Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Mar 2002
Posts: 4
I
Junior Member
OP Offline
Junior Member
I
Joined: Mar 2002
Posts: 4
ok you know if you every wanted to break into a website you need to the know the OS the computer is running off of?? i did a little test i picked any web site. opened telnet and connected through port 80 it connected but when i typed something in and press enter it gave me this.

HTTP/1.1 400 Bad Request
Server: Microsoft- IIS/5.0
Date:sat, 09 Mar 2002 00.32.48 GMT
content-type: text/html
content-length: 87

<html><head><title>error</title></head><body>the parameter is incorrect. </body>
</html>
what does this mean??? does this tell me the OS (operating system)?


no
Joined: Mar 2002
Posts: 109
T
Member
Offline
Member
T
Joined: Mar 2002
Posts: 109
Quote:
Server: Microsoft- IIS/5.0


"There is no end. There is no beginning. There is only the infinite passion of life."
--Fellini
Joined: Mar 2002
Posts: 185
M
Member
Offline
Member
M
Joined: Mar 2002
Posts: 185
First off, what does this have to do with the title of this topic? heh, but I will answer your question anyways. You just received a lot of information! First, the server is running Windows, you can tell that because the server is using Microsoft-IIS/5.0 which is a Windows OS. You can probably guess it's using NT/2K because that's what most servers are using. Next, you know that it's running IIS 5.0 now so you can look for exploits for that server software. Also, you can get the timezone of the server, which doesn't really give you anything but it's an extra tid bit of information.


Cha want some w***up?

http://www.dopeskill.com
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
hey they could be elite by installing wine and running iis :x


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Mar 2002
Posts: 4
I
Junior Member
OP Offline
Junior Member
I
Joined: Mar 2002
Posts: 4
meaning??


no
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
WINE makes it possible to run windows binarys in linux, therefore if one wanted they could run IIS in linux if they felt like it and configured it correctly.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Mar 2002
Posts: 185
M
Member
Offline
Member
M
Joined: Mar 2002
Posts: 185
But the chances of that are very slim because IIS isn't the greatest in the first place on windows, so why bother running it on Linux.


Cha want some w***up?

http://www.dopeskill.com
Joined: Mar 2002
Posts: 5
N
Junior Member
Offline
Junior Member
N
Joined: Mar 2002
Posts: 5
You may want to try running a port scan to see if the box has any open mail servers (almost def). Often times (even if the admin is smart), the true nature of the OS can be determined through these arbitrary ports.
ciao tuto


:: nokil0 ::
Joined: Mar 2002
Posts: 5
N
Junior Member
Offline
Junior Member
N
Joined: Mar 2002
Posts: 5
A side note to my last post; even if you can not get direct information the the open port itself, a finger print of sorts, is what specific ports (in all) are open. You can identify many machines by which ports have been enabled.


:: nokil0 ::
Joined: Mar 2002
Posts: 626
Member
Offline
Member
Joined: Mar 2002
Posts: 626
WINE is a sort of windows emulator. It is real nice. However my doubts that many people would run a server with WINE. It isn't as stable as I wish it would be. Especially for a use as a server, It still has glitches with some games but I like. Yet it is a good idea but slim. Really interesting stuff. Another nice thing is VMWARE and win4lin, win4lin would prob be used more then WINE if was to run a server. Just curious would it tell you (if used WINE) that it is a Win based OS? I would think not, but not sure. However I know it would if win4lin. Thanks.


-hKzKnight
"The ghost... Was never there and you'll never see me"
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
rofl.. WINE (WINE Is Not an Emulator) heh..


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Nov 2002
Posts: 1
Junior Member
Offline
Junior Member
Joined: Nov 2002
Posts: 1
I may be wrong, but if you were running WINE er Win4Lin etc. and you were running IIS I would think that the information that has been received would not reflect IIS. The reason being is that most of those types of programs run in a protected environment. The true OS running would actually be what replies to information requests like that. So my guess would be that if you see that the server has IIS5.0, it's a Winderz box.

Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
My understanding is that you telnet to the port and the system it self is no longer responding, it is now whatever application may be listening at that port. This would be the webserver so it would reply the information. That is why it said bad request, it was the webserving expecting a HTTP command. Also, I am not sure about IIS but I remember reading something where you could just edit the response that apache would give. So if you wanted you could probably do the same with IIS or they atleast can prevent it giving out that information.
Again, I don't know if you can do it with IIS, but I know alot of server software allows you to customize it. So while it won't stop someone from being able to detect your OS, it will atleast stop yourself by being detected in a large portscan that grabs banners.


Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5