Fingerprinting web applications (Wordpress, Joomla and Mediawiki)
sucuri.netThis is fairly primitive. The techniques used by tools like nmap to fingerprint operating systems were established in the early 90's by Comer, and they involve behavioral testing. You should assume that even if you modify all the files in your (say) Wordpress distribution, an attacker can still fingerprint it.
Even though this technique is primitive, how would you say it compares to the techniques used by run-of-the-mill comment spammers to identify and exploit outdated installations? Are most of them stopping at meta generator?
I doubt it's worth doing much more than looking at version comments in the HTML, because the majority of people won't go to the effort of hiding the version.
Joomla, for example doesn't dump their version in the generator field (nor does mediawiki, I believe). Only wordpress like to do that.
Simple but works... In the same way that if you modify your tcp/ip stack, nmap (or p0f) will get all confused and report the wrong os,
Very interesting research describing a simple way to detect which version a web app is running.
They just fingerprint a few css/js files, get their md5sums and create a list of them for each version...