/*

HTTP Banner Grabber

Not much to say just a basic HTTP Banner Grabber.

Thanks to GSO, MSDN and google for the code :P

Thanks to Yorn and GSO for the idea;)

*/

#include <winsock.h>
#include <stdio.h>

#pragma comment(lib,"Ws2_32.lib")

SOCKET connSocket;
const char* sendHeader = "GET / HTTP/1.0\r\n\r\n";

void progUsage(char *prog)
{
printf("\n[+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+]\n");
printf("[+]\n");
printf("[+]\t\t      HTTP Banner Grabber coded by SkitZZ\n");
printf("[+]\n");
printf("[+]\n");
printf("[+] Usage: %s <server name> <port number>\n", prog );
printf("[+]\n");
printf("[+] \t   <server name> Server name or IP address.\n" );
printf("[+] \t   <port number> Server port number, default port is 80.\n");
printf("[+]\n");
printf("[+] Example: %s www.localhost.com 80\n", prog );
printf("[+] \t     %s localhost.com\n", prog );
printf("[+] \t     %s 127.0.0.1\n", prog );
printf("[+]\n");
printf("[+]\n");
printf("[+]\t\t\t\tThanks to GSO\n");
printf("[+]\n");
printf("[+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+][-][+]\n");
exit (1);
}

void closeSocket()
{
closesocket(connSocket);
WSACleanup();
exit (1);
}

void openSocket(char* serverName, int portNumber)
{
struct sockaddr_in addr;
struct hostent *hp;

connSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connSocket == INVALID_SOCKET)
{
 printf("\n[-] Error at SOCKET(): %ld\n", WSAGetLastError());
 closeSocket();
}

if (isalpha(serverName[0]))
{
 hp = gethostbyname(serverName);

 if (hp == NULL )
 {
  printf("\n[-] Error %d Can't resolve: %s\n", WSAGetLastError(), serverName);
  closeSocket();
 }

 memset(&addr,0,sizeof(addr));
 memcpy(&(addr.sin_addr),hp->h_addr,hp->h_length);
}
else
{
 memset(&addr,0,sizeof(addr));
 addr.sin_addr.s_addr = inet_addr(serverName);
}

addr.sin_family=AF_INET;
addr.sin_port = htons(portNumber);

printf("\n[+] Connecting to %s port %d\n", inet_ntoa(addr.sin_addr), portNumber);

if (connect(connSocket, (struct sockaddr*) &addr, sizeof(addr)) == SOCKET_ERROR)
{
 printf("\n[-] Error %d. Failed to connect to %s\n", WSAGetLastError(), serverName);
 closeSocket();
}
}

int main(int argc, char** argv)
{
int portNumber, socketRead, result, i=0;
char recvbuff[1028], banner[256];
char *pdest;
WSAData wData;

if(argc != 2 && argc != 3)
{
 progUsage(argv[0]);
}

if (WSAStartup(MAKEWORD(2, 0), &wData) != NO_ERROR)
{
 printf("\n[-] WSA initialization failed.\n");
 return 1;
}

if(argc == 3)
{
 portNumber = atoi(argv[2]);
 openSocket(argv[1], portNumber);
}
else
{
 portNumber = 80;
 openSocket(argv[1], portNumber);
}

send(connSocket, sendHeader, strlen(sendHeader), 0);

socketRead = recv(connSocket, recvbuff, sizeof(recvbuff), 0);

if(socketRead == 0)
{
 printf("\n[-] Error %d. Can't receive from %s\n", WSAGetLastError(), argv[1]);
 closeSocket();
}

pdest = strstr(recvbuff, "Server: ");

if(pdest == 0)
{
 printf("\n[-] Can't find banner at %s\n", argv[1]);
 closeSocket();
}

result = (int)(pdest - recvbuff + 8);

   do
{
 banner[i++]=recvbuff[result++];
 banner[i]='\0';
   }
while (recvbuff[result] != '\n');

printf("[+] Banner recived from %s: %s\n",argv[1],banner);

closeSocket();

return 0;
}

C:\>http_bg.exe 192.168.92.130

[+] Connecting to 192.168.92.130 port 80
[+] Banner recived from 192.168.92.130: Microsoft-IIS/5.0

C:\>http_bg.exe 192.168.92.131 80

[+] Connecting to 192.168.92.131 port 80
[+] Banner recived from 192.168.92.131: Apache/2.0.36 (Unix) mod_ssl/2.0.36 OpenSSL/0.9.6b PHP/4.2.1

C:\>http_bg.exe 192.168.92.132 81

[+] Connecting to 192.168.92.132 port 81
[+] Banner recived from 192.168.92.132: Apache/2.0.54 (Win32) PHP/5.0.4

C:\C\http_grabber\http_bg>