ChrisTruncer
commented
9 years ago So right now, the "server" result is based on the header returned by the server. It's not actually a specific field that EyeWitness looks for. I don't really know if we could get that added in based off of how we're handling this. Also, while that is pretty sweet, I think we're more focused on getting screenshots vs. enumerating specific versions of software. But with that said, I'd love to hear input from @rvazarkar if he agrees.
digininja
Is it possible to conduct some simple fingerprinting of a service running, currently you have "server: Microsoft-IIS/7.5 " for a return field. Could you add in the Cisco ASA as the server and the current IOS to the repository of sigs?
Here is my code for the NSE script to fingerprint: https://github.com/killswitch-GUI/PenTesting-Scripts/blob/master/ASA-Check-Ver.nse
simple query of the ASA device at "/CSCOSSLC/config-auth" using a Header / User agent field you get a simple return of: "8.4(1) VPN Server"
Would be a great add :+1:
Thanks!