Introducing information gathering
In this section, we will try to glean information about the web software, operating system, and applications that run on the web server, by using error-handling techniques. From a hacker's point of view, it is not that useful to gather information from error handling. However, from a pentester's point of view, it is very important because in the pentesting final report that is to be submitted to the client, you have to specify the error-handling techniques.
The logic behind error handling is to try and produce an error in a web server, which returns the code 404, and to see the output of the error page. I have written a small code to obtain the output. We will go line-by-line through the following code:
import re import random import urllib url1 = raw_input("Enter the URL ") u = chr(random.randint(97,122)) url2 = url1+u http_r = urllib.urlopen(url2) content= http_r.read()flag =0 i=0 list1 = [] a_tag = "<*address>" file_text = open("result.txt",'a'...