Friday, December 23, 2005

New version of HTTPrint available

A new version of HTTPrint is available for download. As of this post, that version is 3.01 beta. If you aren't familiar with HTTPrint, it is a web server fingerprinting tool. One of those best practices out there is to deactivate the banner your web server would normally return in the RESPONSE header. However, even with the banner removed (or altered to look like something different... for instance, having an IIS server say it's an Apache server), there are fingerprinting techniques based on how different web servers behave to determine exactly what web server is being connected to. Yes, this can detect an IIS server fairly easy, even if you're using URLScan.

One of the reasons for the new version may be due to a security advisory. The banner coming back isn't properly sanitized before being inserted into an HTML report that HTTPrint generates. Therefore if someone has a web server with a banner specially crafted to be malicious, the report HTTPrint produces could be affected accordingly, meaning anyone viewing the report could be hit. The latest version fixes this problem.

Secunia advisory - httprint Server Banner Script Insertion and Denial of Service


Post a Comment

Links to this post:

Create a Link

<< Home