Black Hat 2010: Open source tool finds web applications


Black Hat 2010: Open source tool finds web applications

Warwick Ashford

Security firm Qualys has launched an open source, web-application fingerprinting engine to identify application and plug-in versions.

The launch coincides with the release of related research at the Black Hat USA 2010 security conference in Las Vegas.

The research describes results of large-scale tests of the tool, called BlindElephant, and shows many well-known web applications are running dangerously out of date software.

"BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded," said Patrick Thomas, a vulnerability researcher at Qualys and creator of BlindElephant.

"It doesn't check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site," he said.

As vulnerabilities are increasingly discovered, it is important to have a reliable way to detect which applications and plug-ins are present at a site, and if they are running outdated versions, said Thomas.

Unlike other web application tools, BlindElephant uses a new approach that relies on hashes of static resource files within the application to identify the application's version number.

"Standard web applications are commonly targeted by attackers and then subverted for malware distribution," said Wolfgang Kandek, chief technology officer at Qualys.

The BlindElephant tool will enable users to protect themselves and monitor their web applications, he said.

The open source project is also intended to be an initial stepping stone to work with the community to increase the number of fingerprinted web applications, said Kandek.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy