How do I get a web servers banner?
Results 1 to 5 of 5

Thread: How do I get a web servers banner?

  1. #1
    Senior Member
    Join Date
    Jun 2002
    Posts
    102

    How do I get a web servers banner?

    I'm writing a little program in java that it's main purpose is to get the banners from servers. It's integrated with a scanner that I made also(for my personal use sorry) the point of grabbing the banners is to make information gathering easier and cutting down on the task of using telnet (which isn't always reliable cause i know good admins like to change them) . Now the trick is that not all servers require you to send data but incase of for example a web server my only way of knowing how to get the server version is by sending a bad request. In case of most apache servers and some IIS Servers this is easy it sends me back output that i can read and search for example.

    (my machine)
    HTTP/1.1 400 Bad Request
    Date: Sun, 31 Aug 2003 18:05:31 GMT
    Server: Apache/2.0.47 (Win32)
    Content-Length: 407
    Connection: close
    Content-Type: text/html; charset=iso-8859-1

    I would just have to search for the string Server: My Question is , is there any way that you guys know of that doesn't require me to send a bad request and that would work on IIS aswell as APACHE ?
    Good Grief

  2. #2
    Junior Member
    Join Date
    Feb 2003
    Posts
    18
    I'm not sure about grabbing banners with Java, but if you are running *nix, then try the Lynx web browser with the -head argument:

    # lynx -head http://www.whateversite.com


    ex:

    # lynx -head http://www.antionline.com

    HTTP/1.1 302 Found
    Date: Sun, 31 Aug 2003 19:45:19 GMT
    Server: Apache/1.3.27 (Unix) PHP/4.1.2 mod_gzip/1.3.19.1a
    X-Powered-By: PHP/4.1.2
    Set-Cookie: sessionhash=4468ffef444736406fce75136e8ede69; path=/; domain=.antio
    nline.com
    Set-Cookie: bblastvisit=1062359119; expires=Mon, 30-Aug-04 19:45:19 GMT; path=/
    ; domain=.antionline.com
    Location: http://www.antionline.com/index.php
    Connection: close
    Content-Type: text/html


    or:

    # lynx -head http://slashdot.org

    HTTP/1.1 200 OK
    Date: Sun, 31 Aug 2003 19:45:41 GMT
    Server: Apache/1.3.26 (Unix) mod_gzip/1.3.19.1a mod_perl/1.27 mod_ssl/2.8.10 Op
    enSSL/0.9.7a
    SLASH_LOG_DATA: shtml
    X-Powered-By: Slash 2.003000
    X-Fry: There's a lot about my face you don't know.
    Cache-Control: private
    Pragma: private
    Connection: close
    Content-Type: text/html; charset=iso-8859-1

    or if you only want the server information, try:

    $ lynx -head http://www.antionline.com | grep -i server

    I'm sure you could also write a shell script that would allow you to input a list of sites and then save the ourput to a file.

  3. #3
    Senior Member
    Join Date
    Jun 2002
    Posts
    102
    I've decided not to implement the sending data portion of the program to retrieve a banner only because it may not be a good idea. Since anything can be run on port 80 there is no way of telling your program hey this is a webserver send a bad request. Plus getting non accurate results. So what's better not doing it? or sending data to a server that may not be a webserver and possibly getting falsy results(yes even if the banner is not changed)?. The banner grab portion of the program is still valuable since most banners will be the first prompt you get. Just not worth it in the long run to send data to a service and analyze the data that came back. The test program that works sort of right now (still have to implement a timer if a banner doesn't come back) works pretty good the results for example look like this:


    Code:
    import java.net.*;
    import java.io.*;
    
    public class Main {
    
      static BufferedReader socketin;
      static String socketBanner;
      static String host = "192.168.0.100";
      static int port = 22;
      static Socket sck;
    
      public static void main(String args[]) throws IOException {
        try {
          sck = new Socket(host, port);
          readBanner();
          disconnect();
        }
        catch (UnknownHostException ex) {
          System.out.println(ex);
        }
      }
    
      public static void disconnect() throws IOException {
        sck.close();
      }
    
      public static void readBanner() throws IOException {
        try {
          socketin = new BufferedReader(new InputStreamReader(sck.getInputStream()));
          socketBanner = socketin.readLine();
          if(socketBanner.trim().length() == -1 || socketBanner.equals(null) ) {
            System.out.println("No Banner was found");
            System.exit(1);
          }
          System.out.println("BANNER:" + socketBanner);
        }
        catch (UnknownHostException ex) {
          System.out.println("EXCEPTION READ BANNER:" + ex);
        }
      }
    }
    Output:
    BANNER:SSH-2.0-3.1.0 SSH Secure Shell Windows NT Server


    Just have to implement a collection to hold the port, and banner also put in a timer cause as you can see it won't stop running till a output from a server is sent(needs a basic timmer). Since it's just a test program till I integrate into the scanner it should work pretty well.

    Thanks anyways guys.
    Good Grief

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    Although the above is all well and good...you can whip something together in perl to do it rather quickly like this -

    #! perl

    use strict;
    use LWP;

    my $browser = LWP::UserAgent->new();
    my $response = $browser->get("http://www.antionline.com");
    print $response->header("Server"), "\n";
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •