Banner grabbing is a technique that identifies the services that are running on a system. For example, let's say you did a basic port scan on a target and you saw port 80 is open, this means there is a web server providing HTTP service. However, if we would like to determine/retrieve the web server platform (IIS, Apache, or Nginx) and its version number, we would have to perform banner grabbing.
In this exercise, we re going to use Telnet to determine the type of web server on a target system. We'll be able to see whether it's IIS, Apache, or Nginx. Let's begin:
- Open a command console.
- At the console, enter the following command:
telnet <target IP address> 80
- Press Enter.
- Enter the
GET/ http/1.0
command. - Press Enter.
- View the results.
Your results may vary on your target, however, the results would be in a similar format to the following:
HTTP/1.1 200 OK
Date: Mon, 30 January 2017 22:10:40 EST
Server: Apache/2.0.46 (Unix) (Red Hat/Linux)...