SlideShare a Scribd company logo

Web App Footprints Discovery

Aung Khant
Aung Khant

This document describes a methodology for discovering all web applications running on a server hosting multiple virtual hosts. It notes that traditional assessment based only on IP address and ports may fail to find all applications. The proposed solution is to use WHOIS and DNS information databases to identify all domain names associated with the server's IP address, and then use each domain as the host field in HTTP requests to fully map out and assess each web application individually. The methodology allows for a comprehensive assessment of all applications on a server with multiple virtual hosts.

Technology
1 of 12
Download to read offline
Web Application Footprints and Discovery Methodology for Web servers hosting Multiple Web applications Abstract Web application assessment begins with IP address and ports (80/443) – this is very common practice. But there is flaw in this method. What if a web server is running with multiple virtual hosts? In other words, one server is running more than one web application. In such a scenario, a web application assessment done on such IP/Port combinations may fail and produces partial results. Doing a reverse DNS on the IP and using it as HOST field in HTTP is an option, but may also fail most of the time. So, where does the solution to this problem lie? The solution lies in the WHOIS information database and DNS server. This paper describes how to fetch this information and follow up with the discovery process for web applications. Shreeraj Shah Co-Author: Web Hacking: Attacks and Defense (Addison Wesley, 2002) and published several advisories on security flaws.
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery
Web App Footprints Discovery

Recommended

Cover Your Assets: Why and How to Back Up Your WordPress Site
Cover Your Assets: Why and How to Back Up Your WordPress SiteCover Your Assets: Why and How to Back Up Your WordPress Site
Cover Your Assets: Why and How to Back Up Your WordPress Site
TJList
 
Local hack day
Local hack dayLocal hack day
Local hack day
Kaushal Parikh
 
Worm Technical Advisory
Worm Technical AdvisoryWorm Technical Advisory
Worm Technical Advisory
Aung Khant
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv Owasp
Aung Khant
 
Web Services
Web ServicesWeb Services
Web Services
Aung Khant
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web App
Aung Khant
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec Management
Aung Khant
 
Writing SecureWeb App
Writing SecureWeb AppWriting SecureWeb App
Writing SecureWeb App
Aung Khant
 

Recommended

Cover Your Assets: Why and How to Back Up Your WordPress Site
Cover Your Assets: Why and How to Back Up Your WordPress SiteCover Your Assets: Why and How to Back Up Your WordPress Site
Cover Your Assets: Why and How to Back Up Your WordPress Site
TJList
 
Local hack day
Local hack dayLocal hack day
Local hack day
Kaushal Parikh
 
Worm Technical Advisory
Worm Technical AdvisoryWorm Technical Advisory
Worm Technical Advisory
Aung Khant
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv Owasp
Aung Khant
 
Web Services
Web ServicesWeb Services
Web Services
Aung Khant
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web App
Aung Khant
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec Management
Aung Khant
 
Writing SecureWeb App
Writing SecureWeb AppWriting SecureWeb App
Writing SecureWeb App
Aung Khant
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
 
Web Hacking
Web HackingWeb Hacking
Web Hacking
Information Technology
 
Web Security
Web SecurityWeb Security
Web Security
Chatree Kunjai
 
Document Databases & RavenDB
Document Databases & RavenDBDocument Databases & RavenDB
Document Databases & RavenDB
Brian Ritchie
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
Matthew Turland
 
The Evolving Security Environment For Web Services
The Evolving Security Environment For Web ServicesThe Evolving Security Environment For Web Services
The Evolving Security Environment For Web Services
Qanita Ahmad
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
Frank Victory
 
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
REST in ( a mobile ) peace @ WHYMCA 05-21-2011REST in ( a mobile ) peace @ WHYMCA 05-21-2011
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
Alessandro Nadalin
 
Introduction server Construction
Introduction server ConstructionIntroduction server Construction
Introduction server Construction
Jisu Park
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
SiliconExpert Technologies
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
The Web on Windows
The Web on WindowsThe Web on Windows
The Web on Windows
Josh Lane
 
An Introduction to hapi.js
An Introduction to hapi.jsAn Introduction to hapi.js
An Introduction to hapi.js
Dave Stevens
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
arunv
 
Web server
Web serverWeb server
Web server
Nirav Daraniya
 
5-WebServers.ppt
5-WebServers.ppt5-WebServers.ppt
5-WebServers.ppt
webhostingguy
 
Unerstanding and Using RESTful APIs
Unerstanding and Using RESTful APIsUnerstanding and Using RESTful APIs
Unerstanding and Using RESTful APIs
SocialDevCamp Chicago
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
InMobi Technology
 
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
Pete Morano
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing Techniques
Avinash Thapa
 
Introducing Msd
Introducing MsdIntroducing Msd
Introducing Msd
Aung Khant
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php App
Aung Khant
 

More Related Content

Similar to Web App Footprints Discovery

Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
 
The Evolving Security Environment For Web Services
The Evolving Security Environment For Web ServicesThe Evolving Security Environment For Web Services
The Evolving Security Environment For Web Services
Qanita Ahmad
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
Frank Victory
 

Similar to Web App Footprints Discovery (20)

Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
 
Web Hacking
Web HackingWeb Hacking
Web Hacking
 
Web Security
Web SecurityWeb Security
Web Security
 
Document Databases & RavenDB
Document Databases & RavenDBDocument Databases & RavenDB
Document Databases & RavenDB
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
 
The Evolving Security Environment For Web Services
The Evolving Security Environment For Web ServicesThe Evolving Security Environment For Web Services
The Evolving Security Environment For Web Services
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
 
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
REST in ( a mobile ) peace @ WHYMCA 05-21-2011REST in ( a mobile ) peace @ WHYMCA 05-21-2011
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
 
Introduction server Construction
Introduction server ConstructionIntroduction server Construction
Introduction server Construction
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
The Web on Windows
The Web on WindowsThe Web on Windows
The Web on Windows
 
An Introduction to hapi.js
An Introduction to hapi.jsAn Introduction to hapi.js
An Introduction to hapi.js
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
 
Web server
Web serverWeb server
Web server
 
5-WebServers.ppt
5-WebServers.ppt5-WebServers.ppt
5-WebServers.ppt
 
Unerstanding and Using RESTful APIs
Unerstanding and Using RESTful APIsUnerstanding and Using RESTful APIs
Unerstanding and Using RESTful APIs
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
 
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
Understanding and Using Rest APIs (SocialDevCamp Chicago 2009)
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing Techniques
 

More from Aung Khant

Introducing Msd
Introducing MsdIntroducing Msd
Introducing Msd
Aung Khant
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php App
Aung Khant
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server Ibm
Aung Khant
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design Patterns
Aung Khant
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code Review
Aung Khant
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering Executive
Aung Khant
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith Patterns
Aung Khant
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web Servers
Aung Khant
 
Session Fixation
Session FixationSession Fixation
Session Fixation
Aung Khant
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection Paper
Aung Khant
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security Iissues
Aung Khant
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White Paper
Aung Khant
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1
Aung Khant
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege Escalation
Aung Khant
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security Workshop
Aung Khant
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl Apache
Aung Khant
 
Protecting Web App
Protecting Web AppProtecting Web App
Protecting Web App
Aung Khant
 
Protecting Web Based Applications
Protecting Web Based ApplicationsProtecting Web Based Applications
Protecting Web Based Applications
Aung Khant
 

More from Aung Khant (20)

Introducing Msd
Introducing MsdIntroducing Msd
Introducing Msd
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php App
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server Ibm
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design Patterns
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code Review
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering Executive
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith Patterns
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web Servers
 
Session Fixation
Session FixationSession Fixation
Session Fixation
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection Paper
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security Iissues
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White Paper
 
S Shah Web20
S Shah Web20S Shah Web20
S Shah Web20
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege Escalation
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security Workshop
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl Apache
 
Protecting Web App
Protecting Web AppProtecting Web App
Protecting Web App
 
Protecting Web Based Applications
Protecting Web Based ApplicationsProtecting Web Based Applications
Protecting Web Based Applications
 
Ruby Security
Ruby SecurityRuby Security
Ruby Security
 

Recently uploaded

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 

Recently uploaded (20)

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 

Web App Footprints Discovery

  • 1. Web Application Footprints and Discovery Methodology for Web servers hosting Multiple Web applications Abstract Web application assessment begins with IP address and ports (80/443) – this is very common practice. But there is flaw in this method. What if a web server is running with multiple virtual hosts? In other words, one server is running more than one web application. In such a scenario, a web application assessment done on such IP/Port combinations may fail and produces partial results. Doing a reverse DNS on the IP and using it as HOST field in HTTP is an option, but may also fail most of the time. So, where does the solution to this problem lie? The solution lies in the WHOIS information database and DNS server. This paper describes how to fetch this information and follow up with the discovery process for web applications. Shreeraj Shah Co-Author: Web Hacking: Attacks and Defense (Addison Wesley, 2002) and published several advisories on security flaws.