Penetration Testing mailing list archives
Re: [PEN-TEST] "Type-of-webserver"-scanner?
From: security curmudgeon <jericho () ATTRITION ORG>
Date: Wed, 13 Dec 2000 06:50:41 -0700
Yes, there is a tool doing this .... Thanks to Attrition (they wrote it for their defacements archive) : http://www.attrition.org/tools/src/ros (it's just 5 lines of shell script using lynx [direct connect + netcraft] & nmap)
doh =) the version of 'ros' on that url was a bit outdated. I have since put the newer version up. Netcraft recently changed their query line which was breaking one of the three checks. Also redid the NMAP section to acount for non root users doing fingerprinting (via sudo). In reality, we don't use 'ros' much anymore (if at all) as the same material is part of a larger script that is updated more regularly. No doubt there is more quirky behaviour in this script. -- ros -- #!/bin/sh # makes sure you enter a username if [ -z "$1" ]; then echo "usage: $0 <site>" exit -1 fi USER=`whoami` # old netcraft # echo "Netcraft: `lynx -dump -nolist http://www.netcraft.com/whats/?host=$1 | egrep -A1 "Remote OS guesses"`" # new netcraft echo "Netcraft: `lynx -dump -nolist http://uptime.netcraft.com/graph?display=uptime\&site=$1 | egrep -A1 "The site $1 runs"` if [ $USER = root ]; then nmap -P0 --osscan_guess -p 22,23,25,53,80 -O $1 2>/dev/null >> /tmp/$1-nmap_results NMAPOUT=`egrep -i '(system guess|Remote OS guesses)' /tmp/$1-nmap_results` echo "nmap: $NMAPOUT" else /usr/local/bin/sudo /usr/local/bin/nmap -P0 --osscan_guess -p 22,23,25,53,80 -O $1 2>/dev/null >> /tmp/$1-nmap_results NMAPOUT=`egrep -i '(system guess|Remote OS guesses)' /tmp/$1-nmap_results` echo "nmap: $NMAPOUT" fi # check the remote server itself echo "$1: `lynx -dump -nolist -head http://$1 | egrep -i server`"
Current thread:
- [PEN-TEST] "Type-of-webserver"-scanner? Johan.Augustsson (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Jose Nazario (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Guy Cohen (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Nicolas GREGOIRE (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? security curmudgeon (Dec 14)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Mike Gerber (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Vanja Hrustic (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Alex Butcher (Dec 14)
- <Possible follow-ups>
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Gallicchio, Florindo (2007) (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Bock, John (ISS San Francisco) (Dec 13)
- Re: [PEN-TEST] "Type-of-webserver"-scanner? Ken Cutler (Dec 16)