Watching the source code
Looking into a web page's source code allows us to understand some of the programming logic, detect the obvious vulnerabilities, and also have a reference when testing, as we will be able to compare the code before and after a test and use that comparison to modify our next attempt.
In this recipe, we will view the source code of an application and arrive at some conclusions from that.
Getting ready
For this recipe, start the vulnerable_vm.
How to do it...
- Browse to
http://192.168.56.102. - Select the WackoPicko application.
- Right-click on the page and select View Page Source. A new window with the source code of the page will open:
With the source code we can discover the libraries or external files that the page is using and where ...
Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
