Your browser does not seem to support CSS. If images appear below, please disregard them.
Topic Options
Rate This Topic
#15106 - 03/08/02 10:41 PM Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 4
ithinkimhappy Offline
Junior Member
ithinkimhappy Offline
Junior Member

Joined: Mar 2002
Posts: 4
massachuestts
ok you know if you every wanted to break into a website you need to the know the OS the computer is running off of?? i did a little test i picked any web site. opened telnet and connected through port 80 it connected but when i typed something in and press enter it gave me this.

HTTP/1.1 400 Bad Request
Server: Microsoft- IIS/5.0
Date:sat, 09 Mar 2002 00.32.48 GMT
content-type: text/html
content-length: 87

errorthe parameter is incorrect.

what does this mean??? does this tell me the OS (operating system)?


no
Top
Sponsored Links
#15107 - 03/08/02 10:52 PM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 109
thebluegiant Offline
Member
thebluegiant Offline
Member

Joined: Mar 2002
Posts: 109
Quote:
Server: Microsoft- IIS/5.0


"There is no end. There is no beginning. There is only the infinite passion of life."
--Fellini
Top
#15108 - 03/08/02 10:54 PM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
First off, what does this have to do with the title of this topic? heh, but I will answer your question anyways. You just received a lot of information! First, the server is running Windows, you can tell that because the server is using Microsoft-IIS/5.0 which is a Windows OS. You can probably guess it's using NT/2K because that's what most servers are using. Next, you know that it's running IIS 5.0 now so you can look for exploits for that server software. Also, you can get the timezone of the server, which doesn't really give you anything but it's an extra tid bit of information.


Cha want some w***up?

http://www.dopeskill.com
Top
#15109 - 03/09/02 02:11 AM Re: Question about hacking (it is worng to hack)
Joined: Feb 2002
Posts: 7,195
Gremelin Online shocked
Community Owner
Gremelin Online shocked

Community Owner

Joined: Feb 2002
Posts: 7,195
Portland, OR; USA
hey they could be elite by installing wine and running iis :x


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#15110 - 03/09/02 02:26 AM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 4
ithinkimhappy Offline
Junior Member
ithinkimhappy Offline
Junior Member

Joined: Mar 2002
Posts: 4
massachuestts
meaning??


no
Top
#15111 - 03/09/02 02:53 AM Re: Question about hacking (it is worng to hack)
Joined: Feb 2002
Posts: 7,195
Gremelin Online shocked
Community Owner
Gremelin Online shocked

Community Owner

Joined: Feb 2002
Posts: 7,195
Portland, OR; USA
WINE makes it possible to run windows binarys in linux, therefore if one wanted they could run IIS in linux if they felt like it and configured it correctly.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#15112 - 03/10/02 02:32 AM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
But the chances of that are very slim because IIS isn't the greatest in the first place on windows, so why bother running it on Linux.


Cha want some w***up?

http://www.dopeskill.com
Top
#15113 - 03/13/02 10:58 PM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 5
nokil0 Offline
Junior Member
nokil0 Offline
Junior Member

Joined: Mar 2002
Posts: 5
Hawaii/Cali
You may want to try running a port scan to see if the box has any open mail servers (almost def). Often times (even if the admin is smart), the true nature of the OS can be determined through these arbitrary ports.
ciao tuto


:: nokil0 ::
Top
#15114 - 03/13/02 11:00 PM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 5
nokil0 Offline
Junior Member
nokil0 Offline
Junior Member

Joined: Mar 2002
Posts: 5
Hawaii/Cali
A side note to my last post; even if you can not get direct information the the open port itself, a finger print of sorts, is what specific ports (in all) are open. You can identify many machines by which ports have been enabled.


:: nokil0 ::
Top
#15115 - 03/15/02 02:31 AM Re: Question about hacking (it is worng to hack)
Joined: Mar 2002
Posts: 626
hKzKnight Offline
Member
hKzKnight Offline
Member

Joined: Mar 2002
Posts: 626
LAN
WINE is a sort of windows emulator. It is real nice. However my doubts that many people would run a server with WINE. It isn't as stable as I wish it would be. Especially for a use as a server, It still has glitches with some games but I like. Yet it is a good idea but slim. Really interesting stuff. Another nice thing is VMWARE and win4lin, win4lin would prob be used more then WINE if was to run a server. Just curious would it tell you (if used WINE) that it is a Win based OS? I would think not, but not sure. However I know it would if win4lin. Thanks.


-hKzKnight
"The ghost... Was never there and you'll never see me"
Top
#15116 - 03/15/02 02:47 AM Re: Question about hacking (it is worng to hack)
Joined: Feb 2002
Posts: 7,195
Gremelin Online shocked
Community Owner
Gremelin Online shocked

Community Owner

Joined: Feb 2002
Posts: 7,195
Portland, OR; USA
rofl.. WINE (WINE Is Not an Emulator) heh..


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#15117 - 11/08/02 08:10 PM Re: Question about hacking (it is worng to hack)
Joined: Nov 2002
Posts: 1
LordPhatal Offline
Junior Member
LordPhatal Offline
Junior Member

Joined: Nov 2002
Posts: 1
I may be wrong, but if you were running WINE er Win4Lin etc. and you were running IIS I would think that the information that has been received would not reflect IIS. The reason being is that most of those types of programs run in a protected environment. The true OS running would actually be what replies to information requests like that. So my guess would be that if you see that the server has IIS5.0, it's a Winderz box.

Top
#15118 - 11/08/02 08:51 PM Re: Question about hacking (it is worng to hack)
Joined: Oct 2002
Posts: 955
jonconley Offline
UGN Super Poster
jonconley Offline
UGN Super Poster

Joined: Oct 2002
Posts: 955
Merrill, IA, USA
My understanding is that you telnet to the port and the system it self is no longer responding, it is now whatever application may be listening at that port. This would be the webserver so it would reply the information. That is why it said bad request, it was the webserving expecting a HTTP command. Also, I am not sure about IIS but I remember reading something where you could just edit the response that apache would give. So if you wanted you could probably do the same with IIS or they atleast can prevent it giving out that information.
Again, I don't know if you can do it with IIS, but I know alot of server software allows you to customize it. So while it won't stop someone from being able to detect your OS, it will atleast stop yourself by being detected in a large portscan that grabs banners.

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Sponsored Links
Forum Statistics
Forums46
Topics46,497
Posts81,667
Members2,157
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,661
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860