312-50V11 · Question #461
An attacker tries to do banner grabbing on a remote web server and executes the following command. $ nmap -sV host.domain.com -p 80 He gets the following output. scan report for host.domain.com (108.6
The correct answer is B. The hacker successfully completed the banner grabbing.. Using nmap -sV on port 80 constitutes successful banner grabbing because the target web server was identified as Apache httpd from the service response.
Question
An attacker tries to do banner grabbing on a remote web server and executes the following command. $ nmap -sV host.domain.com -p 80 He gets the following output. scan report for host.domain.com (108.61.158.211) Host is up (0.032s latency). PORT STATE SERVICE VERSION 80/tcp open http Apache httpd done: 1 IP address (1 host up) scanned in 6.42 seconds What did the hacker accomplish?
Options
- Anmap can't retrieve the version number of any running remote service.
- BThe hacker successfully completed the banner grabbing.
- CThe hacker should've used nmap -O host.domain.com.
- DThe hacker failed to do banner grabbing as he didn't get the version of the Apache web server.
How the community answered
(20 responses)- B90% (18)
- C5% (1)
- D5% (1)
Why each option
Using nmap -sV on port 80 constitutes successful banner grabbing because the target web server was identified as Apache httpd from the service response.
nmap -sV is specifically designed for service and version detection by probing open ports and is fully capable of retrieving banner information from running remote services.
Banner grabbing is the technique of connecting to a remote service port and capturing the identifying information the service returns, such as software name and version. The nmap -sV flag performs service version detection and the output 'Apache httpd' confirms the web server software was successfully identified. Even though the exact version number was suppressed by the server's configuration, the banner was retrieved and the goal of identifying the running service was accomplished.
nmap -O is used for OS fingerprinting to identify the remote host's operating system - it is not the correct flag for service banner grabbing or version detection.
Banner grabbing was successful because the service was identified as 'Apache httpd' - the absence of a specific version number means the server suppressed that detail via configuration, not that the banner grab itself failed.
Concept tested: Service banner grabbing using nmap -sV
Source: https://nmap.org/book/man-version-detection.html
Topics
Community Discussion
No community discussion yet for this question.