Government Security
Network Security Resources

Jump to content

Photo

Banner Graber

- - - - - scanning scanner
  • Please log in to reply
13 replies to this topic

#1 GAN_GR33N

GAN_GR33N

    Corporal

  • Members
  • 163 posts

Posted 30 September 2003 - 09:12 PM

this is a lame3 little bannergrabber/scanner i am working on. take a look and let me know what you think all suggestions welcome.

if anyone wants the source files just pm me your email and i'll send it.

also if anyone thinks they can help with improving this pls feel free. I have had a few problems with the ouput. try scanning ports 110, 25, 21 then try 23 and you'll see what i mean for some reason on telnet it screws up the banner.

Attached Files



#2 z0mbi3

z0mbi3

    Corporal

  • Members
  • 173 posts

Posted 30 September 2003 - 10:30 PM

hi thats one gnarly grabber
i tried making it but when i connected with winsock i never received any data, well came empty: could be i did the worng thing....

so... could i check out you code thnx man

#3 GAN_GR33N

GAN_GR33N

    Corporal

  • Members
  • 163 posts

Posted 30 September 2003 - 11:13 PM

just decided to post code

Attached Files



#4 Guest_coder_*

Guest_coder_*
  • Guests

Posted 01 October 2003 - 06:55 AM

i wrote a banner grabber that scanned a range of IP(s) to look for specific words (version numbers, etc...) it works quite nicely, although i compiled it from Perl a while ago- and will need to find the source before i can post...

if you want a win32 binary, i've attached one.
the syntax would be "scanr 127.0.0. 1 254 IIS"

that would scan all ip(s) from 127.0.0.1 - 127.0.0.254 and log all of those IP(s) that responded with a HTTP Banner with the word "IIS" in it.

Attached Files



#5 woutiir

woutiir

    Corporal

  • Sergeant Major
  • 161 posts

Posted 01 October 2003 - 07:00 AM

Write one in C so that we all can enjoy it and help you! (err, acutally i can..)

Tho i can read perl.. hehe, not write it..

But C rocks

rock on!

.......


Gr. woutiir

#6 GhostCow

GhostCow

    Staff Sergeant

  • Members
  • 345 posts

Posted 13 December 2003 - 09:09 AM

coder can you post the perl script?

#7 Guest_Hexboy_*

Guest_Hexboy_*
  • Guests

Posted 14 December 2003 - 01:07 AM

I beefed up my C banner grabber to support regex type of arguments. Contact me if you're interested.

#8 passi

passi

    Staff Sergeant

  • Members
  • 301 posts

Posted 14 December 2003 - 07:25 AM

great work at boath of you! thanks

#9 WaZa

WaZa

    Private

  • Members
  • 14 posts

Posted 22 January 2004 - 02:55 PM

indeed, nice work

#10 Axl

Axl

    Staff Sergeant

  • Sergeant Major
  • 338 posts

Posted 22 January 2004 - 05:53 PM

Great job m8y, a very nice tool... I'm gonna check the source out some time later.

#11 Antil

Antil

    Private First Class

  • Members
  • 51 posts

Posted 26 January 2004 - 08:40 AM

great tool indeed
nice work you did guys!

#12 studnikov

studnikov

    Corporal

  • Members
  • 151 posts

Posted 28 January 2004 - 10:50 PM

Forsure nice work .. but the next one needed is a Remote banner scanner.

#13 technoboy

technoboy

    Specialist

  • Members
  • 120 posts

Posted 15 February 2004 - 07:53 PM

remind me of something i wrote long time ago, before nmap added the '-sV' option. Basicly its a perl script that parse nmap results file and grab banner for the ports of interest

here is the code:

#!/usr/bin/perl
# h0ly ju4r3z 4nd b3y0nd

use Socket;

$|=1;

my $program = "nGrab";
my $version = "0.20";

my @banner = (21, 22, 23, 25, 80, 110);

&usage if !@ARGV; &main;

sub main {
while (<>) {
	if (/^Interesting ports on.*\((\S+)\):/) {
  $ip = $1; $i++;
	} foreach $port (@banner) {
  if (/^$port\/(\w+)\s+open/) {
 	 $proto = $1; $p++;
 	 &banner($ip, $port, $proto);
 	 }
  }
	} &stats;
}

sub banner {
my ($ip, $port, $proto) = @_;
	print "$ip:$port\t=> ";
	socket(SOCK, PF_INET, SOCK_STREAM, getprotobyname($proto)) or die "Couldn't create socket: $!\n";
	connect(SOCK, sockaddr_in($port, inet_aton($ip))) or print "Couldn't connect to socket: $!\n";
	if ($port != 80) {
  $banner =<SOCK>;
  close(SOCK);
  print $banner;
	} else {
  send(SOCK, "GET / HTTP/1.0\n\n", 0);
  @o = <SOCK>;
  close(SOCK);
  foreach (@o) {
 	 if (/Server:\s(.*)/) {
    $banner = $1;
    print $banner;
 	 }
  }
	}
}

sub stats {
	print "\n$program $version scan complete !\n";
	print "------------------------------------------------------------------\n";
	print "Host   => $i\n";
	print "Banner => $p\n";
}


sub usage {
	print "\n<$program $version> Simple banner grabber for port 21/22/23/25/80/110/143\n";
	print "------------------------------------------------------------------\n";
	print "credit: <someone\@else.com>\n\n";
	print "infos:  Grab process portscan results files from nMap and extract\n";
	print "\tthe ports banner automaticaly.  nGrab is very fast and can\n";
	print "\tprocess an entire Class (C) in less than 30 seconds. Speed\n";
	print "\tmay vary depending what connection you are currently using\n";
	print "\nusage:  ngrab.pl <files>\n\n";
	exit;
}

:P

#14 Guest_T3cHn0b0y_*

Guest_T3cHn0b0y_*
  • Guests

Posted 16 February 2004 - 02:58 PM

Another hardstyle lover in the house? Gimme my name back bitch!





Also tagged with one or more of these keywords: scanning, scanner