Untuk penggunaan, terlebih dahulu mengetahui isi perintah BlindElephant :
Usage: BlindElephant.py [options] url appName
Options:
-h, --help show this help message and exit
-p PLUGINNAME, --pluginName=PLUGINNAME
Fingerprint version of plugin (should apply to web app
given in appname)
-s, --skip Skip fingerprinting webpp, just fingerprint plugin
-n NUMPROBES, --numProbes=NUMPROBES
Number of files to fetch (more may increase accuracy).
Default: 15
-w, --winnow If more than one version are returned, use winnowing
to attempt to narrow it down (up to numProbes
additional requests).
-l, --list List supported webapps and plugins
Use "guess" as app or plugin name to attempt to attempt to
discover which supported apps/plugins are installed.
Penggunaan :
root@root:/pentest/web/blindelephant/src/blindelephant#python BlindElephant.py [options] url appName
Untuk Hasilnya :
tws@linux:/pentest/web/blindelephant/src/blindelephant$ python BlindElephant.py http://www.jammclothing.com.au/ joomla
Loaded /pentest/web/blindelephant/src/blindelephant/dbs/joomla.pkl with 39 versions, 3789 differentiating paths, and 140 version groups.
Starting BlindElephant fingerprint for version of joomla at http://www.jammclothing.com.au
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.ini
Possible versions based on result: 1.5.18
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.com_content.ini
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/htaccess.txt
File produced no match. Error: Retrieved file doesn't match known fingerprint. c381fa8411b62167fd7c9a06b244df36
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.com_contact.ini
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/media/system/js/validate.js
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/templates/rhuk_milkyway/css/template.css
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.com_weblinks.ini
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/configuration.php-dist
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.com_users.ini
File produced no match. Error: Retrieved file doesn't match known fingerprint. e19a55c871a1ec6a88aa27f5444aab8b
Hit http://www.jammclothing.com.au/media/system/js/caption.js
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.mod_search.ini
Possible versions based on result: 1.5.17, 1.5.18
Hit http://www.jammclothing.com.au/language/xx-XX/xx-XX.ini
File produced no match. Error: Error code: 404 (Not Found)
Hit http://www.jammclothing.com.au/language/xx-XX/xx-XX.com_users.ini
File produced no match. Error: Error code: 404 (Not Found)
Hit http://www.jammclothing.com.au/language/xx-XX/xx-XX.com_content.ini
File produced no match. Error: Error code: 404 (Not Found)
Hit http://www.jammclothing.com.au/language/en-GB/en-GB.mod_breadcrumbs.ini
Possible versions based on result: 1.5.17, 1.5.18
Fingerprinting resulted in:
1.5.18
Best Guess: 1.5.18
NOTE :
Tutorial ini hanya untuk tujuan pendidikan. Saya tidak bertanggung jawab atas jenis kegiatan ilegal yang dilakukan oleh Anda.
Sumber referensi :
- BlindElephant Web Aplication Finger Printer - http://blindelephant.sourceforge.net/
No comments:
Post a Comment