httprecon project
advanced web server fingerprinting
Introduction | News | Scan | Download | Documentation | FAQ | Database | Contact
"httprecon is a tool for advanced web server fingerprinting, likely to increase web server probes as the tool is examined and included into other tools." - Brent Huston, MSI State of Security
Test: options (OPTIONS / HTTP/1.1)
Fingerprint: vary-order

Set of request-header fields that fully determines if a cache is permitted to use the response.

ImplementationVary-order
1AOLserver 4.0.10Accept-Encoding
2Apache 1.3.34Accept-Encoding,User-Agent
3Apache 1.3.37Host
4Apache 2.0.46Accept-Encoding
5Apache 2.0.52Accept-Encoding,User-Agent
6Apache 2.0.54Accept-Encoding
7Apache 2.0.54User-Agent
8Apache 2.0.54negotiate,accept-language
9Apache 2.0.55Accept-Encoding
10Apache 2.0.63User-Agent,Accept-Encoding
11Apache 2.2.11Accept-Encoding
12Apache 2.2.2Accept-Encoding
13Apache 2.2.4Accept-Encoding,Cookie
14Apache 2.2.4User-Agent
15Apache 2.3.0Accept-Encoding
16Microsoft IIS 6.0Accept-Encoding
17Mongrel 1.0Accept-Encoding
18Oracle Application Server 10g 10.1.2.2.0Host
19Roxen 4.5.111Cookie,User-Agent
20Roxen 4.5.145Cookie,User-Agent
21Zeus 4.3Accept-Encoding
22Zope 2.8.4Accept-Encoding
23Zope 2.9.6Accept-Encoding
24Zope 2.9.6Accept-Encoding,User-Agent
25lighttpd 1.4.18Accept-Encoding,Cookie
26lighttpd 1.4.19Accept-Encoding,User-Agent
27nginx 0.5.33Accept-Encoding

[back] [upload] [top]
© 2007-2024 by Marc Ruef