First, what is Banner
- Banner information, welcome words, you can get software developers, software name, version, type of service and other information in the banner information, you can use some of this information directly to the tool by using the corresponding exp to attack.
- Prerequisites: needs and objectives to establish a link, only to establish a link, we can obtain the corresponding information banner
- On the target server can be hidden from the banner or prohibit reading
Second, the collection methods:
1, NC (netcat, Swiss Army Knife)
21 is 192.168.1.1 -nv NC
-n denotes a display in digital form the IP
-v show details
2, dmitry (A software scan server-based scanning full links)
dmitry -pb 192.168.1.1
3, using namp
-sT -p1- nmap 200 --script = banner 192.168 . 1.1 - sT represent TCP-based way to scan -p1- 200 scan ports from 1 to 200 --script expressed using a script banner
4, amap
-B AMAP 192.168 . 11.1 1 * 200 -B retrieves information banner
5, by means of a plug-in Firefox browser: Wappalyzer,
6, using the tool bar package intercept a response packet, with reference to the banner message
such as: BP, Tamper Date, Live HTTP heads etc.
We need to focus on the response packet two parameters: server, x-powered-by