skip to content

System: Emulating an HTTP/1.1 Request using Telnet

It's actually very simple using Telnet to connect to a webserver and download HTML or other files.

First you need to connect to the server using an IP address or hostname:

$ telnet XXX.XX.XX.XXX 80

Then request the page you want. HEAD and GET are the most common options. HEAD will return information about the requested file/page, but not the content. GET will retrieve both the Header information as well as the content, terminated with 0.

Following the HEAD/GET command you need to specify HTTP/1.1. Then on the next line specify the Host domain name. HTTP/1.1 allows for multiple domains to be hosted at a single IP address so this is important. The User-Agent and other options can be specified on subsequent lines.

GET / HTTP/1.1<Enter> Host: www.example.com<Enter> User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)<Enter> <Enter>

The command is executed after a blank line is entered (press Enter twice).

Working Example

Enter an IP address, Hostname and Request URI in the form below and it will make a HEAD request to the server in question and display the results:

e.g. 74.207.254.254 e.g. www.the-art-of-web.com e.g. /system/telnet-http11/

Note: For security we've limited the inputs to this script. Only valid IPv4 IP addresses are accepted for the Server IP. The Hostname field accepts letters, numbers, hyphens and periods. The Request field also accepts the forward slash, and must (obviously) start with one.

If no output appears below then the server didn't respond within 5 seconds.

Requesting a secure (HTTPS) address

To request a page from a secure (SSL) server on port 443 you can use openssl instead of telnet. Other than that the method is the same:

$ openssl s_client -connect XXX.XX.XX.XXX:443 -crlf ... connection information will be displayed ... GET / HTTP/1.1<Enter> Host: www.example.com<Enter> <Enter>

This is useful for testing whether a web server certificate has been installed properly without having to update the DNS before you can check. The -crlf option will convert your <Enter> into "\r\n".

To open an SSL connection to a live website you should always connect using the domain name and not the ip address.

References

< System

User Comments

Post your comment or question

27 October, 2020

i just started learning about telnet into http website, so my apologies if i ask a dumb question i am curious with openssl can i test connectivity to websites that are only accessible via https?

15 March, 2018

Please add example for SNI also
$ openssl s_client -connect example.net:443 -servername example.net

8 June, 2013

$ openssl s_client -connect XXX.XX.XX.XXX:443
... connection information will be displayed ...
GET / HTTP/1.1
host: XXX.XX.XX.XXX

or

$ openssl s_client -connect www.example.com:443
... connection information will be displayed ...
GET / HTTP/1.1
host: www.example.com

Don't MIX

5 February, 2013

Thanks for the site, it makes alot easier to test vhost configurations on my servers than using telnet!

19 April, 2012

Thanks so much for this article.
I was pulling my hair out till I read this.

top