search

robertdavidgraham / masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
GNU Affero General Public License v3.0
23.79k stars 3.08k forks source link

http banner grab #276

Open MFAK opened 7 years ago

MFAK commented 7 years ago

I have been trying to grab http banners running on non-standard port - example 9911 I am running the scans from a VPS service so the option of spoofing the source does not seem to work. I already have added the IP table rule which drops traffic towards the source port set for masscan - masscan -iL Sample.txt -p9911 --banners --source-port 60000 -oX 9911.xml

I am able to get the port status but not the banners. Could it be because of different port? Or am I missing to add any additional configuration?

MFAK commented 7 years ago

I figured it out and added the port in proto-banner1.c and recompiled. May be in future releases this can be treated as a feature request. Thanks for a great tool!!

banner_http.init(b);
    b->tcp_payloads[80] = &banner_http;
    b->tcp_payloads[8080] = &banner_http;
    b->tcp_payloads[9911] = &banner_http;
f0r34chb3t4 commented 7 years ago

try this:

masscan -iL Sample.txt -p9911 --banners --source-port 60000 --hello-string[9911] 'R0VUIC8gSFRUUC8xLjANCg0K' -oX 9911.xml

$ echo -ne 'GET / HTTP/1.0\r\n\r\n' | base64 $ R0VUIC8gSFRUUC8xLjANCg0K