Fingerprinting CakePHP applications with Nmap

I commited a new Nmap NSE script called ‘http-cakephp-version’ that identifies the version of CakePHP applications. 

Usage

./nmap --script http-cakephp-version <host/ip>

Sample output

$ ./nmap --script http-cakephp-version -p80 -v calderonpale.com
Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-05-30 03:08 PDT
NSE: Loaded 1 scripts for scanning.
Initiating Ping Scan at 03:08
Scanning calderonpale.com (173.45.233.210) [2 ports]
Completed Ping Scan at 03:08, 0.34s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 03:08
Completed Parallel DNS resolution of 1 host. at 03:08, 13.00s elapsed
Initiating Connect Scan at 03:08
Scanning calderonpale.com (173.45.233.210) [1 port]
Discovered open port 80/tcp on 173.45.233.210
Completed Connect Scan at 03:08, 0.38s elapsed (1 total ports)
NSE: Script scanning 173.45.233.210.
Initiating NSE at 03:08
Completed NSE at 03:08, 4.63s elapsed
Nmap scan report for calderonpale.com (173.45.233.210)
Host is up (0.35s latency).
PORT   STATE SERVICE
80/tcp open  http
| http-cakephp-version: Version of codebase: 1.3.x
| Version of icons: 1.3.x
|_Default stylesheet has an unknown hash: 2c2393fa72edd21a1dc2c4f665316dde

Read data files from: /home/cldrn/projects/nmap/src
Nmap done: 1 IP address (1 host up) scanned in 18.88 seconds

Download

Update your copy of Nmap to get this and other great scripts available.

calderpwn

Infosec consultant | Software dev | Open Source contributor | Nmap developer | PacktPub & Pluralsight author | Chapter leader of OWASP Riviera Maya

Leave a Reply

Your email address will not be published. Required fields are marked *