Detecting version info for apache
Results 1 to 10 of 10

Thread: Detecting version info for apache

  1. #1
    Junior Member
    Join Date
    Aug 2001
    Posts
    22

    Detecting version info for apache

    I was wondering if someone could tell me how to find out what version of apache a server is running. Thanks Alot

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    1,463
    heh, there are many tools to do this, the best one I have found is online..... [http://www.securityspace.com/sprobe/probe.html] Hopefully this will help you

  3. #3
    Junior Member
    Join Date
    Aug 2001
    Posts
    17
    in case you need to need to go deeper--
    check out this article about getting even more system-infos (os et co) via tcp-ip stack fingerprinting (> http://www.insecure.org/nmap/nmap-fi...g-article.html <).

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    You'd be surprised at the number of web sites that still give the version of apache at the bottom of the "Not Found" error page because the admin hasn't bothered to change the default error pages. You can just type:

    http://url/asldjaldjaslkdaslkda

    and presto instant version number
    OpenBSD - The proactively secure operating system.

  5. #5
    Junior Member
    Join Date
    Mar 2002
    Posts
    3
    try downloading IDServe from the web give you detailed information

  6. #6
    Member
    Join Date
    Oct 2001
    Posts
    76
    The best way to do it is go to www.netcraft.co.uk/whats This site will give you web server version, OS version, uptime, cluster info, the lot.

  7. #7
    Member
    Join Date
    Aug 2001
    Posts
    69
    Get a sniffer (eg: CommView from www.tamosoft.com for windoze) and capture the packets while browsing the target site.
    In the packets info you'll see the header information, for example;

    Raw Data:
    0x0000 44 45 53 54 00 00 20 53-52 43 00 00 08 00 45 00 DEST.. SRC....E.
    0x0010 02 40 D1 9A 00 00 3E 06-0D 6D 3F 6C B5 C9 D4 FD .@њ..>..m?l
    0x0020 D1 7D 00 50 05 B9 8C AB-53 BE 00 29 23 B0 50 10 }.P.S.)#P.
    0x0030 20 00 0F A5 00 00 48 54-54 50 2F 31 2E 31 20 32 ....HTTP/1.1 2
    0x0040 30 30 20 4F 4B 0D 0A 44-61 74 65 3A 20 57 65 64 00 OK..Date: Wed
    0x0050 2C 20 32 37 20 4D 61 72-20 32 30 30 32 20 30 36 , 27 Mar 2002 06
    0x0060 3A 35 32 3A 35 37 20 47-4D 54 0D 0A 53 65 72 76 :52:57 GMT..Serv
    0x0070 65 72 3A 20 41 70 61 63-68 65 2F 31 2E 33 2E 32 er: Apache/1.3.2
    0x0080 32 0D 0A 50 33 50 3A 20-70 6F 6C 69 63 79 72 65 2..P3P: policyre
    0x0090 66 3D 22 68 74 74 70 3A-2F 2F 77 77 77 2E 61 6E f="http://www.an
    0x00A0 74 69 6F 6E 6C 69 6E 65-2E 63 6F 6D 2F 77 33 63 tionline.com/w3c
    0x00B0 2F 70 33 70 2E 78 6D 6C-22 0D 0A 43 6F 6E 74 65 /p3p.xml"..Conte
    0x00C0 6E 74 2D 4C 65 6E 67 74-68 3A 20 32 39 33 38 39 nt-Length: 29389
    0x00D0 0D 0A 43 6F 6E 74 65 6E-74 2D 54 79 70 65 3A 20 ..Content-Type:
    0x00E0 74 65 78 74 2F 68 74 6D-6C 0D 0A 43 6F 6E 6E 65 text/html..Conne
    0x00F0 63 74 69 6F 6E 3A 20 6B-65 65 70 2D 61 6C 69 76 ction: keep-aliv
    0x0100 65 0D 0A 0D 0A 3C 21 44-4F 43 54 59 50 45 20 48 e....
    This info gathering process applies to all web servers and not specific to Apache.
    There are many cool things to do with sniffers...
    Try, Fail but Do iT at last!
    ASA The ZeroTimeR
    The Turkish IT Documentation Project

  8. #8
    Junior Member
    Join Date
    Nov 2001
    Posts
    8
    Try this:

    telnet to the target webserver port 80, and write:
    HEAD / HTTP/1.0, an hit enter 2 times and you get the webserver header.

  9. #9
    Senior Member faust's Avatar
    Join Date
    Oct 2001
    Location
    Chicagoland/Murphysboro
    Posts
    105
    you can't telnet to most web servers so that wont work.
    Use this

  10. #10
    Senior Member
    Join Date
    Mar 2002
    Posts
    425
    Faust,

    While you are correct that you can't usually telnet into a webdserver, I don't think that's what spyhunt3r was referring to. Spyhunt3r said to telnet to port 80 on the website. That is the port where the browsers connect to to download the webpages, so it can't refuse your telnet connection if you're allowed to surf there. My personal preference would be to use netcat to connect to port 80. The main reason is that telnet clients send a bunch of garbage when they first connect to another system in an attempt to set up terminal type and other environment variables. Netcat doesn't send anything except the SYN and the ACK and then it waits for input from you. Not a huge difference, it's just that netcat is a littel cleaner.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides