WIG – Webserver Fingerprinting, Detect CMS and WebApps

0
Want create site? Find Free WordPress Themes and plugins.

WIG is a web application reconnaissance and vulnerability scanner tool, which is able to identify various Content Management Systems (CMS) and other administrative web applications. Wig can also attempt to do OS fingerprinting to webserver.

Wig’s fingerprinting scenario is based on checksums and string matching of known files for different versions of CMSes. This results in a score being calculated for each detected CMS and its versions. Wig also tries to guess the operating system running on the server based on headers the ‘server’ and ‘x-powered-by’. Wig has database containing known header values for different operating systems, which allows wig to guess every OS version.

INSTALLING WIG

Download wig project to local drive, run following commands:

WIG Webserver Fingerprinting Detect CMS and WebApps

WIG USAGE

Wig can only run on minimum python 3. Type following command to display help menu and options.

WIG Webserver Fingerprinting Detect CMS and WebApps

Now, after read all available options lets scan a target. Type:

WIG Webserver Fingerprinting Detect CMS and WebApps
WIG Webserver Fingerprinting Detect CMS and WebApps

As you can see above image, wig take time 205.6 seconds or about 3 minutes to scan the target. And the wig vulnerability report said that target has security hole on joomla version 2.5.4 and display the reference link on http://cvedetails.com/version/129399. Simple enough? now you know what vuln the target has, and then decided the appropriate exploit or hack methods against the target. Good luck!

Did you find apk for android? You can find new Free Android Games and apps.