4. When you successfully connected, you will see a blank window, it's not an error because typically this protocol is used to establish a connection to TCP port 23, but now we use it to connect to port 80. I will try to view the index.html inside the local wwwroot.
Just type in the blank window, even you can't see it. You can write it down in notepad or other text editor and then paste it to the cmd window.
Press enter two times to show the result.
GET /index.html HTTP/1.0
5. Now the next step is how to do the enumeration using telnet? What information I can get when if I can browse website using command prompt? Let's see this network topology below:
If we are the attacker(client 2) and we already own the client 1 computer, we want to know which ISP client 1 use, what IP he use and which country and city client 1 come from, we can use this how to browse website using command prompt and start browse the internet to find the useful information.
If you see the result while we do browse the internet using command prompt in step 4, all HTML tags was shown there which makes the result a little hard to read. The attacker have his own web server and he already make a little script to detect the victim computer : what IP address, which ISP they use, from which country and city.
telnet attacker_web_server 80
GET /tools/mywhois.php HTTP/1.0
Here is the result after he run the command.
from the information above, of course we can do more things than just browse website using command prompt 🙂
1. If we relate with the tutorial How to Send Email Using Telnet in Kali Linux, we also can send email anonymously.
2. Some server doesn't allow you to do browse through telnet. e.g: google.com
Hope it useful 🙂