Skip to content

Commit

Permalink
adding bind.version grabber
Browse files Browse the repository at this point in the history
  • Loading branch information
CyberRoute committed Mar 25, 2024
1 parent ef80369 commit 9bf87c1
Show file tree
Hide file tree
Showing 5 changed files with 68 additions and 19 deletions.
21 changes: 11 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,19 @@ nmap -vvv -sT -p 1-65535 {target_IP}
- **SYN Scan:** Perform SYN scans to identify open ports on a target host (supports IPv4 and IPv6).
- **Connect Scan:** Perform a full TCP handshake on a target host (supports IPv4 and IPv6).
- **ICMP Echo Request:** Send ICMP Echo Requests to discover live hosts on the network.
- **Banners Grabbing:** An experimental feature so far on FTP, SSH, IRC, MYSQL, LDAPS, HTTP, HTTPS, NNTP, IMAP, POP.
- **Banners Grabbing:** An experimental feature so far on FTP, SSH, DNS, IRC, MYSQL, LDAPS, HTTP, HTTPS, NNTP, IMAP, POP.

```
2024/03/07 14:20:34 Port 21(ftp) open Version: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
2024/03/06 16:42:16 Port 22(ssh) open Version: SSH-2.0-OpenSSH_7.4
2024/03/07 14:20:34 Port 25(smtp) open Version: 220-tomasi.dnshigh.com ESMTP Exim 4.96.2 #2 Thu, 07 Mar 2024 14:20:34 +0100
2024/03/07 14:20:34 Port 80(http) open Version: Apache
2024/03/12 14:50:39 Port 443(https) open Version: Microsoft-IIS/10.0
2024/03/07 14:20:34 Port 110(pop3) open Version: +OK Dovecot ready.
2024/03/07 14:20:34 Port 143(imap) open Version: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
2024/03/06 16:43:36 Port 3306(mysql) open Version: 8.0.36
2024/03/07 14:15:59 Port 636(ldaps) open Version: objectClass: [top vmwDseRoot]cn: [DSE Root]supportedLDAPVersion: [3]vmwPlatformServicesControllerVersion: [6.5.0]msDS-SiteName: [Default-First-Site]subSchemaSubEntry: [cn=aggregate,cn=schemacontext]defaultNamingContext: [dc=vsphere,dc=local]
2024/03/07 14:20:34 Port 21(ftp) open Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
2024/03/06 16:42:16 Port 22(ssh) open Banner: SSH-2.0-OpenSSH_7.4
2024/03/07 14:20:34 Port 25(smtp) open Banner: 220-tomasi.dnshigh.com ESMTP Exim 4.96.2 #2 Thu, 07 Mar 2024 14:20:34 +0100
2024/03/25 14:48:49 Port 53(domain) open Banner: dnsmasq-2.84rc2
2024/03/07 14:20:34 Port 80(http) open Banner: Apache
2024/03/12 14:50:39 Port 443(https) open Banner: Microsoft-IIS/10.0
2024/03/07 14:20:34 Port 110(pop3) open Banner: +OK Dovecot ready.
2024/03/07 14:20:34 Port 143(imap) open Banner: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
2024/03/06 16:43:36 Port 3306(mysql) open Banner: 8.0.36
2024/03/07 14:15:59 Port 636(ldaps) open Banner: objectClass: [top vmwDseRoot]cn: [DSE Root]supportedLDAPVersion: [3]vmwPlatformServicesControllerVersion: [6.5.0]msDS-SiteName: [Default-First-Site]subSchemaSubEntry: [cn=aggregate,cn=schemacontext]defaultNamingContext: [dc=vsphere,dc=local]
```

## Example Simple scanner
Expand Down
2 changes: 1 addition & 1 deletion examples/synscan.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func main() {
continue
}
if banner != "" {
log.Printf("Port %v %v Version: %s", port, service, banner)
log.Printf("Port %v %v Banner: %s", port, service, banner)
} else {
log.Printf("Port %v %v", port, service)
}
Expand Down
11 changes: 9 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,17 @@ require (
github.com/google/gopacket v1.1.19
)

require (
golang.org/x/mod v0.14.0 // indirect
golang.org/x/net v0.20.0 // indirect
golang.org/x/tools v0.17.0 // indirect
)

require (
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.5 // indirect
github.com/google/uuid v1.3.1 // indirect
golang.org/x/crypto v0.17.0 // indirect
golang.org/x/sys v0.15.0 // indirect
github.com/miekg/dns v1.1.58
golang.org/x/crypto v0.18.0 // indirect
golang.org/x/sys v0.16.0 // indirect
)
19 changes: 14 additions & 5 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF
github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
Expand All @@ -25,22 +27,27 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
Expand All @@ -50,8 +57,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
Expand All @@ -68,6 +75,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc=
golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
Expand Down
34 changes: 33 additions & 1 deletion scanme/grabbers.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,14 @@ import (
"bufio"
"crypto/tls"
"fmt"
"github.com/go-ldap/ldap/v3"
"net"
"regexp"
"strconv"
"strings"
"time"

"github.com/go-ldap/ldap/v3"
"github.com/miekg/dns"
)

func GetHeader(ipAddress string, port int) (string, error) {
Expand Down Expand Up @@ -110,6 +112,30 @@ func GetLDAPBanner(ipAddress string, port int) (string, error) {
return serverInfo, nil
}

func GetDNSBanner(ipAddress string, port int) (string, error) {
c := new(dns.Client)
m := new(dns.Msg)
m.Question = make([]dns.Question, 1)
m.Question[0] = dns.Question{"version.bind.", dns.TypeTXT, dns.ClassCHAOS}

Check failure on line 119 in scanme/grabbers.go

View workflow job for this annotation

GitHub Actions / lint

composites: github.com/miekg/dns.Question struct literal uses unkeyed fields (govet)

addr := fmt.Sprintf("%s:%d", ipAddress, port)
in, _, err := c.Exchange(m, addr)
if err != nil {
return "", err
}

if in != nil && len(in.Answer) > 0 {
s := in.Answer[0].String()
re := regexp.MustCompile(".*\"([^\"]+)\".*")
match := re.FindStringSubmatch(s)
if len(match) > 0 {
return match[1], nil
}
}

return "", nil
}

func GrabBanner(ipAddress string, port int) string {
switch port {
case 21: // FTP
Expand Down Expand Up @@ -143,6 +169,12 @@ func GrabBanner(ipAddress string, port int) string {
}
return serverHeader
case 6667: // IRC
case 53: // DNS
dnsBanner, err := GetDNSBanner(ipAddress, port)
if err != nil {
return ""
}
return dnsBanner
default:
return ""
}
Expand Down

0 comments on commit 9bf87c1

Please sign in to comment.