312-50V10 · Question #932
In order to tailor your tests during a web-application scan, you decide to determine which web- server version is hosting the application. On using the sV flag with Nmap. you obtain the following resp
The correct answer is B. Banner grabbing. NOTE - the provided correct answer (C) appears to be an error in the answer key; the technique described is banner grabbing (B). Using Nmap -sV to read service version strings returned by an open port is the definition of banner grabbing, not a dictionary attack.
Question
In order to tailor your tests during a web-application scan, you decide to determine which web- server version is hosting the application. On using the sV flag with Nmap. you obtain the following response:
80/tcp open http-proxy Apache Server 7.1.6 What Information-gathering technique does this best describe?
Options
- AWhOiS lookup
- BBanner grabbing
- CDictionary attack
- DBrute forcing
How the community answered
(18 responses)- A6% (1)
- B89% (16)
- D6% (1)
Why each option
NOTE - the provided correct answer (C) appears to be an error in the answer key; the technique described is banner grabbing (B). Using Nmap -sV to read service version strings returned by an open port is the definition of banner grabbing, not a dictionary attack.
WHOIS lookup queries domain registration databases for ownership and contact records, not live service banners from a running web server.
Banner grabbing is a passive information-gathering technique where an attacker reads the response header or banner a service returns when queried. Nmap's -sV flag sends probe requests to open ports and parses the service banner - in this case extracting 'Apache Server 7.1.6' from the HTTP response - to identify software and version without attempting any credentials or guessing.
A dictionary attack attempts authentication by trying a list of known words or passwords against a login mechanism; no credentials are being tested when running Nmap -sV.
Brute forcing exhaustively tries all possible credential combinations against an authentication service, which is unrelated to reading version banners from open service ports.
Concept tested: Banner grabbing for web server version identification
Source: https://nmap.org/book/man-version-detection.html
Topics
Community Discussion
No community discussion yet for this question.