Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#15106 - 03/08/02 10:41 PM Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 4
ithinkimhappy Offline
Junior Member
ithinkimhappy  Offline
Junior Member

Joined: Mar 2002
Posts: 4
massachuestts
ok you know if you every wanted to break into a website you need to the know the OS the computer is running off of?? i did a little test i picked any web site. opened telnet and connected through port 80 it connected but when i typed something in and press enter it gave me this.

HTTP/1.1 400 Bad Request
Server: Microsoft- IIS/5.0
Date:sat, 09 Mar 2002 00.32.48 GMT
content-type: text/html
content-length: 87

errorthe parameter is incorrect.

what does this mean??? does this tell me the OS (operating system)?


no
Sponsored Links
#15107 - 03/08/02 10:52 PM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 109
thebluegiant Offline
Member
thebluegiant  Offline
Member

Joined: Mar 2002
Posts: 109
Quote:
Server: Microsoft- IIS/5.0


"There is no end. There is no beginning. There is only the infinite passion of life."
--Fellini
#15108 - 03/08/02 10:54 PM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse  Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
First off, what does this have to do with the title of this topic? heh, but I will answer your question anyways. You just received a lot of information! First, the server is running Windows, you can tell that because the server is using Microsoft-IIS/5.0 which is a Windows OS. You can probably guess it's using NT/2K because that's what most servers are using. Next, you know that it's running IIS 5.0 now so you can look for exploits for that server software. Also, you can get the timezone of the server, which doesn't really give you anything but it's an extra tid bit of information.


Cha want some w***up?

http://www.dopeskill.com
#15109 - 03/09/02 02:11 AM Re: Question about hacking (it is worng to hack)  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
hey they could be elite by installing wine and running iis :x


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#15110 - 03/09/02 02:26 AM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 4
ithinkimhappy Offline
Junior Member
ithinkimhappy  Offline
Junior Member

Joined: Mar 2002
Posts: 4
massachuestts
meaning??


no
Sponsored Links
#15111 - 03/09/02 02:53 AM Re: Question about hacking (it is worng to hack)  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
WINE makes it possible to run windows binarys in linux, therefore if one wanted they could run IIS in linux if they felt like it and configured it correctly.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#15112 - 03/10/02 02:32 AM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse  Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
But the chances of that are very slim because IIS isn't the greatest in the first place on windows, so why bother running it on Linux.


Cha want some w***up?

http://www.dopeskill.com
#15113 - 03/13/02 10:58 PM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 5
nokil0 Offline
Junior Member
nokil0  Offline
Junior Member

Joined: Mar 2002
Posts: 5
Hawaii/Cali
You may want to try running a port scan to see if the box has any open mail servers (almost def). Often times (even if the admin is smart), the true nature of the OS can be determined through these arbitrary ports.
ciao tuto


:: nokil0 ::
#15114 - 03/13/02 11:00 PM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 5
nokil0 Offline
Junior Member
nokil0  Offline
Junior Member

Joined: Mar 2002
Posts: 5
Hawaii/Cali
A side note to my last post; even if you can not get direct information the the open port itself, a finger print of sorts, is what specific ports (in all) are open. You can identify many machines by which ports have been enabled.


:: nokil0 ::
#15115 - 03/15/02 02:31 AM Re: Question about hacking (it is worng to hack)  
Joined: Mar 2002
Posts: 626
hKzKnight Offline
Member
hKzKnight  Offline
Member

Joined: Mar 2002
Posts: 626
LAN
WINE is a sort of windows emulator. It is real nice. However my doubts that many people would run a server with WINE. It isn't as stable as I wish it would be. Especially for a use as a server, It still has glitches with some games but I like. Yet it is a good idea but slim. Really interesting stuff. Another nice thing is VMWARE and win4lin, win4lin would prob be used more then WINE if was to run a server. Just curious would it tell you (if used WINE) that it is a Win based OS? I would think not, but not sure. However I know it would if win4lin. Thanks.


-hKzKnight
"The ghost... Was never there and you'll never see me"
Sponsored Links
#15116 - 03/15/02 02:47 AM Re: Question about hacking (it is worng to hack)  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
rofl.. WINE (WINE Is Not an Emulator) heh..


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#15117 - 11/08/02 08:10 PM Re: Question about hacking (it is worng to hack)  
Joined: Nov 2002
Posts: 1
LordPhatal Offline
Junior Member
LordPhatal  Offline
Junior Member

Joined: Nov 2002
Posts: 1
I may be wrong, but if you were running WINE er Win4Lin etc. and you were running IIS I would think that the information that has been received would not reflect IIS. The reason being is that most of those types of programs run in a protected environment. The true OS running would actually be what replies to information requests like that. So my guess would be that if you see that the server has IIS5.0, it's a Winderz box.

#15118 - 11/08/02 08:51 PM Re: Question about hacking (it is worng to hack)  
Joined: Oct 2002
Posts: 955
jonconley Offline
UGN Super Poster
jonconley  Offline
UGN Super Poster

Joined: Oct 2002
Posts: 955
Merrill, IA, USA
My understanding is that you telnet to the port and the system it self is no longer responding, it is now whatever application may be listening at that port. This would be the webserver so it would reply the information. That is why it said bad request, it was the webserving expecting a HTTP command. Also, I am not sure about IIS but I remember reading something where you could just edit the response that apache would give. So if you wanted you could probably do the same with IIS or they atleast can prevent it giving out that information.
Again, I don't know if you can do it with IIS, but I know alot of server software allows you to customize it. So while it won't stop someone from being able to detect your OS, it will atleast stop yourself by being detected in a large portscan that grabs banners.


Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,460
Posts82,630
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,624
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)