Fingerprinting servers through HTTP headers
The next part of the HTTP protocol that we will be concentrating on are the HTTP headers. Found in both the requests and responses from the web server, these carry extra information between the client and server. Any area with extra data makes a great place to parse information about the servers and to look for potential issues.
How to do it…
The following is a simple header grabbing script that will parse the response headers in an attempt to identify the web server technology in use:
import requests req = requests.get('http://packtpub.com') headers = ['Server', 'Date', 'Via', 'X-Powered-By', 'X-Country-Code'] for header in headers: try: result = req.headers[header] print '%s: %s' % (header, result) except Exception, error: print '%s: Not found' % header
How it works…
The first part of the script makes a simple GET
request to the target web server, through the familiar requests
library:
req = requests.get('http://packtpub...