SQL injection against services fingerprinting and informations gathering

After the discovery of a new car license plate type, created to fight, with SQL injection method, the unpopular fixed radar system, mikkohypponen a security specialist has report a funny method to SQL inject services fingerprinting.
The concerned service is the HTTP service of www.reddit.com website. Normally the HTTP service should return things like “Apache” or “ISS”, but here you can find a dedicated fingerprint.
SQL injection against fixed radar systems
SQL injection against fixed radar systems
SQL injection against services fingerprinting
SQL injection against services fingerprinting
Most of time, fingerprinting method are done with nmap like tools, and the results could be stored into a database. ERIPP is also well know to create a database of 4 Billion routable IP addresses with the associated most common services fingerprints. SHODAN is also a similar database type than ERIPP, how is a computer search engine permitting to find computers running certain software (HTTP, FTP, etc). Imagine that the crawler code has some sql injection flaw… oups your database has gone cause the fingerprint contains some sql injection code 🙂
For Reddit, we have search the “CREATE TABLE servertypes” on Google, and find one services fingerprinting crawler using a database called “servertypes” and targeting Reddit 🙂
banthar gist HTTP service fingerprinting crawler
banthar gist HTTP service fingerprinting crawler
Is Reddit protecting him self against information gathering or just an sysadmin funny joke.