Book Image

Python Web Penetration Testing Cookbook

By : Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip
Book Image

Python Web Penetration Testing Cookbook

By: Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip

Overview of this book

Table of Contents (16 chapters)
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Identifying alternative sites by spoofing user agents


Some websites restrict access or display different content-based on the browser or device you're using to view it. For example, a web site may show a mobile-oriented theme for users browsing from an iPhone or display a warning to users with an old and vulnerable version of Internet Explorer. This can be a good place to find vulnerabilities because these might have been tested less rigorously or even forgotten about by the developers.

How to do it…

In this recipe, we will show you how to spoof your user agent, so you appear to the website as if you're using a different device in an attempt to uncover alternative content:

import requests
import hashlib

user_agents = { 'Chrome on Windows 8.1' : 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36',
'Safari on iOS' : 'Mozilla/5.0 (iPhone; CPU iPhone OS 8_1_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12B466...