Server and X-Powered-By Tester
test-server-and-x-powered-header.py
# python 3.4
import urllib.request
import urllib.parse
def test(main_url, headers={'Cookie': 'JSESSIONID='}, file="urls.txt"):
with open(file) as loginFile:
header_detected = False
for _url in loginFile:
full_url = main_url + _url.strip()
try:
req = urllib.request.Request(
full_url,
method='GET',
headers=headers,
)
response = urllib.request.urlopen(req)
response_headers = response.getheaders()
for header in response_headers:
if header[0] == 'Server':
header_detected = True
print("Server header detected: " + str(header) + " / " + full_url)
if header[0] == 'X-Powered-By':
header_detected = True
print("X-Powered-By header detected: " + str(header) + " / " + full_url)
if not header_detected:
print("Clean: " + full_url)
except Exception as e:
print('Error', e)
test("http://www.your_app.com")
urls.txt
Server header detected: ('Server', 'Apache') / http://www.your_app.com
X-Powered-By header detected: ('X-Powered-By', 'PHP') /http://www.your_app.com
Server header detected: ('Server', 'Apache') / http://www.your_app.com/posts
Server header detected: ('Server', 'Apache') / http://www.your_app.com"/jquery.js
Server header detected: ('Server', 'Apache') / http://www.your_app.com"/bootstrap.min.js