Vlatko, On Mon, Nov 23, 2009 at 4:26 PM, Ulises2k <ulise...@gmail.com> wrote: > more md5´s > > http://nmap.org/nsedoc/scripts/http-favicon.html > http://nmap.org/svn/nselib/data/favicon-db
I think that you should somehow centralize the efforts to keep an updated database. If every piece of software keeps its own database, we'll be wasting our times. What do you think about keeping it in your website, and then everybody can download the latest from there? Cheers, > > On Thu, Oct 22, 2009 at 12:29, Ulises2k <ulise...@gmail.com> wrote: >> >> I found the same md5sum as the following one in Plex Favicon: >> - dcea02a5797ce9e36f19b7590752563e:Apache (seen on CentOS/Debian/Fedora) >> >> Plex Favicon: >> $ wget https://plesk86.demo.parallels.com:8443/favicon.ico >> --no-check-certificate >> $ md5sum favicon.ico >> dcea02a5797ce9e36f19b7590752563e favicon.ico >> >> Can you check if the md5sum of the Apache favicon is ok? >> >> >> On Thu, Oct 22, 2009 at 07:06, Raul Siles <raul.si...@gmail.com> wrote: >> > Vlakto, >> > Have you checked the Nikto db_favicon file? It contains a few >> > fingerprints. >> > Get first auth. from the Nikto project. >> > >> > Cheers, >> > -- >> > Raul Siles >> > www.raulsiles.com >> > >> > >> > >> > On Fri, Oct 16, 2009 at 5:50 PM, Vlatko Kosturjak <k...@linux.hr> wrote: >> >> Andres Riancho wrote: >> >>> >> >>> I love this plugin! I loved the idea when you told me about it in >> >>> France, and I love it much more now that I see how simple the code is. >> >> >> >> Thanks, it was great to meet you at Besancon. >> >> >> >>> These are the things I modified in the plugin before commiting it to >> >>> the trunk: >> >>> - There were lines with tab indentation instead of the PEP-8 >> >>> recommended 4-space indentation. I changed them. >> >> >> >> OK. Now, I know what you prefer for patches. >> >> >> >>> - Changed the reporting a little bit. Now an information object is >> >>> only saved to the kb if the favicon.ico is actually identified. >> >> >> >> I had different idea. Usually, assessor/tester of the target site >> >> should be >> >> aware if there's favicon there. Maybe we could not identify it >> >> automatically, but assessor could see that there is favicon.ico, so he >> >> can >> >> see it visually and get some clue about the website/CMS/... As it tests >> >> for >> >> 404, it will display only existing favicon.ico. >> >> Also, it would ease the contribution of MD5 back to the project... >> >> It's my point of view which could be wrong... >> >> >> >>> - Removed the unused "self._fuzzableRequests = []" and "dirs = []" >> >> >> >> There's few things to implement in future versions. First of all, >> >> support >> >> for different dirs. i.e. on single web site, there could be different >> >> software versions, e.g.: >> >> http://website/phpbb >> >> http://website/drupal >> >> So, it would be good to have it run after the crawler, so it can >> >> identify >> >> different versions. Here I would need your help. Also, >> >> it would be good to implement parsing of <link rel icon> tag, so plugin >> >> can >> >> identify favicon.ico in not-usual locations... >> >> >> >>> - I added a test script named >> >>> "scripts/script-favicon_identification.w3af" that helps test the >> >>> plugin you created by running "./w3af_console -s >> >>> scripts/script-favicon_identification.w3af" >> >> >> >> Just checked it and i'm sending patch to fix it as it has some >> >> leftovers. >> >> >> >>> To sum up, I did nothing and you did a great job ;) If you perform a >> >>> "svn up" of w3af's trunk, you'll find your plugin there. >> >> >> >> Thanks. I plan and hope I will contribute more (plugins & code). >> >> >> >>>> In order to learn more about it to, refer to: >> >>>> http://kost.com.hr/favicon.phpiimplement mplement >> >> >> >> My error, link should be: http://kost.com.hr/favicon.php >> >> >> >>> I see that you guys are trying to expand this database by running >> >>> "Internet wide" scans. I have a server that could be used for this >> >>> purpose, if you send me a couple of commands that you need me to run, >> >>> I'll be more than happy to run them and then send you the response. >> >>> Maybe you could assign me the address range for Argentina, Chile, >> >>> Uruguay, Bolivia and Paraguay, and I would the results back to you? >> >> >> >> Sure. As I have donated all my work to OWASP and we're just building >> >> it as >> >> OWASP project, feel free to join the mailing list at: >> >> https://lists.owasp.org/mailman/listinfo/owasp-favicon-database >> >> >> >> Current process of crawling is described here: >> >> http://www.owasp.org/index.php/OWASP_favicon_database_crawl >> >> ...and scripts can be downloaded here: >> >> http://kost.com.hr/favicon.php >> >> >> >> Although, I'm not sure that we can separate it per country (in terms of >> >> nmap >> >> -iR), but any idea on performing the internet wide survey is welcomed! >> >> >> >>> Thank you for supporting w3af, and other open source projects like >> >>> openvas and nessus! >> >> >> >> You're welcome. As we talk about OpenVAS, maybe it's good time and >> >> place to >> >> ask about it. My plan is to write OpenVAS NVT (NASL) script which would >> >> run >> >> w3af automatically if http(s) port(s) is found (similar to nikto NASL >> >> plugin). I think this mailing list is best place (and you Andres) to >> >> ask >> >> what is the best command line for w3af for automatic vulnerability >> >> discovery? i.e. so NASL can launch w3af and parse the results and >> >> report it >> >> through standard OpenVAS reporting mechanism. Any help would be >> >> appreciated. >> >> >> >> Also if you (or anyone else) have some ideas about other OpenVAS<=>w3af >> >> cooperation/partnership, let me know! >> >> >> >> Kost >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> >> is the only developer event you need to attend this year. Jumpstart >> >> your >> >> developing skills, take BlackBerry mobile applications to market and >> >> stay >> >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> >> http://p.sf.net/sfu/devconference >> >> _______________________________________________ >> >> W3af-develop mailing list >> >> W3af-develop@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> >> >> >> >> > >> > >> > ------------------------------------------------------------------------------ >> > Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> > is the only developer event you need to attend this year. Jumpstart your >> > developing skills, take BlackBerry mobile applications to market and >> > stay >> > ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> > http://p.sf.net/sfu/devconference >> > _______________________________________________ >> > W3af-develop mailing list >> > W3af-develop@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/w3af-develop >> > >> >> >> >> -- >> -- >> Ulises U. Cuñé >> Web: http://www.ulises2k.com.ar >> > > > > -- > Ulises U. Cuñé > Web: http://www.ulises2k.com.ar > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus > on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > W3af-develop mailing list > W3af-develop@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-develop > > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
