Valentine's Day has come and gone, but I'm still swooning. I'm enamored with Python. Yes, Python the programming language, not the animal. Why am I vying for Python's attention? Here's why...
import httplib
urlconn = httplib.HTTPConnection('www.somewhere');
urlconn.request("GET", "/somepath/to/login.asp");
response = urlconn.getresponse();
cookie = response.getheader('Set-Cookie');
print cookie;
urlconn.close();
If you run this code (with valid data, of course!), you would receive a response similar to the following:
ASPSESSIONID=AOBPFCCDFKASLMRTYWKNBCDS; path=/
With this tiny bit of code, we can gather session ID's from login pages for analysis. This data can be used to further assess the security of the login page. We can (and as it sits, will) collect other cookie information from this code. What else could we do here? A very simple change would allow us to collect other HTTP header information:
print response.getheader('Server');
This would return a response similar to the following:
Microsoft-IIS/6.0
We can also collect lots of other data, including the HTTP response code, other specific header data, or the full response itself.
Of course, this is a very rudimentary example that could be improved upon. We could implement a more flexible program by allowing the URL to be passed via command-line, implement error handling, and do something more useful with the output. For now, I'll leave this as an exercise for the reader. My point here is to illustrate how quickly one can create something useful and usable for a specific purpose.
Happy coding!
