WhatWeb - website fingerprinting

[urbanadventurer]

Do you want to add WhatWeb to BackTrack?

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg. “Powered by XYZ” and others are more subtle. WhatWeb recognises these hints and reports what it finds.

Download from WhatWeb

[Seebaer]

Heya Andrew,

i read your KiwiConIII talk at exploit-db. I tried whatweb and wanted to recommend it to the bt admins. After soem searching i found this thread, and now i just want to give you some regards for your good work, and try to encourage the admins to include whatweb into backtrack.

so admins: mr. urbanadventurer build a very nice and handy tool to automatically fingerprint sites. that come in handy to determine vulnerable cms versions in your daily audit work! just give it a look.

greetings
Seebaer

[RageLtMan]

Looks interesting, i am however getting a ruby error. Seems to have some issues parsing the required gems list. I looked over the README page and the site (same thing pretty much), they dont have pre-req's listed. What else do i need installed for this to work right? Thx

[Seebaer]

@RageLtMan:

There is a file called INSTALL which provides you a pretty nice step-by-step guide to install this tool:

Code:

1. Install Ruby
---------------------------------------
sudo apt-get install ruby


2. BackTrack 4 BETA or Ubuntu 8.04 (Warning this will remove all your gems)
------------------------------------
wget http://rubyforge.org/frs/download.php/45905/rubygems-1.3.1.tgz
tar xzvf rubygems-1.3.1.tgz
cd rubygems-1.3.1
sudo ruby setup.rb
sudo ln -s /usr/bin/gem1.8 /usr/bin/gem
sudo gem update --system


3. Install Anemone, Spidering library
---------------------------------------
sudo apt-get install libxslt-ruby
sudo apt-get install libxslt1-dev
sudo gem install anemone

[Archangel-Amael]

http://www.backtrack-linux.org/forum...0-4-2-bt4.html

[SWFu64]

Did this make it into the SVN? It's a great tool.

[SWFu64]

Theres a 4.5 release now.

[thorin]

On the topic of Web App FingerPrinting you might wanna checkout:
ISC SANS Diary Entry : Blind Elephant: A New Web Application Fingerprinting Tool
BlindElephant Web Application Fingerprinter

[Archangel-Amael]

Thanks thorin, and swfu we are working to get this new version integrated.
Thanks.

[urbanadventurer]

WhatWeb is currently installed in BackTrack in the wrong location. In the BT KDE menu it is found in Information Gathering -> Search Engines. As WhatWeb doesn't make use of search engines to perform web scanning and identification I think it's more appropriate to put it in Web Application Analysis -> Web (frontend).

I recommend installing it under /pentest/web/whatweb/ and combining /pentest/enumeration/www/ with the /pentest/web folder.

To install WhatWeb so it can be used from any working path without running Make install which puts it in /usr/local/bin and /usr/share/whatweb do the following:

Code:

 ln -s  /pentest/enumeration/www/whatweb/whatweb /usr/local/bin/

Edit whatweb:
change:

Code:

$LOAD_PATH << "/usr/share/whatweb"

to:

Code:

$LOAD_PATH << "/pentest/enumeration/www/whatweb"

I'm keen to hear any feedback or suggestions you have for WhatWeb