I have written a simple portscanner in python. I have already asked something about it, you can find the code here.
I corrected the code and now am able to create a connection to e.g. stackoverflow.net
But the output I get is more or less cryptic for me:
[+] Scan results for: li547-15.members.linode.com , 198.74.50.15
[+]80/tcpopen
[+] b'HTTP/1.1 400 Bad Request\r\nDate: Sat, 09 Sep 2017 18:16:50 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nConten'
I want to understand what the last line means (the first ones are pretty clear to me). It seems to be the response of the server, but what does this "bad request" stuff mean?
'ExploitMessage\r\n'
over the wire andGiven that Port 80 is reserved for HTTP, it seems safe to assume that there's a server speaking that protocol on the other side.
Well, proper HTTP requests all start with a request line of the form:
request-line = method SP request-target SP HTTP-version CRLF
'ExploitMessage\r\n'
doesn't conform to that, hence the server follows the RFC:
Recipients of an invalid request-line SHOULD respond with either a 400 (Bad Request) error or a 301 (Moved Permanently) redirect with the request-target properly encoded
What you are getting back matches a truncated HTTP response signaling the error:
HTTP/1.1 400 Bad Request
Date: Sat, 09 Sep 2017 18:16:50 GMT
Server: Apache/2.4.7 (Ubuntu)
Conten