Use Whatweb to get web fingerprint information

How long have I been lonely or not?
I feel that the world is stealing and laughing.

So what do you write today? Just share a very old security tool - whatweb, I believe many friends should know, used to scan the web fingerprint. I will use it for you, because the project needs it, you can actually use it, because I have written a lot of plug-ins for scanning fingerprints. This is just a record selection. But since it is used, it is natural to call it. Ok, let me introduce how to install, and then how to use it. The focus of this article is on environment installation, and how to compare elegant with whatweb in python code.

Installation upgrade ruby

First delete the original ruby:

1
yum remove ruby ruby-devel

1
2
3
4
5
wget http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz
tar xvfvz ruby-2.1.2.tar.gz
./configure
make
sudo make install
1
PATH=$PATH:/usr/local/bin/

Don’t forget to take effect:

1
source ~/.bash_profile

Reference: http://ask.xmodulo.com/upgrade-ruby-centos.html

Upgrade plan two

Install rvm first, this is ruby’s package manager:

1
2
$ curl -L get.rvm.io | bash -s stable
$ source ~/.bash_profile

Test whether the installation is successful:

1
2
```
```bash

Installing whatweb

Speaking of this is very simple, go directly to the project under the github clone:

1
git clone https://github.com/urbanadventurer/WhatWeb.git

There are already compiled executable files in the project, whatweb, only need to add an environment variable:

1
PATH=$PATH:/root/WhatWeb-master/

Using whatweb

For detailed and detailed usage, please refer to [github] (https://github.com/urbanadventurer/WhatWeb). I will only introduce how to use whatweb in python.

Not much nonsense, directly on the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#! -*- coding:utf-8 -*-
import commands
import re
# regular expression
p_httpserver=re.compile(r"HTTPServer\x1b\[0m\[\x1b\[1m\x1b\[36m([^,]+?)\x1b\[0m\]")
p_title=re.compile(r"Title\x1b\[0m\[\x1b\[1m\x1b\[33m(.+?)\x1b\[0m\]")
p_ip=re.compile(r"IP\x1b\[0m\[\x1b\[37m([^,]+?)\x1b\[0m\]")
p_country=re.compile(r"Country\x1b\[0m\[\x1b\[37m([^,]+?)\x1b\[0m\]")
p_cookies=re.compile(r"Cookies\x1b\[0m\[\x1b\[37m([^,]+?)\x1b\[0m\]")
p_x_powered_by=re.compile(r"X-Powered-By\x1b\[0m\[\x1b\[37m([^,]+?)\x1b\[0m\]")
def re_grep(p,content):
L=p.findall(content)
if len(L)>0:
return L[0]
else:
return ""
def whatweb(url):
# whatwebscan
result=""
httpserver=""
title=""
ip=""
cookies=""
country=""
power_by=""
try:
status,result=commands.getstatusoutput('whatweb '+url)
# print status,result
except IndexError,e:
print is
else:
httpserver=re_grep(p_httpserver,result)
title=re_grep(p_title,result)
ip=re_grep(p_ip,result)
country=re_grep(p_country,result)
cookies=re_grep(p_cookies,result)
power_by=re_grep(p_x_powered_by,result)
return httpserver,title,cookies,country,power_by
if __name__=="__main__":
result=whatweb("thief.one")
for i in result:
print i

Description: Explain the code, mainly a regular expression, because running whatweb will print the results directly, of course, there are other commands that can output the results to text, etc., but if you want to automate the scan, you need to get the content of whatweb in real time. The way to generate the file is obviously not good, so I used the commands library, let python execute the system command and get the return result, then a few regular matches on the result.

The language of the end: another water, ah!

本文标题:Use Whatweb to get web fingerprint information

文章作者:nmask

发布时间:2018年01月11日 - 19:01

最后更新:2019年07月11日 - 16:07

原始链接:https://thief.one/2018/01/11/1/en/

许可协议: 署名-非商业性使用-禁止演绎 4.0 国际 转载请保留原文链接及作者。

nmask wechat
欢迎您扫一扫上面的微信公众号,订阅我的博客!
坚持原创技术分享,您的支持将鼓励我继续创作!

热门文章推荐: