|
-
August 31st, 2003, 08:13 PM
#1
How do I get a web servers banner?
I'm writing a little program in java that it's main purpose is to get the banners from servers. It's integrated with a scanner that I made also(for my personal use sorry) the point of grabbing the banners is to make information gathering easier and cutting down on the task of using telnet (which isn't always reliable cause i know good admins like to change them) . Now the trick is that not all servers require you to send data but incase of for example a web server my only way of knowing how to get the server version is by sending a bad request. In case of most apache servers and some IIS Servers this is easy it sends me back output that i can read and search for example.
(my machine)
HTTP/1.1 400 Bad Request
Date: Sun, 31 Aug 2003 18:05:31 GMT
Server: Apache/2.0.47 (Win32)
Content-Length: 407
Connection: close
Content-Type: text/html; charset=iso-8859-1
I would just have to search for the string Server: My Question is , is there any way that you guys know of that doesn't require me to send a bad request and that would work on IIS aswell as APACHE ?
-
August 31st, 2003, 09:30 PM
#2
Junior Member
I'm not sure about grabbing banners with Java, but if you are running *nix, then try the Lynx web browser with the -head argument:
# lynx -head http://www.whateversite.com
ex:
# lynx -head http://www.antionline.com
HTTP/1.1 302 Found
Date: Sun, 31 Aug 2003 19:45:19 GMT
Server: Apache/1.3.27 (Unix) PHP/4.1.2 mod_gzip/1.3.19.1a
X-Powered-By: PHP/4.1.2
Set-Cookie: sessionhash=4468ffef444736406fce75136e8ede69; path=/; domain=.antio
nline.com
Set-Cookie: bblastvisit=1062359119; expires=Mon, 30-Aug-04 19:45:19 GMT; path=/
; domain=.antionline.com
Location: http://www.antionline.com/index.php
Connection: close
Content-Type: text/html
or:
# lynx -head http://slashdot.org
HTTP/1.1 200 OK
Date: Sun, 31 Aug 2003 19:45:41 GMT
Server: Apache/1.3.26 (Unix) mod_gzip/1.3.19.1a mod_perl/1.27 mod_ssl/2.8.10 Op
enSSL/0.9.7a
SLASH_LOG_DATA: shtml
X-Powered-By: Slash 2.003000
X-Fry: There's a lot about my face you don't know.
Cache-Control: private
Pragma: private
Connection: close
Content-Type: text/html; charset=iso-8859-1
or if you only want the server information, try:
$ lynx -head http://www.antionline.com | grep -i server
I'm sure you could also write a shell script that would allow you to input a list of sites and then save the ourput to a file.
-
August 31st, 2003, 10:16 PM
#3
I've decided not to implement the sending data portion of the program to retrieve a banner only because it may not be a good idea. Since anything can be run on port 80 there is no way of telling your program hey this is a webserver send a bad request. Plus getting non accurate results. So what's better not doing it? or sending data to a server that may not be a webserver and possibly getting falsy results(yes even if the banner is not changed)?. The banner grab portion of the program is still valuable since most banners will be the first prompt you get. Just not worth it in the long run to send data to a service and analyze the data that came back. The test program that works sort of right now (still have to implement a timer if a banner doesn't come back) works pretty good the results for example look like this:
Code:
import java.net.*;
import java.io.*;
public class Main {
static BufferedReader socketin;
static String socketBanner;
static String host = "192.168.0.100";
static int port = 22;
static Socket sck;
public static void main(String args[]) throws IOException {
try {
sck = new Socket(host, port);
readBanner();
disconnect();
}
catch (UnknownHostException ex) {
System.out.println(ex);
}
}
public static void disconnect() throws IOException {
sck.close();
}
public static void readBanner() throws IOException {
try {
socketin = new BufferedReader(new InputStreamReader(sck.getInputStream()));
socketBanner = socketin.readLine();
if(socketBanner.trim().length() == -1 || socketBanner.equals(null) ) {
System.out.println("No Banner was found");
System.exit(1);
}
System.out.println("BANNER:" + socketBanner);
}
catch (UnknownHostException ex) {
System.out.println("EXCEPTION READ BANNER:" + ex);
}
}
}
Output:
BANNER:SSH-2.0-3.1.0 SSH Secure Shell Windows NT Server
Just have to implement a collection to hold the port, and banner also put in a timer cause as you can see it won't stop running till a output from a server is sent(needs a basic timmer). Since it's just a test program till I integrate into the scanner it should work pretty well.
Thanks anyways guys.
-
September 1st, 2003, 04:42 AM
#4
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
September 1st, 2003, 05:04 AM
#5
Although the above is all well and good...you can whip something together in perl to do it rather quickly like this -
#! perl
use strict;
use LWP;
my $browser = LWP::UserAgent->new();
my $response = $browser->get("http://www.antionline.com");
print $response->header("Server"), "\n";
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote