the-web-application-hackers-handbook

Chapter 4 n Mapping the Application 103
n jsp — Java Server Pages
n cfm — Cold Fusion
n php — The PHP language
n d2w — WebSphere
n pl — The Perl language
n py — The Python language
n dll — Usually compiled native code (C or C++)
n nsf or ntf — Lotus Domino
Even if an application does not employ a particular file extension in its published
content, it is usually possible to verify whether the technology supporting that
extension is implemented on the server. For example, if ASP.NET is installed,
requesting a nonexistent .aspx file returns a customized error page generated
by the ASP.NET framework, as shown in Figure 4-12. Requesting a nonexistent
file with a different extension returns a generic error message generated by the
web server, as shown in Figure 4-13.
Figure 4-12: A customized error page indicating that the ASP.NET platform is present on
the server
Using the automated content discovery techniques already described, it
is possible to request a large number of common file extensions and quickly
confirm whether any of the associated technologies are implemented on the
server.
The divergent behavior described arises because many web servers map
specific file extensions to particular server-side components. Each different
component may handle errors (including requests for nonexistent content) differently.
Figure 4-14 shows the various extensions that are mapped to different
handler DLLs in a default installation of IIS 5.0.