Welcome to WebmasterWorld Guest from 54.160.221.82

Forum Moderators: bakedjake

Message Too Old, No Replies

Sniffing out a box.

ahem, (*nix webserver that is...)

     
9:34 pm on Jul 19, 2001 (gmt 0)

Administrator from US 

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 1999
posts:38047
votes: 11


What's a good strategy for sniffing out what type of os and box you are on from the command line? Even if things are disabled, obfuscated, or out of your group that you'd normally use:
foo2:~$ uptime
4:23pm up 0 min, 1 user, load average: 0.00, 0.00, 0.00
foo2:~$ ps
bash: /bin/ps: Permission denied
foo2:~$ w
Segmentation fault
foo2:~$

I run into this one an different servers. Where to go from there? ya...I've probably tried it...

9:43 pm on July 19, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Feb 21, 2001
posts:419
votes: 0


Have you tried:
uname -a

added:
or using the "whats that site running" form at [uptime.netcraft.com...] on one of its hosted sites?

10:43 pm on July 19, 2001 (gmt 0)

Full Member

10+ Year Member

joined:Feb 28, 2001
posts:208
votes: 0


Sneaky ways to determine the OS you are on.

1. perl -v : often tells the environment it was compiled for.
2. on "not so well" designed *nix systems, locate the file dmesg and view it (most likely...errr...hopefully...you'll get a permission denied).
3. <? phpinfo() ?> Assuming PHP Access, anyway.

The netcraft link is probably best bet if all others are locked down. But if they're paranoid enough to lock out every other possible command, they probably have altered what their server reports, as well.

10:55 pm on July 19, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


gcc -dumpmachine -> the most reliable for me :)
echo $MACHTYPE

could also try:
less /etc/redhat-release
less /etc/debian_version

uname -a will give the OS but doesn't tell much about package configuration.

11:00 pm on July 19, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 6, 2000
posts:904
votes: 0


telnet 127.0.0.1 80
HEAD / HTTP/1.0
[return]
[return]

...will give info on the server - basically a command line version of the netcraft tool.

11:34 pm on July 19, 2001 (gmt 0)

Administrator from US 

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 1999
posts:38047
votes: 11


I've tried all but littles' trick with gcc before. (they've covered their bases here). So far, Generic linux is all that can be determined. I'll have to assume its RH. I've not done the core dump yet...hehe. That's a good one.

/etc is off limits.
Although, I'd not tried the perl -V recently and found the box name it was compiled on anyway (dev1.host4u.net) which reveals a touch about the real host.

Some day we are going to find out that all these little hosting companies are really owned by exodus.net. Is there anyone out there who actually OWN's their own box that they sell hosting on anymore...

1:02 am on July 20, 2001 (gmt 0)

Full Member

10+ Year Member

joined:Feb 28, 2001
posts:208
votes: 0


Hmmmm....some others...

4. If you have access to compile your own binaries, you could locate the source to uname...may or may not work.

5. If /var contains a "cobalt" directory you are most likely on a Cobalt RaQ/Qube/whatever, running their version of RedHat.

6. at the prompt - "locate redhat" (or other linux distro)
6a. at the prompt - "find / -name redhat" (or other linux distro) should generate lots o' permission denieds, but could have useful info.

7. FTP in and read the greeting message?

2:10 am on July 20, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 29, 2000
posts:1425
votes: 0


There is a program out there called Genius from www.indiesoft.com

It'll do a http request with a detailed output on any URL you want. You can even spoof the UA

cmd > GET / HTTP/1.0
cmd > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
cmd > User-Agent: Blahblah
cmd > Host: www.ajdfkljasldasf.com
cmd > Pragma: no-cache
cmd >
text/html => document.htm
Document = document.htm
RequestDone Error = 0
StatusCode = 200
hdr>HTTP/1.1 200 OK
hdr>Date: Fri, 20 Jul 2001 02:05:29 GMT
hdr>Server: Apache/1.3.12 (Unix) mod_rdbcookie/1.0 mod_backwash/3.36 yasl/2.21 mod_oas/4.65m sw/1.5 rewrite/3.3 include/3.6
hdr>Set-Cookie: LANG=eng; path=/; domain=.agagdsagsdg.com
hdr>Connection: close
hdr>Content-Type: text/html

maybe this can help figure out how to do it off of a prompt. I'm not too well versed in the tech parts of it. I just code other stuff

windsor

6:02 am on July 20, 2001 (gmt 0)

Inactive Member
Account Expired

 
 


"uname -a" is about the best start. Then if you are on a linux box you'll need to poke around as littleman mentioned to determine what your userland is.

POSIX dictates that there should be a "uname", so just about every *NIX includes it with the base binary set (I can't think of one that doesn't have it).

See manpage for details. :>

Rob++

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members