# Giacomo Milani, 2005 - giacomo@cuore.org
# webserver fingerprinting (based by header's order):

import re,sys
from socket import *

class webfp:
	allre = list()
	invalid_get = "GET . HTTP/1.1\n\n\n"
	def __init__(self):
		# stuff to match
		match_iis5 = re.compile(r".*.Server.*.Date.*.Connection.*.Content-Length.*.")
		match_iis6 = re.compile(r".*.Content-Type.*.Date.*.Connection\:\sclose.*.Content-Length.*.")
		match_apache1 = re.compile(r".*.Date.*.Server.*.Transfer-Encoding.*.Content-Type.*.")
		match_apache2 = re.compile(r".*.Date.*.Server.*.Content-Length.*.Connection.*.")
		match_squid = re.compile(r".*.Server.*.Date.*.X-Cache.*.Proxy-Connection.*.")
		match_gws = re.compile(r".*.Content-Type.*.Transfer-Encoding.*.Date.*.")
		match_sun_one = re.compile(r"^<HTML><HEAD><META.*.")
		match_sun_one_b = re.compile(r"^<HTML><HEAD><TITLE>.*.")
		match_roxen = re.compile(r".*.missing\shost\sheader.*.Content-Length.*.Date.*.")
		match_thttpd = re.compile(r".*.Server.*.Content-Type.*.Date.*.Connection.*.")
		match_ibmEdgeProxy = re.compile(r".*.Date.*.Connection.*.Accept-Ranges.*.Content-Type.*.Content-Length.*.")
		match_caudium = re.compile(r".*.Content-Length.*.Date.*.Accept-Ranges.*.Content-Type.*.Connection.*.Location.*.")
		# put all re in list
		self.allre = [
			(match_iis5,"Microsoft IIS5 (win2k)"),
			(match_iis6,"Microsoft IIS6 (win2k3)"),
			(match_apache1,"Apache (apache.org) 1.x"), 
			(match_apache2,"Apache (apache.org) 2.x"),
			(match_squid,"Squid Proxy (squid-cache.org)"),
			(match_gws,"Google Web Server (google.com)"), 
			(match_sun_one,"Sun One WebServer (sun.com)"), 
			(match_sun_one_b,"Sun One WebServer (sun.com)"), 
			(match_roxen,"Roxen (www.roxen.com)"),
			(match_thttpd,"Thttpd (www.acme.com/software/thttpd/)"),
			(match_ibmEdgeProxy,"Ibm Edge Caching Proxy"), 
			(match_caudium,"Caudium Web Server")]
	def fingerprint(self,ip,port = 80):
		sock = socket(AF_INET,SOCK_STREAM,0)
		print "Connecting to",ip
		sock.connect((ip,port))
		sock.send(self.invalid_get)
		buffer = sock.recv(4096)
		buffer = buffer.replace("\n"," ")
		for reg,desc in self.allre:
			if reg.match(buffer) != None:
				return desc
		return "WebServer Unknown"

def main():
	wfp = webfp()
	print "Immettere indirizzo webserver: "
	addr = str(raw_input())
	typeserver = wfp.fingerprint(addr)
	print "Rilevato:",typeserver
	sys.exit(0)

	
__init__ = main()