Banner grabbing

Banner grabbing is a technique used to gain information about a device on a network, such as the operating system, services running on the open ports, the application used, or the version number. It is part of the information-gathering phase. Metasploit has a lot of modules that can be used to collect banners from different types of services.

In the following example, we will use the http_version module, which detects the version number and names of services running on the HTTP protocol on a given IP:

1. Go to Modules from the Project tab bar and type http_version in the Search Modules box:

2. Now, click on the module name. This will redirect us to the module options, where we can specify the target addresses and other settings, as shown in the following screenshot.

In our case, we will choose port 80, as we know the HTTP protocol is running on port 80. This value can be changed to any port number where HTTP is running:

3. Once everything is set, we click on the Run Module button shown in the previous screenshot. A new task will be created. Click on Tasks from the Project Options tab to see the status of the task:

4. When the module completes execution, we can go back to the Analysis tab and click on the Host IP against which we ran the module:

5. We will see that the module has detected and printed the banner running on port 80 under SERVICE INFORMATION, as shown in the following screenshot:

Next, let's see how the HTTP headers of the web application can be detected.