Skip to content

Obsecurus/grab.js

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

grab.js Coverage Status Build Status

Usage

Quick Example

const grabber = require('grab.js');
grabber.grab(ip, port)
  .run()
  .then(result => { /* process the result */ })
  .catch(err => { /* error handling */ })

Api

grabber.grab(ip, port, options}

Returns a Grab object. You need to call run method to execute it.

  • ip: target ip
  • port port number
  • options (optional): An object contains initial settings for the Grab, supports tls and payload and both of them are optional.

Grab#run()

Exeute the task, returns a Promise which yields a record. The record can have following fields:

  • record.banner: the banner Buffer
  • record.certificate: certificate information (only avaliable when TLS is enabled)

Grab.tls

Enable TLS.

Grab.payload

The Buffer to send when connection established. Payload file can be found under nmap/paylaods.

grabber.escape(buffer)

Escape buffer to printable chars.

grabber.parser(service)

Returns a promise that loads a parser function with given parser rule name. Rule names can be found under nmap/parsers.

Parser.parse(buffer)

Parse buffer to fingerprints. Fingerprint could have following fields:

  • cpes: common platform enumeration
  • os: operating system
  • product: product name
  • device: device type
  • service: service name, same as the only arguments for grabber.parser
  • version: software version

Notice that a Parser object instance is not exported. This is by design.

Command util

This project provides a cli tool for quick banner grab like zgrab

For example, scanning ftp banner on given CIDR:

sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json

Leave cidr blank to scan 0.0.0.0/20

find nmap to checkout all avaliable parsers and payloads.

Options

  • -p, --port the port
  • -s, --tls use tls (https, imaps, etc)
  • --payload send a payload upon connection. ls -R nmap/payloads to see all supported parsers.
  • --parser parse banner with nmap's rule. ls nmap/parsers to see all supported parsers.

Special thanks

Thanks to the marvellous nmap project who has collected so many rules for fingerprinting.

License

GPLv2

About

fast TCP banner grabbing with node.js

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Shell 45.5%
  • JavaScript 40.7%
  • Python 13.8%