Lab 2
Banner Grabbing to Determine a Remote Target System using ID Serve
IDS Serve is used to identify the make, model, and version of any website's server sofhrare.
Lab Scenario
111 die previous lab, you learned to use Advanced IP Scanner. This tool can also be used by an attacker to detect vulnerabilities such as buffer overflow, integer flow, SQL injection, and web application 011 a network. If these vulnerabilities are not fixed immediately, attackers can easily exploit them and crack into die network and cause server damage.
Therefore, it is extremely important for penetration testers to be familiar widi banner grabbing techniques to monitor servers to ensure compliance and appropriate security updates. Using this technique you can also locate rogue servers or determine die role of servers within a network. 111 diis lab, you will learn die banner grabbing technique to determine a remote target system using ID Serve.
Lab Objectives
The objective of diis lab is to help students learn to banner grabbing die website and discover applications running 011 diis website.
111 diis lab you will learn to:
■ Identify die domain IP address
■ Identify die domain information
Lab Environment
To perform die lab you need:
■ ID Server is located at D:\CEH-Tools\CEHv8 Module 03 Scanning Networks\Banner Grabbing Tools\ID Serve
■ You can also download the latest version of ID S e rv e from the link http: / / www.grc.com/id/idserve.htm
■ I f you decide to download the la te s t version, then screenshots shown in the lab might differ
■ Double-click idserve to run ID Serve
■ Administrative privileges to run die ID Serve tool
■ Run this tool on Windows Server 2012
Lab Duration
Time: 5 Minutes
Overview of ID Serve
ID Serve can connect to any server port on any domain or IP address, then pull and display die server's greeting message, if any, often identifying die server's make, model, and version, whether it's for FTP, SMTP, POP, NEW’S, or anything else.
Lab Tasks
1. Double-click idserve located at D:\CEH-Tools\CEHv8 Module 03 Scanning Networks\Banner Grabbing Tools\ID Serve
2. 111 die main window of ID Serve show in die following figure, select die Sever Query tab
![]() |
FIGURE 21: Main window of ID Serve |
![]() |
FIGURE 22 Entering die URL for query |
![]() |
FIGURE 23: Server processed information |
Document all the IP addresses, their running applications, and die protocols you discovered during die lab.
Questions
1. Examine what protocols ID Serve apprehends.
2. Check if ID Serve supports https (SSL) connections.
Không có nhận xét nào:
Đăng nhận xét