Re: [NSE] http-mobileversion-checker.nse

[blake () marigoldtech com]

> > The attached script sets an Android User-Agent header and checks if the
> > website
> > will redirect to a mobile-version. If it does, it also checks if this
> > version
> > lies within the target host.
>
> Very nice, George and Patrick!  It's a clever script idea.  You might
> consider adding another sentence or two about how this works to the
> description.  Right now you have more information in comments, but users
> aren't as likely to see those.
>
> It is starting me wondering what other user agents might trigger different
> pages.  For example, some sites might give different pages if you pretend
> to be a Google crawler.

The vast majority of sites will behave exactly the same way regardless of the changes in the User Agent string, but 
those that do 'adapt' to changes represent an intriguing subset consisting of rather sophisticated websites. As fodder 
for more ideas along these lines, additional User Agent modifications can include other devices such as: iPad, iPhone, 
Blackberry, Android, Windows clients, Mac OSX clients, *nix clients, lynx, cURL, GoogleBot, BingBot, etc. One can also 
modify the language in the User Agent string to determine if the site is coded for language detection and even 
determining which language the site 'speaks' by testing a list of different languages. Finally, given the resources, 
the originating IP address can potentially come from different parts of the globe to determine to what extent the site 
leverages localization.

There is a handy tool that pings an IP address or host from over 50 monitoring stations globally. If the host IP 
changes, then that is an indication that the site has localization capabilities. If the target IP address remains the 
same...well it should be obvious what that means:
http://cloudmonitor.ca.com/en/ping.php?
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/