Banner Grabbing with TELNET

April 18, 2017 | Views: 19781

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Banner Grabbing with TELNET

Why use TELNET?

With tools like Nmap and Metasploit available you’re probably asking, “Why would I need to know how to use telnet?” While true, there are many tools that can be used to gather this information from services that are willing to dish it out, TELNET is available on Linux, Mac OS X, and Windows operating systems; as well as giving the would-be hacker “hands on” experience manually plugging in specific TCP/UDP port numbers and using HTTP request to gather information other tools would automatically.

What is TELNET?

TELNET is an application protocol, generally used for remote terminal connections and has been replaced by the use of more secure protocols such as SSH. Despite being regarded as obsolete the TELNET protocol is still widely used today, just check out shodan.

Using TELNET

On most Linux distros TELNET is installed by default, but if it does not use your distro’s package manager to run;


# Debian/Ubuntu Based Distros
apt-get install telnet

# Fedora/RHEL Based Distros
dnf install telnet

# OpenSUSE
zypper install telnet

# Arch Linux
pacman -S inetutils

On Windows versions after XP, the TELNET client is disabled by default. To enable TELNET in Windows open up a command prompt with elevated privileges and enter;

dism /online /Enable-Feature /FeatureName:TelnetClient

Now that you have telnet installed or enabled, you can use TELNET by entering the command ‘telnet’, followed by the IP address or hostname of the host you would like to connect. By default, if no optional port number is specified, TELNET will attempt to connect to the default TELNET port, 23. TELNET can also be used interactively by entering ‘telnet’, with no arguments to the terminal. This will change the prompt to display ‘telnet>’. From the telnet prompt you can enter;

open host port

This will open a connection to the specified host on the specified port.

Banner Grabbing

Web servers are probably the most accessible type of server available to us so let’s start with that. From your terminal enter the command;

telnet google.com 80

This will make a connection to google on the default HTTP port 80. After entering the above command you should see the following displayed;

From here you can just press the return key a couple times or if you wanted some meta information for the web page, enter the HTTP HEAD method;

HEAD / HTTP/1.1

Press the return key a few times and the server will give back some information.

One piece of information that probably stands out to you is the server field, which in this case is “gws”, or Google Web Server. Try this out on some sites you visit and see what you find.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel