The HTTP protocol requires two line breaks after a command set. This means
that when logging into an HTTP daemon with telnet, we must press [enter]
or [return] twice after each command given to the daemon.
Reading WWW documents on HTTP port 80:
Log into an HTTP server on port 80 with telnet and type the following:
get / http/1.1
Press return twice [\n\n].
This will return the default document located in the sites root HTTP directory.
Other HTTP command variations:
get /index.html http/1.1
head / http/1.1
put / http/1.1
HTTP server software query:
Type a single letter 'n' for example and then press return twice.
www.gte.net returns the following:
<![CDATA[
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/4.0
Date: Wed, 03 May 2000 20:01:05 GMT
Content-Type: text/html
Content-Length: 87
<html><head><title>Error</title></head><body>The parameter is incorrect.</body>
]]>
We now know the www.gte.net is running the Microsoft IIS 4.0 software on
a Windows NT Server. We also know that they are more vulnerable to a hacker
than say a government machine using a POSIX HTTP server. This is because
GTE is profit oriented not security oriented. A Windows NT network can
be maintained by less skilled technicians and therefore costs less to
administrate.
Using this same technique on www.yahoo.com returns nothing. This is because
the system engineers have configured the server not to broadcast this
information. This information is the first gathered by hackers who are
attempting to exploit an HTTP server daemon.
Status Codes: 1xx to 5xx.
The most common is: HTTP/1.0 200 OK.
This status code indicates the request was successful.
Other status code information:
- The 2xx series signify a successful completion of the HTTP command given.
- The 3xx series signify errors due to moving of documents.
- The 4xx series signify errors caused at browser side.
- The 5xx series signify errors at the server side.