前言:我们在进行网站渗透的时候,通常第一步都是获取目标网站的一些配置信息,比如:所用的服务器类型,用了哪种CMS,网站又用了哪些插件等等。当然,我们要是在这一步获取到了比较充分的信息,毫无疑问接下来我们就可以有针对性地进行漏洞搜索和挖掘,对最后的渗透测试是非常有帮助的。
一 简介
今天,我主要是给大家安利一个比较好的对目标网站进行基本信息探测的网站,它就是:https://builtwith.com 。使用起来也很简单,直接对目标网站进行搜索就行了,比如说我们搜索:https://builtwith.com/blog.6ag.cn 。返回的结果如下:
这里,我就截了两张图,其他的信息就不截图了,留给大家自己去看看吧
接下来,我在对这些信息进行分析后,决定用Java将一些比较有用的信息提取出来,以一种更为直观的方式展示在我们面前,以方便我们后面的分析
二 代码实现
代码原理很简单,就是通过发起请求,然后对获取到的网页源代码进行正则匹配出我们所需要的信息。代码如下:
/**
* 通过网站:https://builtwith.com查询信息
* @param domain
* @return 查询到的域名信息
* */
public static String getServerMoreMess(String domain){
String message = "";
try {
URL url = new URL("https://builtwith.com/" + domain);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.setReadTimeout(20000);
connection.setReadTimeout(20000);
if(connection.getResponseCode() == 200){
InputStream inputStream = connection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
String line = "";
Pattern pattern = null;
Matcher matcher = null;
while((line = reader.readLine()) != null){
pattern = Pattern.compile("<span>Web Server</span>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + "Web Server:\n";
pattern = Pattern.compile("<a href=\"//trends.builtwith.com/Web-Server/[^\\s\"]+?\">([^<>\"]+?) Usage Statistics</a>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + " " + matcher.group(1) + "\n";
pattern = Pattern.compile("<span>Content Management Systems</span>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + "Content Management Systems:\n";
pattern = Pattern.compile("<a href=\"//trends.builtwith.com/cms/[^\\s\"]+?\">([^<>\"]+?) Usage Statistics</a>");
matcher = pattern.matcher(line);
while(matcher.find())
message = message + " " + matcher.group(1) + "\n";
pattern = Pattern.compile("<span>Frameworks</span>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + "Frameworks:\n";
pattern = Pattern.compile("<a href=\"//trends.builtwith.com/framework/[^\\s\"]+?\">([^<>\"]+?) Usage Statistics</a>");
matcher = pattern.matcher(line);
while(matcher.find())
message = message + " " + matcher.group(1) + "\n";
pattern = Pattern.compile("<span>Widgets</span>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + "Widgets:\n";
pattern = Pattern.compile("<a href=\"//trends.builtwith.com/widgets/[^\\s\"]+?\">([^<>\"]+?) Usage Statistics</a>");
matcher = pattern.matcher(line);
while(matcher.find())
message = message + " " + matcher.group(1) + "\n";
pattern = Pattern.compile("<span>Encoding</span>");
matcher = pattern.matcher(line);
if(matcher.find())
message = message + "Encoding:\n";
pattern = Pattern.compile("<a href=\"//trends.builtwith.com/encoding/[^\\s\"]+?\">([^<>\"]+?) Usage Statistics</a>");
matcher = pattern.matcher(line);
while(matcher.find())
message = message + " " + matcher.group(1) + "\n";
}
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return message;
}三 测试
public static void main(String[] args) {
String str = "";
// str = ServerType.getServerMoreMess("www.zifangsky.cn");
str = ServerType.getServerMoreMess("blog.6ag.cn/");
System.out.println(str);
}效果如下:
Web Server:
Tengine
Content Management Systems:
WordPress
WordPress Weekly Activity
WordPress 4.4
Widgets:
Crayon Syntax Highlighter
Crayon Syntax Highlighter
WordPress Plugins
Font Awesome
Encoding:
UTF-8
本文出自 “zifangsky的个人博客” 博客,请务必保留此出处http://983836259.blog.51cto.com/7311475/1733108
原文地址:http://983836259.blog.51cto.com/7311475/1733108
