(Fingerprint, Enumeration, Filesystem, Takeover):


    def getFingerprint(self):
-        value      = ""
-        formatInfo = None
+        value  = ""
+        wsOsFp = formatFingerprint("web server", kb.headersFp)
+
+        if wsOsFp:
+            value += "%s\n" % wsOsFp

        if self.banner:
-            formatInfo = formatOSfp()
+            dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)

-            if formatInfo:
-                value += "%s\n" % formatInfo
+            if dbmsOsFp:
+                value += "%s\n" % dbmsOsFp

        value  += "back-end DBMS: "
        actVer  = formatDBMSfp()
@@ -140,7 +142,6 @@ class MSSQLServerMap(Fingerprint, Enumeration, Filesystem, Takeover):
            return value

        blank       = " " * 15
-        formatInfo  = None
        value      += "active fingerprint: %s" % actVer

        if kb.bannerFp:
--- a/plugins/dbms/mysql.py
+++ b/plugins/dbms/mysql.py
@@ -29,7 +29,7 @@ import re
 from lib.core.agent import agent
 from lib.core.common import fileToStr
 from lib.core.common import formatDBMSfp
-from lib.core.common import formatOSfp
+from lib.core.common import formatFingerprint
 from lib.core.common import getDirectories
 from lib.core.common import getHtmlErrorFp
 from lib.core.common import randomInt
@@ -44,7 +44,6 @@ from lib.core.settings import MYSQL_ALIASES
 from lib.core.settings import MYSQL_SYSTEM_DBS
 from lib.core.shell import autoCompletion
 from lib.core.unescaper import unescaper
-from lib.parse.banner import bannerParser
 from lib.request import inject
 from lib.request.connect import Connect as Request

@@ -181,14 +180,17 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Takeover):


    def getFingerprint(self):
-        value      = ""
-        formatInfo = None
+        value  = ""
+        wsOsFp = formatFingerprint("web server", kb.headersFp)
+
+        if wsOsFp:
+            value += "%s\n" % wsOsFp

        if self.banner:
-            formatInfo = formatOSfp()
+            dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)

-            if formatInfo:
-                value += "%s\n" % formatInfo
+            if dbmsOsFp:
+                value += "%s\n" % dbmsOsFp

        value  += "back-end DBMS: "
        actVer  = formatDBMSfp()
@@ -199,7 +201,6 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Takeover):

        comVer      = self.__commentCheck()
        blank       = " " * 15
-        formatInfo  = None
        value      += "active fingerprint: %s" % actVer

        if comVer:
@@ -208,7 +209,7 @@ class MySQLMap(Fingerprint, Enumeration, Filesystem, Takeover):

        if kb.bannerFp:
            # TODO: move to the XML banner file
-            banVer = kb.bannerFp['version']
+            banVer = kb.bannerFp["dbmsVersion"]

            if re.search("-log$", self.banner):
                banVer += ", logging enabled"
--- a/plugins/dbms/oracle.py
+++ b/plugins/dbms/oracle.py
@@ -27,7 +27,7 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 import re

 from lib.core.common import formatDBMSfp
-from lib.core.common import formatOSfp
+from lib.core.common import formatFingerprint
 from lib.core.common import getHtmlErrorFp
 from lib.core.data import conf
 from lib.core.data import kb
@@ -37,7 +37,6 @@ from lib.core.session import setDbms
 from lib.core.settings import ORACLE_ALIASES
 from lib.core.settings import ORACLE_SYSTEM_DBS
 from lib.core.unescaper import unescaper
-from lib.parse.banner import bannerParser
 from lib.request import inject

 from plugins.generic.enumeration import Enumeration
@@ -117,14 +116,17 @@ class OracleMap(Fingerprint, Enumeration, Filesystem, Takeover):


    def getFingerprint(self):
-        value      = ""
-        formatInfo = None
+        value  = ""
+        wsOsFp = formatFingerprint("web server", kb.headersFp)
+
+        if wsOsFp:
+            value += "%s\n" % wsOsFp

        if self.banner:
-            formatInfo = formatOSfp()
+            dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)

-            if formatInfo:
-                value += "%s\n" % formatInfo
+            if dbmsOsFp:
+                value += "%s\n" % dbmsOsFp

        value += "back-end DBMS: "

@@ -134,11 +136,10 @@ class OracleMap(Fingerprint, Enumeration, Filesystem, Takeover):

        actVer      = formatDBMSfp()
        blank       = " " * 15
-        formatInfo  = None
        value      += "active fingerprint: %s" % actVer

        if kb.bannerFp:
-            banVer = kb.bannerFp['version']
+            banVer = kb.bannerFp["dbmsVersion"]
            banVer = formatDBMSfp([banVer])
            value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)

--- a/plugins/dbms/postgresql.py
+++ b/plugins/dbms/postgresql.py
@@ -27,7 +27,7 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 import re

 from lib.core.common import formatDBMSfp
-from lib.core.common import formatOSfp
+from lib.core.common import formatFingerprint
 from lib.core.common import getHtmlErrorFp
 from lib.core.common import randomInt
 from lib.core.data import conf
@@ -38,7 +38,6 @@ from lib.core.session import setDbms
 from lib.core.settings import PGSQL_ALIASES
 from lib.core.settings import PGSQL_SYSTEM_DBS
 from lib.core.unescaper import unescaper
-from lib.parse.banner import bannerParser
 from lib.request import inject

 from plugins.generic.enumeration import Enumeration
@@ -117,14 +116,17 @@ class PostgreSQLMap(Fingerprint, Enumeration, Filesystem, Takeover):


    def getFingerprint(self):
-        value      = ""
-        formatInfo = None
+        value  = ""
+        wsOsFp = formatFingerprint("web server", kb.headersFp)
+
+        if wsOsFp:
+            value += "%s\n" % wsOsFp

        if self.banner:
-            formatInfo = formatOSfp()
+            dbmsOsFp = formatFingerprint("back-end DBMS", kb.bannerFp)

-            if formatInfo:
-                value += "%s\n" % formatInfo
+            if dbmsOsFp:
+                value += "%s\n" % dbmsOsFp

        value += "back-end DBMS: "

@@ -134,11 +136,10 @@ class PostgreSQLMap(Fingerprint, Enumeration, Filesystem, Takeover):

        actVer      = formatDBMSfp()
        blank       = " " * 15
-        formatInfo  = None
        value      += "active fingerprint: %s" % actVer

        if kb.bannerFp:
-            banVer = kb.bannerFp['version']
+            banVer = kb.bannerFp["dbmsVersion"]
            banVer = formatDBMSfp([banVer])
            value += "\n%sbanner parsing fingerprint: %s" % (blank, banVer)