Cookie- Fingerprinting
gravity-free/cookie fingerprint 2010. 12. 17. 13:15
쿠키를 통한 웹 서버 Fingerprinting
Cookie Fingerprinting
=====================
BEA WebLogic (www.bea.com)
------------
Set-Cookie: WebLogicSession=PLLHV8No5ImB2wUo2mupD49Bdo2HxEXq7OjhAAEl1EP6tMr1KbtI|-2011799079004677001/-1062729195/6/7001/7001/7002/7002/7001/-1|-3433517045111774782/-1062729194/6/7001/7001/7002/7002/7001/-1; path=/
Sane NetTracker (www.sane.com)
---------------
Set-Cookie: SaneID=213.63.123.42-1018349510644; path=/; expires=Tue, 09-Apr-07 06:51:50 GMT; domain=.sane.com
Vignette (www.vignette.com)
--------
Set-Cookie: ssuid=Maxliw00vvM00001fbb6Oxn0wa; path= /; expires=Saturday, 06-Sep-2014 23:50:08 GMT
Set-Cookie: vgnvisitor=Mawd0M00heY0000~fBiFkE0035; path= /; expires=Saturday, 06-Sep-2014 23:50:08 GMT
Microsoft IIS (www.microsoft.com)
-------------
Set-Cookie: ASPSESSIONIDGQQGQYDC=KDGFBFGBLPNCMIIELPAINNJH; path=/
IBM Net.Commerce (www.ibm.com)
----------------
Set-cookie: SESSION_ID=203363,JdjXE+hB9ph06hBJ4NSD04uHsq/FktC/rNib7MJjNS3jk5fXEK9XBtkAx0zI7NkI; path=/;
Netscape Enterprise Server (www.sun.com)
--------------------------
Set-cookie: NSES40Session=2%253A3e57d375%253Adc59172283a7e72c;path=/;expires=Sat, 22-Feb-2003 20:15:57 GMT
iPlanet (www.sun.com)
-------
Set-Cookie: iPlanetUserId=213.23.123.42:29511018555049; EXPIRES=Friday, 31-Dec-2010 23:59:59 GMT; DOMAIN=.iplanet.com; PATH=/
RealMedia OpenAdStream ()
----------------------
Set-Cookie: RMID=d442af2b3d1ccf30; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.xxxx.net
Caucho Resin ()
------------
Set-Cookie: JSESSIONID=afbx7QRlFZje; path=/
Jakarta Tomcat/JSERV (jakarta.apache.org/tomcat/)
--------------------
Set-Cookie: JSESSIONID=4ah34a8xo1;Path=/
Macromedia Jrun (www.macromedia.com)
---------------
Set-Cookie: JSESSIONID=80302068121025709931685;path=/
Roxen Web Server (www.roxen.com)
----------------
Set-Cookie: RoxenUserID=07761bc31df67ae8c4441a89bc7ceed5
ApacheJServ (java.apache.org/jserv)
-----------
Set-Cookie: JServSessionIdroot=vvni7vxu8n; path=/
IBM Tivoli Policy Director WebSeal (www.ibm.com)
----------------------------------
Set-Cookie: PD-S-SESSION-ID=2_L7kl8vzZ9b8LMEwpm0PgqqQRIh2ZZakRamBlgvMXqIIAABDZ; Path=/; Secure
WEBTRENDS ()
---------
Set-Cookie: WEBTRENDS_ID=223.53.123.13-1091519275.658578; expires=Fri, 31-Dec-2010 00:00:00 GMT; path=/
IBM WebSphere ()
-------------
Set-Cookie: sesessionid=ZJ0DMWIAAA51VQFI50BD0VA;Path=/
Sun Java System Application Server (Netscape/iPlanet Applicaton Server)
-----------------------------------------------------------------------
Set-Cookie: gx_session_id_=f42d0282513ff402; path=/
OpenMarket/FatWire Content Server (www.fatwire.com)
---------------------------------
Set-Cookie: SS_X_CSINTERSESSIONID=0001P73k2FUEYEU4Ks5TtKxcs2K:vv0b9pej; path=/
Set-Cookie: CSINTERSESSIONID=0001xquPwAx2NFUFvi7yw-43f35:vv7sdeqs;Path=/
Siebel CRM
----------
Set-Cookie: _sn=u3YBSdYfaf0oa5H1hz7Tc0ccApc0T1Iz60QWgeSiMEA_; Version=1; Path=/
IBM Tivoli Policy Director WebSeal (www.ibm.com)
----------------------------------
+Format:
+Set-Cookie: PD-S-SESSION-ID=2_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; Path=/; Secure
+where 'x' is {[A-Z],[a-z],[0-9],+,-}
+Example:
Set-Cookie: PD-S-SESSION-ID=2_L7kl8vzZ9b8LMEwpm0PgqqQRIh2ZZakRamBlgvMXqIIAABDZ; Path=/; Secure
+When accessing a stateful sesion:
+Set-Cookie: PD_STATEFUL_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx=/LOCATION; Path=/
WEBTRENDS ()
---------
@@ -96,8 +112,8 @@
Set-Cookie: WEBTRENDS_ID=223.53.123.13-1091519275.658578; expires=Fri, 31-Dec-2010 00:00:00 GMT; path=/
-IBM WebSphere ()
--------------
+IBM WebSphere Application Server ()
+---------------------------------
Set-Cookie: sesessionid=ZJ0DMWIAAA51VQFI50BD0VA;Path=/
@@ -120,3 +136,25 @@
Set-Cookie: _sn=u3YBSdYfaf0oa5H1hz7Tc0ccApc0T1Iz60QWgeSiMEA_; Version=1; Path=/
참고 자료 :
http://seclists.org/pen-test/2006/Jan/att-0210/cookie_fingerprinting_txt
http://seclists.org/pen-test/2006/Jan/0249.html