Have you tried:
or using the "whats that site running" form at [uptime.netcraft.com...] on one of its hosted sites?
Sneaky ways to determine the OS you are on.
1. perl -v : often tells the environment it was compiled for.
2. on "not so well" designed *nix systems, locate the file dmesg and view it (most likely...errr...hopefully...you'll get a permission denied).
3. <? phpinfo() ?> Assuming PHP Access, anyway.
The netcraft link is probably best bet if all others are locked down. But if they're paranoid enough to lock out every other possible command, they probably have altered what their server reports, as well.
gcc -dumpmachine -> the most reliable for me :)
could also try:
uname -a will give the OS but doesn't tell much about package configuration.
telnet 127.0.0.1 80
HEAD / HTTP/1.0
...will give info on the server - basically a command line version of the netcraft tool.
I've tried all but littles' trick with gcc before. (they've covered their bases here). So far, Generic linux is all that can be determined. I'll have to assume its RH. I've not done the core dump yet...hehe. That's a good one.
/etc is off limits.
Although, I'd not tried the perl -V recently and found the box name it was compiled on anyway (dev1.host4u.net) which reveals a touch about the real host.
Some day we are going to find out that all these little hosting companies are really owned by exodus.net. Is there anyone out there who actually OWN's their own box that they sell hosting on anymore...
4. If you have access to compile your own binaries, you could locate the source to uname...may or may not work.
5. If /var contains a "cobalt" directory you are most likely on a Cobalt RaQ/Qube/whatever, running their version of RedHat.
6. at the prompt - "locate redhat" (or other linux distro)
6a. at the prompt - "find / -name redhat" (or other linux distro) should generate lots o' permission denieds, but could have useful info.
7. FTP in and read the greeting message?
There is a program out there called Genius from www.indiesoft.com
It'll do a http request with a detailed output on any URL you want. You can even spoof the UA
cmd > GET / HTTP/1.0
cmd > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
cmd > User-Agent: Blahblah
cmd > Host: www.ajdfkljasldasf.com
cmd > Pragma: no-cache
text/html => document.htm
Document = document.htm
RequestDone Error = 0
StatusCode = 200
hdr>HTTP/1.1 200 OK
hdr>Date: Fri, 20 Jul 2001 02:05:29 GMT
hdr>Server: Apache/1.3.12 (Unix) mod_rdbcookie/1.0 mod_backwash/3.36 yasl/2.21 mod_oas/4.65m sw/1.5 rewrite/3.3 include/3.6
hdr>Set-Cookie: LANG=eng; path=/; domain=.agagdsagsdg.com
maybe this can help figure out how to do it off of a prompt. I'm not too well versed in the tech parts of it. I just code other stuff
"uname -a" is about the best start. Then if you are on a linux box you'll need to poke around as littleman mentioned to determine what your userland is.
POSIX dictates that there should be a "uname", so just about every *NIX includes it with the base binary set (I can't think of one that doesn't have it).
See manpage for details. :>