Banner grabbing
Banner grabbing is a technique that identifies the services that are running on a system. For example, let's say you did a basic port scan on a target and you saw port 80 is open, this means there is a web server providing HTTP service. However, if we would like to determine/retrieve the web server platform (IIS, Apache, or Nginx) and its version number, we would have to perform banner grabbing.
Exercise using Telnet to banner-grab
In this exercise, we re going to use Telnet to determine the type of web server on a target system. We'll be able to see whether it's IIS, Apache, or Nginx. Let's begin:
- Open a command console.
- At the console, enter the following command:
telnet <target IP address> 80
- Press Enter.
- Enter the
GET/ http/1.0
command. - Press Enter.
- View the results.
Your results may vary on your target, however, the results would be in a similar format to the following:
HTTP/1.1 200 OK
Date: Mon, 30 January 2017 22:10:40 EST
Server: Apache/2.0.46 (Unix) (Red Hat/Linux)...