I was wondering if someone could tell me how to find out what version of apache a server is running. Thanks Alot
Printable View
I was wondering if someone could tell me how to find out what version of apache a server is running. Thanks Alot
heh, there are many tools to do this, the best one I have found is online..... [http://www.securityspace.com/sprobe/probe.html] Hopefully this will help you ;)
in case you need to need to go deeper--
check out this article about getting even more system-infos (os et co) via tcp-ip stack fingerprinting (> http://www.insecure.org/nmap/nmap-fi...g-article.html <).
You'd be surprised at the number of web sites that still give the version of apache at the bottom of the "Not Found" error page because the admin hasn't bothered to change the default error pages. You can just type:
http://url/asldjaldjaslkdaslkda
and presto instant version number ;)
try downloading IDServe from the web give you detailed information
The best way to do it is go to www.netcraft.co.uk/whats This site will give you web server version, OS version, uptime, cluster info, the lot.
Get a sniffer (eg: CommView from www.tamosoft.com for windoze) and capture the packets while browsing the target site.
In the packets info you'll see the header information, for example;
This info gathering process applies to all web servers and not specific to Apache.Quote:
Raw Data:
0x0000 44 45 53 54 00 00 20 53-52 43 00 00 08 00 45 00 DEST.. SRC....E.
0x0010 02 40 D1 9A 00 00 3E 06-0D 6D 3F 6C B5 C9 D4 FD .@Ñš..>..m?lµÉÔý
0x0020 D1 7D 00 50 05 B9 8C AB-53 BE 00 29 23 B0 50 10 Ñ}.P.¹Œ«S¾.)#°P.
0x0030 20 00 0F A5 00 00 48 54-54 50 2F 31 2E 31 20 32 ..¥..HTTP/1.1 2
0x0040 30 30 20 4F 4B 0D 0A 44-61 74 65 3A 20 57 65 64 00 OK..Date: Wed
0x0050 2C 20 32 37 20 4D 61 72-20 32 30 30 32 20 30 36 , 27 Mar 2002 06
0x0060 3A 35 32 3A 35 37 20 47-4D 54 0D 0A 53 65 72 76 :52:57 GMT..Serv
0x0070 65 72 3A 20 41 70 61 63-68 65 2F 31 2E 33 2E 32 er: Apache/1.3.2
0x0080 32 0D 0A 50 33 50 3A 20-70 6F 6C 69 63 79 72 65 2..P3P: policyre
0x0090 66 3D 22 68 74 74 70 3A-2F 2F 77 77 77 2E 61 6E f="http://www.an
0x00A0 74 69 6F 6E 6C 69 6E 65-2E 63 6F 6D 2F 77 33 63 tionline.com/w3c
0x00B0 2F 70 33 70 2E 78 6D 6C-22 0D 0A 43 6F 6E 74 65 /p3p.xml"..Conte
0x00C0 6E 74 2D 4C 65 6E 67 74-68 3A 20 32 39 33 38 39 nt-Length: 29389
0x00D0 0D 0A 43 6F 6E 74 65 6E-74 2D 54 79 70 65 3A 20 ..Content-Type:
0x00E0 74 65 78 74 2F 68 74 6D-6C 0D 0A 43 6F 6E 6E 65 text/html..Conne
0x00F0 63 74 69 6F 6E 3A 20 6B-65 65 70 2D 61 6C 69 76 ction: keep-aliv
0x0100 65 0D 0A 0D 0A 3C 21 44-4F 43 54 59 50 45 20 48 e....
There are many cool things to do with sniffers...
:cool:
Try this:
telnet to the target webserver port 80, and write:
HEAD / HTTP/1.0, an hit enter 2 times and you get the webserver header.
you can't telnet to most web servers so that wont work.
Use this
Faust,
While you are correct that you can't usually telnet into a webdserver, I don't think that's what spyhunt3r was referring to. Spyhunt3r said to telnet to port 80 on the website. That is the port where the browsers connect to to download the webpages, so it can't refuse your telnet connection if you're allowed to surf there. My personal preference would be to use netcat to connect to port 80. The main reason is that telnet clients send a bunch of garbage when they first connect to another system in an attempt to set up terminal type and other environment variables. Netcat doesn't send anything except the SYN and the ACK and then it waits for input from you. Not a huge difference, it's just that netcat is a littel cleaner.