Nmap Development mailing list archives
Banner Grabbing
From: "Joshua D. Abraham" <jabra () ccs neu edu>
Date: Fri, 10 Feb 2006 15:40:07 -0500
Hey Guys, Recently I have been working on adding banner grabbing functionality to nmap. I am wondering if anyone has any thoughts on how to present this to the user. Currently, I have it working so that there is a string 255 chars long and it will store as much of the banner in that as possible. I believe that any banner longer than that isn't going to be useful to anyone. Obviously, if the scan is of a range there will need to be a specified ip and port with a banner similar to amap's functionity. amap v4.7 (www.thc.org) started at 2006-02-10 15:38:08 - BANNER GRAB mode Banner on 127.0.0.1:22/tcp : SSH-2.0-OpenSSH_3.9p1 Debian-1ubuntu2.1\n Here is a example of what I have working currently, (scan with -d2 -A -O target -P0 --osscan-guess) *************** .... snip The SYN Stealth Scan took 25.60s to scan 1672 total ports. Fetchfile found ./nmap-service-probes Initiating service scan against 2 services on pool-151-196-46-115.bos.east.verizon.net (151.199.46.115) at 15:26 Starting probes against new service: 151.196.46.116:22 (tcp) Starting probes against new service: 151.196.46.116:8080 (tcp) Banner: SSH-2.0-OpenSSH_3.9p1 Debian-1ubuntu2.1\n Service scan match (Probe NULL matched with NULL): pool-151-196-46-116.bos.east.verizon.net (151.196.46.116):22 is ssh. Version: |OpenSSH|3.9p1 Debian-1ubuntu2.1|protocol 2.0| Banner: HTTP/1.1 200 OK\r\nDate Fri, 10 Feb 2006 202617 GMT\r\nServer Apache\r\nLast-Modified Tue, 29 Nov 2005 194136 GMT\r\nETag "241b8-a6c-68559c00"\r\nAccept-Ranges bytes\r\nContent-Length 2668\r\nConnection close\r\nContent-Type text/html\r\n\r\n Service scan match (Probe GetRequest matched with GetRequest): pool-151-196-46-116.bos.east.verizon.net (151.196.46.116):8080 is http. Version: |Apache httpd||| .... snip *************** Regards, Joshua Abraham _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Banner grabbing Joshua D. Abraham (Jan 12)
- RE: Banner grabbing Brandon Enright (Jan 13)
- Re: Banner grabbing 'Joshua D. Abraham' (Jan 13)
- Re: Banner grabbing Clyde Laushey (Jan 13)
- Re: Banner grabbing Joshua D. Abraham (Jan 13)
- Re: Banner grabbing 'Joshua D. Abraham' (Jan 13)
- RE: Banner grabbing Brandon Enright (Jan 13)
- <Possible follow-ups>
- Banner Grabbing Joshua D. Abraham (Feb 10)