This is a trick to get GET The WEB SERVER OS Version.
so you can zero your attack on specific OS/Application
Lets assume that the Target to attack is www.target123.com
login to www.netcraft.com and enter the www.target123.com
to find its IP
lets asume that the IP is 100.100.100.100
once you know the IP, telnet the IP with port 80
(as HTTP port is always open and firewalls allow HTTP Traffic)
C:\> telnet 100.100.100.100 80
for sure, you will be connected to the Web Server Now
you have to run some HTTP Commands now, see below commands
although you may not see you commands while typing, but its
been sent to web server
GET / HTTP/1.0
GET / HTTP/1.1
this should give you the OS versions and Web Service Version.
(but sometime still you may not get the BANNER, this is coz
there is restriction in the web server, for anouncing the
OS details). if this happens, open another command prompt window
and telnet again with port 445 (windows native SMB port)
c:\> telnet 100.100.100.100 445
now if this one connects, then no doubt, the WEB Server is
Microsfot Server and the WEB Service will surely be IIS.
(There's chance that even this may be blocked in Filtering device)
once you know, what is the OS and Web Service Application is running, now you have zeroed already, and you can try specific
platform attack and use specific tools.