Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

systems, fonts, programming languages, and user interface

frameworks.

Let’s use Wappalyzer to see what’s running on the web

applications in the 172.16.10.0/24 network:

$ wappalyzer http://172.16.10.10:8081

"urls":{"http://172.16.10.10:8081/":{"status":200}},"technologies":[{"slug":"python",

"name":"Python","description":"Python is an interpreted and general-purpose programming language.",

"confidence":100,"version":"3.11.1","icon":"Python.png"

--snip--

Wappalyzer’s output is in the JavaScript Object Notation (JSON)

format, which is composed of keys and values. To parse it, it’s

helpful to use a tool like jq to traverse the JSON structure and

extract the information we need. First, take a look at the prettified

version of the output using the following command:

$ wappalyzer http://172.16.10.10:8081 | jq

Next, you’ll notice a few fields of interest, specifically the name,

the version and the confidence. The name identifies the technology,

such as Debian for an operating system. The version identifies the

version of that technology, such as Debian 11.6. Confidence is a

percentage between 0 and 100. The higher the confidence, the less

likely it is to be a false positive.

Let’s extract these three pieces of information with jq:

$ wappalyzer http://172.16.10.10:8081 | jq '.technologies[] | {name, version, confidence}'

{

"name": "Python",

"version": "3.11.1",

"confidence": 100

}

{

"name": "Tailwind CSS",

"version": "2.2.19",

"confidence": 100

}

{

"name": "Flask",

"version": "2.2.3",

"confidence": 100

}

--snip--

The jq syntax might seem a little odd at first, so let’s dissect it.

We place the pattern to extract between two single quotes ('). Here,