CMS Identification Menggunakan blindelephant
blindelephant adalah aplikasi yang berfungsi untuk mengetahui versi dari sebuah web application.
Web Application Yang Didukung
Saat ini web application yang didukung adalah:
- confluence with 0 plugins
- drupal with 16 plugins
- - admin_menu
- - cck
- - date
- - filefield
- - google_analytics
- - imageapi
- - imagecache
- - imagefield
- - imce
- - imce_swfupload
- - pathauto
- - spamicide
- - tagadelic
- - token
- - views
- joomla with 0 plugins
- liferay with 0 plugins
- mediawiki with 0 plugins
- moodle with 0 plugins
- movabletype with 0 plugins
- oscommerce with 0 plugins
- phpbb with 0 plugins
- phpmyadmin with 0 plugins
- phpnuke with 0 plugins
- spip with 0 plugins
- tikiwiki with 0 plugins
- twiki with 0 plugins
- wordpress with 26 plugins
- - add-to-any
- - advertising-manager
- - akismet
- - all-in-one-seo-pack
- - buddypress
- - contact-form-7
- - gd-star-rating
- - google-analyticator
- - google-sitemap-generator
- - newsletter
- - nextgen-gallery
- - polldaddy
- - simple-tags
- - smart-youtube
- - sociable
- - stats
- - subscribe2
- - tinymce-advanced
- - twitter-tools
- - wp-e-commerce
- - wp-pagenavi
- - wp-spamfree
- - wp-super-cache
- - wp-useronline
- - wptouch
- - yet-another-related-posts-plugin
Cara Penggunaan
python BlindElephant.py http://bt.foo.org/books wordpress Loaded /pentest/web/blindelephant/src/blindelephant/dbs/wordpress.pkl with 213 versions, 5214 differentiating paths, and 300 version groups. Starting BlindElephant fingerprint for version of wordpress at http://bt.foo.org/books Hit http://bt.foo.org/books/readme.html File produced no match. Error: Retrieved file doesn't match known fingerprint. 11fda7bdaec3851353224a08826e46f2 Hit http://bt.foo.org/books/wp-includes/js/tinymce/tiny_mce.js File produced no match. Error: Retrieved file doesn't match known fingerprint. 9f861e2b752c1a4d5fc691f3e3195b0a Hit http://bt.foo.org/books/wp-includes/js/autosave.js Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/about.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/source_editor.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/link.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/plugins/inlinepopups/editor_plugin.js Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/swfupload/handlers.js File produced no match. Error: Retrieved file doesn't match known fingerprint. 447a01d08e7047781453c9b37d1af384 Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/image.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/color_picker.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/anchor.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/charmap.htm Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-content/plugins/akismet/readme.txt File produced no match. Error: Retrieved file doesn't match known fingerprint. 397219dc64f0489ed3e3e9e597ad2db8 Hit http://bt.foo.org/books/wp-includes/js/tinymce/themes/advanced/editor_template.js Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Hit http://bt.foo.org/books/wp-includes/js/tinymce/plugins/wordpress/editor_plugin.js Possible versions based on result: 3.1-beta1, 3.1-beta1-IIS, 3.1-beta2, 3.1-beta2-IIS, 3.1-RC1, 3.1-RC2, 3.1-RC2-IIS Fingerprinting resulted in: 3.1-beta1 3.1-beta1-IIS 3.1-beta2 3.1-beta2-IIS 3.1-RC1 3.1-RC2 3.1-RC2-IIS Best Guess: 3.1-RC2-IIS
Dari output dapat diketahui bahwa kemungkinan terbesar website tersebut menggunakan wordpress versi 3.1-RC2-IIS