This turbo talk will introduce a new Metasploit module that fingerprints "known" web applications, attempts the default credentials for the application, and runs an associated exploit or authenticated access module if applicable. The fingerprint database that will be released includes over 50 fingerprints and targets common enterprise web applications including Microsoft products (Outlook Web Access, Sharepoint), printers (Xerox Document Centre), security cameras, network administration, routers (Cisco, Huweai), VOIP Servers (Polycom Soundpoint), Oracle, ColdFusion, and others.
Will Vandevanter is a penetration tester and researcher. His focus interests include web application security, puppies, and secure code.