#
# This script was written by Javier Fernandez-Sanguino
# based on sample code written by Renaud Deraison <[email protected]>
# in the nessus-plugins mailing list
#
# It is distributed under the GPL license, you can find a copy of this license
# in http://www.gnu.org/copyleft/gpl.html
#
# Changes by Tenable:
# - Added several additional fingerprints (10/9/2008)
# - Updated plugin title (12/22/08)
# - Changed plugin family (12/22/08)
# - Added Moodle fingerprints (2/12/09)
# - Added N 4.2 fingerprint (9/08/09)
# - Added big list of fingerprints (6/23/11)
# - Removed dupes, added versions to a few existing hashes (7/28/11)
# - Added big list of fingerprints from OWASP Favicon DB (7/29/11)
# - Added big list of fingerprints from OWASP Favicon DB (8/2/11)
include("compat.inc");
if (description) {
script_id(20108);
script_version("1.44");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12");
script_name(english:"Web Server / Application favicon.ico Vendor Fingerprinting");
script_summary(english:"Attempt to fingerprint web server with favicon.ico");
script_set_attribute(attribute:"synopsis", value:
"The remote web server contains a graphic image that is prone to
information disclosure.");
script_set_attribute(attribute:"description", value:
"The 'favicon.ico' file found on the remote web server belongs to a
popular web server. This may be used to fingerprint the web server.");
script_set_attribute(attribute:"solution", value:"Remove the 'favicon.ico' file or create a custom one for your site.");
script_set_attribute(attribute:"risk_factor", value:"None");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/28");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"asset_inventory", value:"True");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Web Servers");
script_dependencie("http_version.nasl");
script_require_ports("Services/www", 80);
exit(0);
}
# Script code starts here
# Requirements
include("global_settings.inc");
include("http_func.inc");
include("http_keepalive.inc");
port = get_http_port(default:80, embedded:TRUE);
if(!get_port_state(port))exit(0);
# Make the request
req = http_get(item:"/favicon.ico", port:port);
res = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE);
if ( res == NULL ) exit(0);
md5 = hexstr(MD5(res));
# Known favicons list:
#
# Site specific: Google Web Server and Tenable, should not be seen
# outside Google/Tenable, and servers as a way to test the script
server["4987120f4fb1dc454f889e8c92f6dabe"] = "Google Web Server";
#server["e298e00b2ff6340343ddf2fc6212010b"] = "Tenable Network Security"; Nessus 4.x uses the same icon
# jericho@attrition contributed to Nikto and Nessus
server["71e30c507ca3fa005e2d1322a5aa8fb2"] = "Apache on Redhat";
server["a28ebcac852795fe30d8e99a23d377c1"] = "SunOne 6.1";
server["41e2c893098b3ed9fc14b821a2e14e73"] = "Netscape 6.0 (AOL)";
server["b25dbe60830705d98ba3aaf0568c456a"] = "Netscape iPlanet 6.0";
server["226ffc5e483b85ec261654fe255e60be"] = "Netscape 4.1";
server["f1876a80546b3986dbb79bad727b0374"] = "NetScreen WebUI"; # one report says 3com router, cannot confirm
server["73778a17b0d22ffbb7d6c445a7947b92"] = "Apache on Mac OS X";
# bmartin@tenable additions, 10/08
server["799f70b71314a7508326d1d2f68f7519"] = "JBoss Server";
server["4644f2d45601037b8423d45e13194c93"] = "Apache Tomcat or Alfresco Community";
server["31aa07fe236ee504c890a61d1f7f0a97"] = "Apache 2.2.4 / 2.2.9 (docs/manual/images/favicon.ico)";
server["bd0f7466d35e8ba6cedd9c27110c5c41"] = "Serena Collage 4.6 (servlet/images/collage_app.ico)";
server["7cc1a052c86cc3d487957f7092a6d8c3"] = "Horde IMP 3.1.4 / 3.2.1 (also used in Horde Groupware Webmail 1.0.1)";
server["f567fd4927f9693a7a2d6cacf21b51b6"] = "Horde IMP 4.1.4 (also used in Horde Groupware Webmail 1.0.1)";
server["81df3601d6dc13cbc6bd8212ef50dd29"] = "Horde Groupware Webmail 1.0.1 (Nag Theme 2.1.4)";
server["919e132a62ea07fce13881470ba70293"] = "Horde Groupware Webmail 1.0.1 (Ingo Theme)";
server["f5f2df7eec0d1c3c10b58960f3f8fb26"] = "Horde Groupware Webmail 1.0.1 (Mnemo Theme)";
server["ff260e80f5f9ca4b779fbd34087f13cf"] = "Horde Groupware Webmail 1.0.1 (Turba Theme)";
server["a5b126cdeaa3081f77a22b3e43730942"] = "Horde Groupware Webmail 1.0.1 (Kronolith Theme)";
server["dc0816f371699823e1e03e0078622d75"] = "Aruba Network Devices (HTTP(S) login page)";
server["f097f0adf2b9e95a972d21e5e5ab746d"] = "Citrix Access Server";
server["28893699241094742c3c2d4196cd1acb"] = "Xerox DocuShare";
server["80656aabfafe0f3559f71bb0524c4bb3"] = "Macromedia Breeze";
server["f6e9339e652b8655d4e26f3e947cf212"] = "eGroupWare 1.0.0.009 (/phpgwapi/templates/idots/images/favicon.ico)";
server["48c02490ba335a159b99343b00decd87"] = "Octeth Technologies oemPro 3.5.5.1";
# bmartin@tenable additions, 2/09
server["933a83c6e9e47bd1e38424f3789d121d"] = "Moodle 1.9.x (multiple default themes)";
server["b6652d5d71f6f04a88a8443a8821510f"] = "Moodle 1.9.x (Cornflower Theme, /theme/cornflower/favicon.ico)";
# bmartin@tenable addition, 6/09
server["eb6d4ce00ec36af7d439ebd4e5a395d7"] = "Mailman";
# bmartin@tenable addition, 9/09
server["e298e00b2ff6340343ddf2fc6212010b"] = "Nessus 4.x Web Client";
# bmartin@tenable addition, 10/09
server["31aa07fe236ee504c890a61d1f7f0a97"] = "Apache Software Foundation Project";
server["04d89d5b7a290334f5ce37c7e8b6a349"] = "Atlassian Jira Bug Tracker";
server["ebe293e1746858d2548bca99c43e4969"] = "Mantis Bug Tracker, /bugs/images/favicon.ico)";
# pdavis@tenable addition, 10/09
server["d80e364c0d3138c7ecd75bf9896f2cad"] = "Alfresco Enterprise Content Management System"; # maybe Tomcat 6.0.18, although not from the source tarball.
server["a6b55b93bc01a6df076483b69039ba9c"] = "Fog Creek Fogbugz 6.1.44";
# theall@tenable addition, 04/11
server["ee4a637a1257b2430649d6750cda6eba"] = "Trimble Device Embedded Web Server";
# bmartin@tenable addition, 2/13
server["89167393768668c72fab6a9f025b5da6"] = "Schneider Electric ClearSCADA Web Server";
server["4813afc45650a5cecd9d76b10d2e6243"] = "eBag 3.0.2";
# contribution by Chris Sullo / Nikto, 6/11
server["9ceae7a3c88fc451d59e24d8d5f6f166"] = "Plesk managed system";
server["69ae01d0c74570d4d221e6c24a06d73b"] = "Roku Soundbridge";
server["2e9545474ee33884b5fb8a9a0b8806dd"] = "Ampache";
#server["d80e364c0d3138c7ecd75bf9896f2cad"] = "Alfresco Enterprise Content Management System"; Had as Tomcat 6.0.18
server["639b61409215d770a99667b446c80ea1"] = "Lotus Domino Server";
server["be6fb62815509bd707e69ee8dad874a1"] = "i.LON server by Echelon";
server["a46bc7fc42979e9b343335bdd86d1c3e"] = "NetScout NGenius";
server["192decdad41179599a776494efc3e720"] = "JBoss Installation";
server["de2b6edbf7930f5dd0ffe0528b2bbcf4"] = "Barracuda Spam/Virus firewall appliance";
server["386211e5c0b7d92efabd41390e0fc250"] = "SparkWeb web-based collaboration client. http://www.igniterealtime.org/";
server["f89abd3f358cb964d6b753a5a9da49cf"] = "LimeSurvey";
server["a7947b1675701f2247921cf4c2b99a78"] = "Alexander Palmo Simple PHP Blog";
server["01febf7c2bd75cd15dae3aa093d80552"] = "Atlassian Crucible or Fisheye";
server["1275afc920a53a9679d2d0e8a5c74054"] = "Atlassian Crowd";
server["12888a39a499eb041ca42bf456aca285"] = "Atlassian Confluence or Crowd";
server["3341c6d3c67ccdaeb7289180c741a965"] = "Atlassian Confluence or Crowd";
server["6c1452e18a09070c0b3ed85ce7cb3917"] = "Atlassian Jira";
server["43ba066789e749f9ef591dc086f3cd14"] = "Atlassian Bamboo";
server["a83dfece1c0e9e3469588f418e1e4942"] = "Atlassian Bamboo";
server["e6a9dc66179d8c9f34288b16a02f987e"] = "Drupal 5.1.0";
server["f0ee98b4394dfdab17c16245dd799204"] = "Drupal";
server["7b0d4bc0ca1659d54469e5013a08d240"] = "Netgear (Infrant) ReadyNAS NV+";
server["39308a30527336e59d1d166d48c7742c"] = "Hewlett-Packard HPLIP 2.8.7 (doc)";
server["cee40c0b35bded5e11545be22a40e363"] = "OSSDL.de Openmailadmin";
server["4f88ba9f1298701251180e6b6467d43e"] = "Xinit Systems Ltd. Openfiler";
server["4c3373870496151fd02a6f1185b0bb68"] = "rPath Appliance Agent";
server["b231ad66a2a9b0eb06f72c4c88973039"] = "Wordpress";
server["e1e8bdc3ce87340ab6ebe467519cf245"] = "Wordpress";
server["95103d0eabcd541527a86f23b636e794"] = "Wordpress Multi-User (MU)";
server["64ca706a50715e421b6c2fa0b32ed7ec"] = "Parallels Plesk Control Panel";
server["f425342764f8c356479d05daa7013c2f"] = "vBulletin";
server["c1201c47c81081c7f0930503cae7f71a"] = "vBulletin";
server["740af61c776a3cb98da3715bdf9d3fc1"] = "vBulletin";
server["d7ac014e83b5c4a2dea76c50eaeda662"] = "vBulletin";
server["31c16dd034e6985b4ba929e251200580"] = "Stephen Turner Analog 6.0";
server["a47951fb41640e7a2f5862c296e6f218"] = "Plone";
server["10bd6ad7b318df92d9e9bd03104d9b80"] = "Plone";
server["4eb846f1286ab4e7a399c851d7d84cca"] = "Plone 3.1.1";
server["e08333841cbe40d15b18f49045f26614"] = "21publish Blog";
server["e2cac3fad9fa3388f639546f3ba09bc0"] = "Invision Power Services IP.Board";
server["5ec8d0ecf7b505bb04ab3ac81535e062"] = "Telligent Community Server";
server["83a1fd57a1e1684fafd6d2487290fdf5"] = "Pligg";
server["b7f98dd27febe36b7275f22ad73c5e84"] = "MoinMoin";
server["e551b7017a9bd490fc5b76e833d689bf"] = "MoinMoin 1.7.1";
server["63b982eddd64d44233baa25066db6bc1"] = "Joomla!";
server["05bc6d56d8df6d668cf7e9e11319f4e6"] = "Jive Forums";
server["63740175dae089e479a70c5e6591946c"] = "The Lyceum Project";
server["4cbb2cfc30a089b29cd06179f9cc82ff"] = "Dragonfly";
server["9187f6607b402df8bbc2aeb69a07bbca"] = "XOOPS";
server["389a8816c5b87685de7d8d5fec96c85b"] = "XOOPS";
server["a1c686eb6e771878cf6040574a175933"] = "CivicPlus";
server["4d7fe200d85000aea4d193a10e550d04"] = "Intland Software codeBeamer";
server["3995c585b76bd5aa67cb6385431d378a"] = "Horde Project 0.1+cvs20080316 - silver";
server["1a9a1ec2b8817a2f951c9f1793c9bc54"] = "Bitweaver";
server["1cc16c64d0e471607677b036b3f06b6e"] = "Roller Weblogger Project";
server["7563f8c3ebd4fd4925f61df7d5ed8129"] = "Holger Zimmerman Pi3Web HTTP Server";
server["7f0f918a78ca8d4d5ff21ea84f2bac68"] = "SubText";
server["86e3bf076a018a23c12354e512af3b9c"] = "Spyce";
server["c0533ae5d0ed638ba3fb3485d8250a28"] = "CakePHP 1.1.x";
server["9c003f40e63df95a2b844c6b61448310"] = "DD-WRT Embedded Web Server";
server["9a9ee243bc8d08dac4448a5177882ea9"] = "Dvbbs Forum";
server["ee1169dee71a0a53c91f5065295004b7"] = "ProjectPier";
server["7214637a176079a335d7ac529011f4e4"] = "phpress";
server["1bf954ba2d568ec9771d35c94a6eb2dc"] = "WoltLab Burning Board";
server["ff3b533b061cee7cfbca693cc362c34a"] = "Kayako SupportSuite";
server["428b23df874b41d904bbae29057bdba5"] = "Comsenz Technology Ltd ECShop";
server["8757fcbdbd83b0808955f6735078a287"] = "Comsenz Technology Ltd Discuz!";
server["9fac8b45400f794e0799d0d5458c092b"] = "Comsenz Technology Ltd Discuz!";
server["4e370f295b96eef85449c357aad90328"] = "Comsenz Technology Ltd SupeSite";
server["4cfbb29d0d83685ba99323bc0d4d3513"] = "PHPWind Forums 7";
server["de68f0ad7b37001b8241bce3887593c7"] = "b2evolution 2.4.2";
# Contributions from the OWASP favicon database: https://www.owasp.org/index.php/OWASP_favicon_database
server["6399cc480d494bf1fcd7d16c42b1c11b"] = "penguin";
server["506190fc55ceaa132f1bc305ed8472ca"] = "SocialText";
server["2cc15cfae55e2bb2d85b57e5b5bc3371"] = "PHPwiki 1.3.14 / gforge 4.6.99+svn6496";
server["5b0e3b33aa166c88cee57f83de1d4e55"] = "DotNetNuke (http://www.dotnetnuke.com/)";
server["7dbe9acc2ab6e64d59fa67637b1239df"] = "Lotus-Domino";
server["fa54dbf2f61bd2e0188e47f5f578f736"] = "WordPress";
server["6cec5a9c106d45e458fc680f70df91b0"] = "Wordpress"; # OWASP notes "obsolete version"
server["81ed5fa6453cf406d1d82233ba355b9a"] = "E-zekiel";
server["edaaef7bbd3072a3a0c3fb3b29900bcb"] = "Powered by Reynolds Web Solutions (Car sales CMS)";
server["d99217782f41e71bcaa8e663e6302473"] = "Apache on Red Hat/Fedora";
server["a8fe5b8ae2c445a33ac41b33ccc9a120"] = "Arris Touchstone Device";
server["d16a0da12074dae41980a6918d33f031"] = "ST 605";
server["befcded36aec1e59ea624582fcb3225c"] = "SpeedTouch";
server["e4a509e78afca846cd0e6c0672797de5"] = "i3micro VRG";
server["fa2b274fab800af436ee688e97da4ac4"] = "Etherpad";
server["83245b21512cc0a0e7a67c72c3a3f501"] = "OpenXPKI";
server["85138f44d577b03dfc738d3f27e04992"] = "Gitweb";
server["70625a6e60529a85cc51ad7da2d5580d"] = "SSLstrip";
server["99306a52c76e19e3c298a46616c5899c"] = "aMule 2.2.2";
server["2d4cca83cf14d1adae178ad013bdf65b"] = "Ant docs manual 1.7.1";
server["032ecc47c22a91e7f3f1d28a45d7f7bc"] = "Ant docs 1.7.1 / libjakarta-poi-java 3.0.2";
server["c0c4e7c0ac4da24ab8fc842d7f96723c"] = "xsp 1.9.1";
server["d6923071afcee9cebcebc785da40b226"] = "autopsy 2.08";
server["7513f4cf4802f546518f26ab5cfa1cad"] = "axyl 2.6.0";
server["140e3eb3e173bfb8d15778a578a213aa"] = "bmpx 0.40.14";
server["4f12cccd3c42a4a478f067337fe92794"] = "cacti 0.8.7b";
server["66b3119d379aee26ba668fef49188dd3"] = "CakePHP 1.2.x-1.3x";
server["09f5ea65a2d31da8976b9b9fd2bf853c"] = "caudium 1.4.12";
server["f276b19aabcb4ae8cda4d22625c6735f"] = "cgiirc 0.5.9";
server["a18421fbf34123c03fb8b3082e9d33c8"] = "chora2 2.0.2";
server["23426658f03969934b758b7eb9e8f602"] = "chronicle 2.9 theme-steve";
server["75069c2c6701b2be250c05ec494b1b31"] = "chronicle 2.9 theme-blog";
server["27c3b07523efd6c318a201cac58008ba"] = "cimg 1.2.0.1";
server["ae59960e866e2730e99799ac034eacf7"] = "webcit 7.37";
server["2ab2aae806e8393b70970b2eaace82e0"] = "couchdb 0.8.0-0.9.1";
server["ddd76f1cfe31499ce3db6702991cbc45"] = "cream 0.41";
server["74120b5bbc7be340887466ff6cfe66c6"] = "cups 1.3.9";
server["abeea75cf3c1bac42bbd0e96803c72b9"] = "doc-iana-20080601";
server["3ef81fad2a3deaeb19f02c9cf67ed8eb"] = "dokuwiki 0.0.20080505";
server["bba9f1c29f100d265865626541b20a50"] = "dtc 0.28.10";
server["171429057ae2d6ad68e2cd6dcfd4adc1"] = "ebug-http 0.31";
server["093551287f13e0ee3805fee23c6f0e12"] = "freevo 1.8.1";
server["56753c5386a70edba6190d49252f00bb"] = "gallery 1.5.8";
server["54b299f2f1c8b56c8c495f2ded6e3e0b"] = "garlic-doc 1.6";
server["857281e82ea34abbb79b9b9c752e33d2"] = "gforge 4.6.99+svn6496 - webcalendar";
server["27a097ec0dbffb7db436384635d50415"] = "gforge 4.6.99+svn6496 - images";
server["0e14c2f52b93613b5d1527802523b23f"] = "gforge 4.6.99+svn6496";
server["c9339a2ecde0980f40ba22c2d237b94b"] = "glpi 0.70.2";
server["db1e3fe4a9ba1be201e913f9a401d794"] = "gollem 1.0.3";
server["921042508f011ae477d5d91b2a90d03f"] = "gonzui 1.2+cvs20070129";
server["ecab73f909ddd28e482ababe810447c8"] = "gosa 2.5.16.1";
server["c16b0a5c9eb3bfd831349739d89704ec"] = "gramps 3.0.1";
server["63d5627fc659adfdd5b902ecafe9100f"] = "gsoap 2.7.9l";
server["462794b1165c44409861fcad7e185631"] = "hercules 3.05";
server["ee3d6a9227e27a5bc72db3184dab8303"] = "horde-sam 0.1+cvs20080316 - graphics";
server["5e99522b02f6ecadbb3665202357d775"] = "hplip 2.8.7 - installer";
server["43d4aa56dc796067b442c95976a864fd"] = "hunchentoot 0.15.7";
server["32bf63ac2d3cfe82425ce8836c9ce87c"] = "ikiwiki 2.56ubuntu1";
server["ed7d5c39c69262f4ba95418d4f909b10"] = "jetty 5.1.14";
server["6900fab05a50a99d284405f46e5bc7f6"] = "k3d 0.6.7.0";
server["24d1e355c00e79dc13b84d5455534fe7"] = "kdelibs 3.5.10-4.1.4";
server["8ab2f1a55bcb0cac227828afd5927d39"] = "kdenetwork 4.1.4";
server["54667bea91124121e98da49e55244935"] = "kolab-webadmin 2.1.0-20070510";
server["d00d85c8fb3a11170c1280c454398d51"] = "ktorrent 3.1.2";
server["fa21ab1b1e1b4c9516afbd63e91275a9"] = "lastfmproxy 1.3b";
server["663ee93a41000b8959d6145f0603f599"] = "ldap-account-manager 2.3.0";
server["ea84a69cb146a947fac2ac7af3946297"] = "boost 1.34.1";
server["eb3e307f44581916d9f1197df2fc9de3"] = "flac 1.2.1";
server["669bc10baf11b43391294aac3e1b8c52"] = "libitpp 4.0.4";
server["b8fe2ec1fcc0477c0d0f00084d824071"] = "lucene 2.3.2";
server["12225e325909cee70c31f5a7ab2ee194"] = "ramaze-ruby 0.3.9.1";
server["6be5ebd07e37d0b415ec83396a077312"] = "ramaze-ruby 0.3.9.1 - dispatcher";
server["20e208bb83f3eeed7c1aa8a6d9d3229d"] = "libswarmcache-java 1.0RC2+cvs20071027";
server["5f8b52715c08dfc7826dad181c71dec8"] = "mahara 1.0.4";
server["0d42576d625920bcd121261fc5a6230b"] = "mathomatic 14.0.6";
server["f972c37bf444fb1925a2c97812e2c1eb"] = "mediatomb 0.11.0";
server["06b60d90ccfb79c2574c7fdc3ac23f05"] = "movabletype-opensource 4.2~rc4";
server["21d80d9730a56b26dc9d252ffabb2987"] = "mythplugins 0.21.0+fixes18722";
server["1c4201c7da53d6c7e48251d3a9680449"] = "nagios 3.0.2";
server["28015fcdf84ca0d7d382394a82396927"] = "nanoblogger 3.3";
server["868e7b460bba6fe29a37aa0ceff851ba"] = "netmrg 0.20";
server["0b2481ebc335a2d70fcf0cba0b3ce0fc"] = "ntop 3.3";
server["c30bf7e6d4afe1f02969e0f523d7a251"] = "nulog 2.0";
server["9a8035769d7a129b19feb275a33dc5b4"] = "ocsinventory-server 1.01";
server["75aeda7adbd012fa93c4ae80336b4f45"] = "parrot 0.4.13";
server["70777a39f5d1de6d3873ffb309df35dd"] = "pathological 1.1.3";
server["82d746eb54b78b5449fbd583fc046ab2"] = "perl-doc-html 5.10.0";
server["90c244c893a963e3bb193d6043a347bd"] = "phpgroupware 0.9.16.012";
server["4b30eec86e9910e663b5a9209e9593b6"] = "phpldapadmin 1.1.0.5";
server["02dd7453848213a7b5277556bcc46307"] = "phpmyadmin 2.11.8.1 - pmd";
server["d037ef2f629a22ddadcf438e6be7a325"] = "phpmyadmin 2.11.8.1";
server["8190ead2eb45952151ab5065d0e56381"] = "pootle 1.1.0";
server["ba84999dfc070065f37a082ab0e36017"] = "prewikka 0.9.14";
server["0f45c2c79ebe90d6491ddb111e810a56"] = "python-cherrypy 2.3.0-3.0.2";
server["275e2e37fc7be50c1f03661ef8b6ce4f"] = "myghty 1.1";
server["5488c1c8bf5a2264b8d4c8541e2d5ccd"] = "turbogears 1.0.4.4 - genshi/elixir";
server["6927da350550f29bc641138825dff36f"] = "python-werkzeug 0.3.1 - docs";
server["e3f28aab904e9edfd015f64dc93d487d"] = "python-werkzeug 0.3.1 - cupoftee-examples";
server["69f8a727f01a7e9b90a258bc30aaae6a"] = "quantlib-refman-html 0.9.0";
server["b01625f4aa4cd64a180e46ef78f34877"] = "quickplot 0.8.13";
server["af83bba99d82ea47ca9dafc8341ec110"] = "qwik 0.8.4.4ubuntu2";
server["e9469705a8ac323e403d74c11425a62b"] = "roundcube 0.1.1";
server["7f57bbd0956976e797b4e8eebdc6d733"] = "selfhtml 8.1.1";
server["69acfcb2659952bc37c54108d52fca70"] = "solr 1.2.0 - docs";
server["ffc05799dee87a4f8901c458f7291d73"] = "solr 1.2.0 - admin";
server["aa2253a32823c8a5cba8d479fecedd3a"] = "sork-forwards-h3 3.0.1";
server["a2e38a3b0cdf875cd79017dcaf4f2b55"] = "sork-passwd-h3 3.0";
server["cb740847c45ea3fbbd80308b9aa4530a"] = "sork-vacation-h3 3.0.1";
server["7c7b66d305e9377fa1fce9f9a74464d9"] = "spe 0.8.4.h";
server["0e2503a23068aac350f16143d30a1273"] = "sql-ledger 2.8.15";
server["1fd3fafc1d461a3d19e91dbbba03d0aa"] = "tea 17.6.1";
server["1de863a5023e7e73f050a496e6b104ab"] = "torrentflux 2.4";
server["83dea3d5d8c6feddec84884522b61850"] = "torrentflux 2.4 - G4E Theme";
server["d1bc9681dce4ad805c17bd1f0f5cee97"] = "torrentflux 2.4 - BlueFlux Theme";
server["8d13927efb22bbe7237fa64e858bb523"] = "transmission 1.34";
server["5b015106854dc7be448c14b64867dfa5"] = "tulip 3.0.0~B6";
server["e7fc436d0bf31500ced7a7143067c337"] = "twiki 4.1.2 - logos/favicon.ico";
server["9789c9ab400ea0b9ca8fcbd9952133bd"] = "twiki 4.1.2 - webpreferences";
server["2b52c1344164d29dd8fb758db16aadb6"] = "vdr-plugin-live 0.2.0";
server["237f837bbc33cd98a9f47b20b284e2ad"] = "vdradmin-am 3.6.1";
server["6f7e92fe7e6a62661ac2b41528a78fc6"] = "vlc 0.9.4";
server["2507c0b0a60ecdc816ba45482affaedf"] = "webcheck 1.10.2.0";
server["ef5169b040925a716359d131afbea033"] = "websvn 2.0";
server["f6d0a100b6dbeb5899f0975a1203fd85"] = "witty 2.1.5";
server["81feac35654318fb16d1a567b8b941e7"] = "yaws 1.77";
server["297d726681297cbf839f43a125e5c9b4"] = "znc with 'forest' skin";
server["33b04fb9f2ec918f5f14b41527e77f6d"] = "znc with default or 'ice' skin";
server["6434232d43f27ef5462ba5ba345e03df"] = "znc - webadmin/skins/default";
server["d577e9569381685b30feae22484c8344"] = "znc with 'dark-clouds' skin";
server["e07c0775523271d629035dc8921dffc7"] = "zoneminder 1.23.3";
server["240c36cd118aa1ff59986066f21015d4"] = "LANCOM Systems";
server["ceb25c12c147093dc93ac8b2c18bebff"] = "COMpact 5020 VoIP";
server["05656826682ab3147092991ef5de9ef3"] = "RapidShare";
server["e19ffb2bc890f5bdca20f10bfddb288d"] = "Rapid7 NeXpose";
# D-Link DGS-1210-48 switch, probably other
server["5c3a33bf6e9930a769565d182d999bf1"] = "D-Link";
# bmartin@tenable addition, 10/13
server["759792edd4ef8e6bc2d1877d27153cb1"] = "HttpFileServer 2.2f";
# Recent Contributions from the OWASP favicon database: https://www.owasp.org/index.php/OWASP_favicon_database 12/19/2013
server["73778a17b0d22ffbb7d6c445a7947b92"] = "Apache on Mac OS X";
server["799f70b71314a7508326d1d2f68f7519"] = "JBoss Server";
server["bd0f7466d35e8ba6cedd9c27110c5c41"] = "Serena Collage (4.6, servlet/images/collage_app.ico)";
server["dc0816f371699823e1e03e0078622d75"] = "Aruba Network Devices (HTTP(S) login page)";
server["f097f0adf2b9e95a972d21e5e5ab746d"] = "Citrix Access Server";
server["28893699241094742c3c2d4196cd1acb"] = "Xerox DocuShare";
server["80656aabfafe0f3559f71bb0524c4bb3"] = "Macromedia Breeze";
server["48c02490ba335a159b99343b00decd87"] = "Octeth Technologies oemPro (3.5.5.1)";
server["eb6d4ce00ec36af7d439ebd4e5a395d7"] = "Mailman";
server["04d89d5b7a290334f5ce37c7e8b6a349"] = "Atlassian Jira Bug Tracker";
server["d80e364c0d3138c7ecd75bf9896f2cad"] = "Apache Tomcat (6.0.18), Alfresco Enterprise Content Management System";
server["a6b55b93bc01a6df076483b69039ba9c"] = "Fog Creek Fogbugz (6.1.44)";
server["ee4a637a1257b2430649d6750cda6eba"] = "Trimble Device Embedded Web Server";
server["9ceae7a3c88fc451d59e24d8d5f6f166"] = "Plesk managed system";
server["69ae01d0c74570d4d221e6c24a06d73b"] = "Roku Soundbridge";
server["2e9545474ee33884b5fb8a9a0b8806dd"] = "Ampache";
server["639b61409215d770a99667b446c80ea1"] = "Lotus Domino Server";
server["be6fb62815509bd707e69ee8dad874a1"] = "i.LON server by Echelon";
server["a46bc7fc42979e9b343335bdd86d1c3e"] = "NetScout NGenius";
server["192decdad41179599a776494efc3e720"] = "JBoss Installation";
server["de2b6edbf7930f5dd0ffe0528b2bbcf4"] = "Barracuda Spam/Virus firewall appliance";
server["386211e5c0b7d92efabd41390e0fc250"] = "SparkWeb web-based collaboration client. http://www.igniterealtime.org/";
server["f89abd3f358cb964d6b753a5a9da49cf"] = "LimeSurvey";
server["4c3373870496151fd02a6f1185b0bb68"] = "rPath Appliance Agent";
server["b231ad66a2a9b0eb06f72c4c88973039"] = "Wordpress";
server["e1e8bdc3ce87340ab6ebe467519cf245"] = "Wordpress";
server["95103d0eabcd541527a86f23b636e794"] = "Wordpress Multi-User (MU)";
server["64ca706a50715e421b6c2fa0b32ed7ec"] = "Parallels Plesk Control Panel";
server["f425342764f8c356479d05daa7013c2f"] = "vBulletin Forum";
server["740af61c776a3cb98da3715bdf9d3fc1"] = "vBulletin Forum";
server["d7ac014e83b5c4a2dea76c50eaeda662"] = "vBulletin Forum";
server["a47951fb41640e7a2f5862c296e6f218"] = "Plone CMS";
server["10bd6ad7b318df92d9e9bd03104d9b80"] = "Plone CMS";
server["e08333841cbe40d15b18f49045f26614"] = "21publish Blog";
server["e2cac3fad9fa3388f639546f3ba09bc0"] = "Invision Power Services IP.Board";
server["5ec8d0ecf7b505bb04ab3ac81535e062"] = "Telligent Community Server";
server["83a1fd57a1e1684fafd6d2487290fdf5"] = "Pligg";
server["b7f98dd27febe36b7275f22ad73c5e84"] = "MoinMoin";
server["63b982eddd64d44233baa25066db6bc1"] = "Joomla!";
server["05bc6d56d8df6d668cf7e9e11319f4e6"] = "Jive Forums";
server["63740175dae089e479a70c5e6591946c"] = "The Lyceum Project";
server["4cbb2cfc30a089b29cd06179f9cc82ff"] = "Dragonfly";
server["9187f6607b402df8bbc2aeb69a07bbca"] = "XOOPS";
server["389a8816c5b87685de7d8d5fec96c85b"] = "XOOPS";
server["a1c686eb6e771878cf6040574a175933"] = "CivicPlus";
server["4d7fe200d85000aea4d193a10e550d04"] = "Intland Software codeBeamer";
server["1a9a1ec2b8817a2f951c9f1793c9bc54"] = "Bitweaver";
server["1cc16c64d0e471607677b036b3f06b6e"] = "Roller Weblogger Project";
server["7563f8c3ebd4fd4925f61df7d5ed8129"] = "Holger Zimmerman Pi3Web HTTP Server";
server["7f0f918a78ca8d4d5ff21ea84f2bac68"] = "SubText";
server["86e3bf076a018a23c12354e512af3b9c"] = "Spyce";
server["9c003f40e63df95a2b844c6b61448310"] = "DD-WRT Embedded Web Server";
server["9a9ee243bc8d08dac4448a5177882ea9"] = "Dvbbs Forum";
server["ee1169dee71a0a53c91f5065295004b7"] = "ProjectPier";
server["7214637a176079a335d7ac529011f4e4"] = "phpress";
server["1bf954ba2d568ec9771d35c94a6eb2dc"] = "WoltLab Burning Board";
server["ff3b533b061cee7cfbca693cc362c34a"] = "Kayako SupportSuite";
server["428b23df874b41d904bbae29057bdba5"] = "Comsenz Technology Ltd ECShop";
server["8757fcbdbd83b0808955f6735078a287"] = "Comsenz Technology Ltd Discuz!";
server["9fac8b45400f794e0799d0d5458c092b"] = "Comsenz Technology Ltd Discuz!";
server["4e370f295b96eef85449c357aad90328"] = "Comsenz Technology Ltd SupeSite";
server["4cfbb29d0d83685ba99323bc0d4d3513"] = "PHPWind Forums 7";
server["2df6edffca360b7a0fadc3bdf2191857"] = "PIPS Technology ATZ Executive / Automatic Licence Plate Recognition (ALPR) System";
server["8c291e32e7c7c65124d19eb17bceca87"] = "Schneider Electric Modicon 340 / BMX P34 CPU B";
server["6dcab71e60f0242907940f0fcda69ea5"] = "Ubiquiti Ubiquiti M Series / AirOS";
server["09a1e50dc3369e031b97f38abddd10c8"] = "Ubiquiti Ubiquiti M Series / AirOS";
server["7b345857204926b62951670cd17a08b7"] = "AXESS TMC X1 or X2 Terminal";
# Check the hash against what we know about.
if (server[md5])
{
info = '\n MD5 fingerprint : ' + md5 +
'\n Web server : ' + server[md5] +
'\n';
if (report_verbosity > 0) security_note(port:port, extra:info);
else security_note(port);
exit(0);
}
else exit(0, "Nothing is known about the favicon.ico file with checksum "+md5+".");
# This is a sample script to obtain the list of favicon files from a Webscarab
# directory. Can be useful to add new favicon after a pen-test:
#
##!/bin/sh
#
#pwd=`pwd`
#find . -name "*response*" |
#while read file ; do
# if grep -q "^Content-type: image/x-icon" $pwd/$file; then
# # It's an ico file
#
# server=`grep --binary-files=text "^Server" $pwd/$file`
# size=`stat -c %B $pwd/$file`
# if [ ! -n "$server" ]
# then
# server=`echo $server | sed -e 's/Server: //'`
# else
# server="unknown"
# fi
# echo "$server,$file,$size"
# fi
#done
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation