You can also check the servers datetime stamp of the web2py_ajax.html, depending on this, you can know what version of web2py is actually running(assuming it hasn't been edited)... so you can specifically target web2py versions (based on date version came out) that have known vulnerabilities.
-Thadeus On Sun, Mar 14, 2010 at 3:30 PM, mdipierro <[email protected]> wrote: > I cannot think if an way that works 100%. > > I did not put any way to do it because security good practice requires > that there is no way to detect what software the server is running > because if a vulnerability is discovered, an attacked would be able to > detect which servers have the software with the vulnerability. > > In practice most web sites that use web2py use web2py_ajax.html and > that is a way to check. Look for page source and look for the code of > web2py_ajax. > > Massimo > > On Mar 14, 1:51 pm, Albert Abril <[email protected]> wrote: >> Hi! >> >> There's some way to check to check from the browser if a web is running >> web2py? >> For example, Could i know ifwww.web2py.comis running web2py from the >> browser? >> >> Just curious. >> Thanks. > > -- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/web2py?hl=en. > > -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
