有哪些方法判断一个网站的架构?

2014-03-01 18:23:40 +08:00
 mantianyu
服务器版本啊, 框架啊, 后台语言啊, 数据库啊啥的
4382 次点击
所在节点    问与答
15 条回复
yangg
2014-03-01 18:44:19 +08:00
You are looking for "BuiltWith Technology Profiler"?
Mutoo
2014-03-01 18:47:00 +08:00
chrome有个插件可以做一些基本的识别
https://chrome.google.com/webstore/detail/chrome-sniffer/homgcnaoacgigpkkljjjekpignblkeae

高级的技巧可以参考 《google hacking 技术手册》通过检索一些报错页发现一些蛛丝马迹
Ever
2014-03-01 18:49:22 +08:00
招聘信息.
miniwade514
2014-03-01 19:42:41 +08:00
@Ever 哈哈,想法很独特
mantianyu
2014-03-01 19:45:02 +08:00
@Mutoo
@yangg 我的意思就是 builtwith 用了哪些技术呢?
sarices
2014-03-01 19:46:24 +08:00
curl -I 如果没做限制的话可以看到服务器系统、开发语言、有些还能在powerby中看到开发框架,例如ThinkPHP
chairuosen
2014-03-01 20:34:31 +08:00
黑了自己看…
arbipher
2014-03-01 20:45:20 +08:00
@sarices
$ curl -I http://www.v2ex.com

HTTP/1.1 200 OK
Date: Sat, 01 Mar 2014 12:42:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 79344
Connection: keep-alive
Vary: Accept-Encoding
Expires: -1
Server: Galaxy/3.2.0
Etag: "2566f8422168b9485e45c64ecd3fa5153152d0b8"
Set-Cookie: PB3_SESSION="djJleDoyMy4yNTEuMTAwLjEzMjo1NjcyNjMzNA==|1393677757|dedb43aacb9fb1a7b4a6679fa4a68e49ae8ba0ce"; expires=Thu, 06 Mar 2014 12:42:37 GMT; Path=/
Set-Cookie: V2EX_TAB="dGVjaA==|1393677757|d5622dff67e53292d5d91bb3d95d8a8be1386de4"; expires=Sat, 15 Mar 2014 12:42:37 GMT; Path=/
Set-Cookie: V2EX_LANG=zhcn; Path=/
X-V2EX-Jobs: https://www.v2edge.com/jobs/cn
X-V2EX-CDN: https://www.v2edge.com/
X-ORCA-Accelerator: MISS from 002.mul.sjc01.us.krill.c3edge.net

没看到Python
mantianyu
2014-03-01 20:59:25 +08:00
@sarices
@arbipher

HTTP 响应头返回的东西和 web 服务器的配置有关系, 这些信息确实挺局限
atom
2014-03-01 21:08:57 +08:00
http响应只能看到粗略的web层的系统,一个好的网站至少是SOA化的。背后庞大的core系统,只能看相关的slide分享。
sarices
2014-03-01 21:12:11 +08:00
@arbipher 看看如果XXX的话 XXX就是限定条件
arbipher
2014-03-01 21:24:26 +08:00
@sarices 我看漏了。。。
yingluck
2014-03-01 21:37:13 +08:00
@Ever
@miniwade514
黑客与画家
Lax
2014-03-01 23:12:40 +08:00
已经养成了查看招聘信息的习惯,比较准确。
网站本身不提供招聘信息的,差异比较大,有的不值得关注,有的却会是big thing,可以搜索一下该网站的招聘,往往在一些小众的论坛有讨论。

技术方式,如果你恰好接触过类似的技术,通过报错页和页面的源码也能分析出一些
leafonsword
2014-03-02 11:21:53 +08:00
相信这个是你需要的:
*nikto -h www.baidu.com*

- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP: 115.239.210.26
+ Target Hostname: www.baidu.com
+ Target Port: 80
+ Start Time: 2014-03-02 11:20:23 (GMT8)
---------------------------------------------------------------------------
+ Server: BWS/1.1
+ The anti-clickjacking X-Frame-Options header is not present.
+ Uncommon header 'bduserid' found, with contents: 0
+ Uncommon header 'bdqid' found, with contents: 0xa74533af93c66ee2
+ Uncommon header 'bdpagetype' found, with contents: 1
+ Cookie BAIDUID created without the httponly flag
+ Cookie BDSVRTM created without the httponly flag
+ Cookie H_PS_PSSID created without the httponly flag
+ Server banner has changed from 'BWS/1.1' to 'Apache' which may suggest a WAF, load balancer or proxy is in place
+ No CGI Directories found (use '-C all' to force check all possible dirs)
Use of each() on hash after insertion without resetting hash iterator results in undefined behavior, Perl interpreter: 0xfa7010 at /usr/share/nikto/plugins/LW2.pm line 1013.
+ Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x767 0x4e78206ff4500
+ File/dir '/shifen/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ "robots.txt" contains 78 entries which should be manually viewed.
+ OSVDB-5737: WebLogic may reveal its internal IP or hostname in the Location header. The value is "http://www.baidu.com/search/error.html".
+ Multiple index files found: index.html, index.htm, index.php
...................以下省略..............................

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/102434

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX