Monday, August 5, 2013

HTTP Commands for Banner Grabbing

This is a short list of commands for banner grabbing from a Windows web server, you will need to type enter twice after the command

1. Connect using telnet and type: HEAD / HTTP/1.0

telnet www.test.com 80

Trying 10.10.10.10...
Connected to www.test.com.
Escape character is '^]'.
HEAD / HTTP/1.0


  HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1777
Content-Type: text/html
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDACBATBQQ=MJOLBPPDBKPANIAKDMLCEOHF; path=/
X-Powered-By: ASP.NET
Date: Tue, 06 Aug 2013 03:42:18 GMT
Connection: close
Connection closed by foreign host.


2. Let's try the option command, I like this: OPTIONS / HTTP/1.0


Trying 10.10.10.10...
Connected to www.test.com.
Escape character is '^]'.
OPTIONS / HTTP/1.0

HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD, POST
Server: Microsoft-IIS/7.0
Public: OPTIONS, TRACE, GET, HEAD, POST
X-Powered-By: ASP.NET
Date: Tue, 06 Aug 2013 03:47:39 GMT
Connection: close
Content-Length: 0
Connection closed by foreign host.


What happen if I type wrong commands or lower case letters?:

Trying 10.10.10.10...
Connected to www.test.com.
Escape character is '^]'.

options / http/1.0      ---- I typed lower case

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 06 Aug 2013 03:50:08 GMT
Connection: close
Content-Length: 311
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request</h2>
<hr><p>HTTP Error 400. The request is badly formed.</p>
</BODY></HTML>
Connection closed by foreign host.

No comments:

Post a Comment