EC-Council
312-50V11 · Question #461
312-50V11 Question #461: Real Exam Question with Answer & Explanation
The correct answer is B: The hacker successfully completed the banner grabbing.. Using nmap -sV on port 80 constitutes successful banner grabbing because the target web server was identified as Apache httpd from the service response.
Question
An attacker tries to do banner grabbing on a remote web server and executes the following command. $ nmap -sV host.domain.com -p 80 He gets the following output. scan report for host.domain.com (108.61.158.211) Host is up (0.032s latency). PORT STATE SERVICE VERSION 80/tcp open http Apache httpd done: 1 IP address (1 host up) scanned in 6.42 seconds What did the hacker accomplish?
Options
- Anmap can't retrieve the version number of any running remote service.
- BThe hacker successfully completed the banner grabbing.
- CThe hacker should've used nmap -O host.domain.com.
- DThe hacker failed to do banner grabbing as he didn't get the version of the Apache web server.
Explanation
Using nmap -sV on port 80 constitutes successful banner grabbing because the target web server was identified as Apache httpd from the service response.
Common mistakes.
- A. nmap -sV is specifically designed for service and version detection by probing open ports and is fully capable of retrieving banner information from running remote services.
- C. nmap -O is used for OS fingerprinting to identify the remote host's operating system - it is not the correct flag for service banner grabbing or version detection.
- D. Banner grabbing was successful because the service was identified as 'Apache httpd' - the absence of a specific version number means the server suppressed that detail via configuration, not that the banner grab itself failed.
Concept tested. Service banner grabbing using nmap -sV
Community Discussion
No community discussion yet for this question.