Articles

Metasploit Framework Windows Tutorial
Remote Desktop Connection
Windows Processes That May Be Dangerous
How-To use NetCat a Tutorial
Common Linux Commands
Common Ports
Netcat Commands
HTTP Response Codes
War-Google Hack Terms
Wardriving
Avoiding Social Engineering and Phishing Attacks
Intrusion Detection on Linux
Linux Intrusion Detection
Penetration Testing Guide
Penetration Testing Tools
Social Engineering Fundamentals, Part I: Hacker Tactics
Social engineering (computer security)
The Psychology of Social Engineering

The Archives

General GSO
GovernmentSecurity.org News & Suggestions
In The News
Open Topic
General Security Information
Trash Can
Exploit & Vulnerability Mailing List Archives
Trial Member Forum
Product and Program Reviews GSO Tutorials
System Security
Windows Systems
Beginners Section
Linux & Unix Systems
File Downloads
Exploit Research & Discussion Trojan & Virus Errata
Networking Security / Firewall / IDS / VPN / Routers
System Hardening
E-Mail Security
Wifi Security
Trial Member Uploads
Upload discovered Trojans & Mal ware
GSO Programming Section
C , C++ , VC++
Visual Basic.NET
Perl /CGI
Java/Javascript
PHP/XML/ASP/HTML
Assembly + Other
The Cork Board
Network Security Consultant Directory
Network Security Jobs
The Archives
Encryption Information
General Network Security
Internet Anonymity
HTTP Protocol Security
Linux Security
MS IIS Information
Exploit Articles
Programming / Tool Design
GSO Software Projects
Public Downloads
Microsoft Security Questions and Papers
Help - Search - Member List - Calendar
Full Version: Banner Graber
GovernmentSecurity.org > The Archives > GSO Software Projects
GAN_GR33N
Oct 1 2003, 05:12 AM
this is a lame3 little bannergrabber/scanner i am working on. take a look and let me know what you think all suggestions welcome.

if anyone wants the source files just pm me your email and i'll send it.

also if anyone thinks they can help with improving this pls feel free. I have had a few problems with the ouput. try scanning ports 110, 25, 21 then try 23 and you'll see what i mean for some reason on telnet it screws up the banner.
z0mbi3
Oct 1 2003, 06:30 AM
hi thats one gnarly grabber
i tried making it but when i connected with winsock i never received any data, well came empty: could be i did the worng thing....

so... could i check out you code thnx man
GAN_GR33N
Oct 1 2003, 07:13 AM
just decided to post code
coder
Oct 1 2003, 02:55 PM
i wrote a banner grabber that scanned a range of IP(s) to look for specific words (version numbers, etc...) it works quite nicely, although i compiled it from Perl a while ago- and will need to find the source before i can post...

if you want a win32 binary, i've attached one.
the syntax would be "scanr 127.0.0. 1 254 IIS"

that would scan all ip(s) from 127.0.0.1 - 127.0.0.254 and log all of those IP(s) that responded with a HTTP Banner with the word "IIS" in it.
woutiir
Oct 1 2003, 03:00 PM
Write one in C so that we all can enjoy it and help you! (err, acutally i can..)

Tho i can read perl.. hehe, not write it..

But C rocks

rock on!

.......


Gr. woutiir
GhostCow
Dec 13 2003, 05:09 PM
coder can you post the perl script?
Hexboy
Dec 14 2003, 09:07 AM
I beefed up my C banner grabber to support regex type of arguments. Contact me if you're interested.
passi
Dec 14 2003, 03:25 PM
great work at boath of you! thanks
WaZa
Jan 22 2004, 10:55 PM
indeed, nice work
Axl
Jan 23 2004, 01:53 AM
Great job m8y, a very nice tool... I'm gonna check the source out some time later.
Antil
Jan 26 2004, 04:40 PM
great tool indeed
nice work you did guys!
studnikov
Jan 29 2004, 06:50 AM
Forsure nice work .. but the next one needed is a Remote banner scanner.
technoboy
Feb 16 2004, 03:53 AM
remind me of something i wrote long time ago, before nmap added the '-sV' option. Basicly its a perl script that parse nmap results file and grab banner for the ports of interest

here is the code:

CODE

#!/usr/bin/perl
# h0ly ju4r3z 4nd b3y0nd

use Socket;

$|=1;

my $program = "nGrab";
my $version = "0.20";

my @banner = (21, 22, 23, 25, 80, 110);

&usage if !@ARGV; &main;

sub main {
while (<>) {
if (/^Interesting ports on.*\((\S+)\):/) {
 $ip = $1; $i++;
} foreach $port (@banner) {
 if (/^$port\/(\w+)\s+open/) {
  $proto = $1; $p++;
  &banner($ip, $port, $proto);
  }
 }
} &stats;
}

sub banner {
my ($ip, $port, $proto) = @_;
print "$ip:$port\t=> ";
socket(SOCK, PF_INET, SOCK_STREAM, getprotobyname($proto)) or die "Couldn't create socket: $!\n";
connect(SOCK, sockaddr_in($port, inet_aton($ip))) or print "Couldn't connect to socket: $!\n";
if ($port != 80) {
 $banner =<SOCK>;
 close(SOCK);
 print $banner;
} else {
 send(SOCK, "GET / HTTP/1.0\n\n", 0);
 @o = <SOCK>;
 close(SOCK);
 foreach (@o) {
  if (/Server:\s(.*)/) {
   $banner = $1;
   print $banner;
  }
 }
}
}

sub stats {
print "\n$program $version scan complete !\n";
print "------------------------------------------------------------------\n";
print "Host   => $i\n";
print "Banner => $p\n";
}


sub usage {
print "\n<$program $version> Simple banner grabber for port 21/22/23/25/80/110/143\n";
print "------------------------------------------------------------------\n";
print "credit: <someone\@else.com>\n\n";
print "infos:  Grab process portscan results files from nMap and extract\n";
print "\tthe ports banner automaticaly.  nGrab is very fast and can\n";
print "\tprocess an entire Class (C) in less than 30 seconds. Speed\n";
print "\tmay vary depending what connection you are currently using\n";
print "\nusage:  ngrab.pl <files>\n\n";
exit;
}


tongue.gif
T3cHn0b0y
Feb 16 2004, 10:58 PM
Another hardstyle lover in the house? Gimme my name back bitch!
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2005 Invision Power Services, Inc.