Class: ViolentRuby::BannerGrabber

Inherits:

Object

• Object
• ViolentRuby::BannerGrabber

Defined in:

lib/violent_ruby/banner_grabber/banner_grabber.rb

Overview

This Banner Grabber class is meant to provide a simple interface to, well… grab banners from services running on a target to determine the potential attack vectors avaialable to you.

Examples:

Basic Usage

BannerGrabber.new(ip: 'localhost', port: 22).grab do |result|
  puts result
  # => {:ip=>"localhost", :port=>22, :open=>false}
end

Basic Usage with HTTP Connection

BannerGrabber.new(ip: '0.0.0.0', port: 4567 http: true).grab do |result|
  puts result
  # => => {:ip=>"0.0.0.0", :port=>4567, :open=>true, :banner=>""}
end

Advanced Usage

banner_grabber = BannerGrabber.new
banner_grabber.ips   = ['192.168.0.2', '192.168.0.3']
banner_grabber.ports = [22, 2222]
banner_grabber.grab do |result|
  puts result
  # => {:ip=>"192.168.0.2", :port=>22, :open=>true, :banner=>"SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3\r\n"}
end

Author:

• Kent ‘picat’ Gruber

Instance Attribute Summary

• #ips ⇒ Object
• #ports ⇒ Object

Instance Method Summary

• #connect(ip, port) ⇒ TCPSocket, false

  Connect to a given IP address and port.

• #grab(args = {}) {|Hash| ... } ⇒ Object (also: #grab!)

  Attempt to grab the banner.

• #initialize(args = {}) {|Hash| ... } ⇒ void constructor

  Create a new Banner Grabber.

Constructor Details

#initialize(args = {}) {|Hash| ... } ⇒ void

Create a new Banner Grabber. If a block if given,

Parameters:

• args (Hash) (defaults to: {})

Options Hash (args):

• :ip (String) —

  IP address to connect to.

• :ips (Array<String>) —

  An array of IP address to connect to.

• :port (Integer) —

  Port to connect to.

• :ports (Array<Integer>) —

  An array of ports to connect to.

Yields:

• (Hash)

See Also:

• #use_ips
• #use_ports

# File 'lib/violent_ruby/banner_grabber/banner_grabber.rb', line 47

def initialize(args = {})
  @ips   = use_ips(args)   if args[:ips]   || args[:ip]
  @ports = use_ports(args) if args[:ports] || args[:port]
end

Instance Attribute Details

#ips ⇒ Object

# File 'lib/violent_ruby/banner_grabber/banner_grabber.rb', line 33

def ips
  @ips
end

#ports ⇒ Object

# File 'lib/violent_ruby/banner_grabber/banner_grabber.rb', line 35

def ports
  @ports
end

Instance Method Details

#connect(ip, port) ⇒ TCPSocket, false

Connect to a given IP address and port.

Parameters:

• ip (String)
• port (Integer)

Returns:

• (TCPSocket, false)

# File 'lib/violent_ruby/banner_grabber/banner_grabber.rb', line 89

def connect(ip, port)
  TCPSocket.new(ip, port)
rescue
  false
end

#grab(args = {}) {|Hash| ... } ⇒ Object Also known as: grab!

Attempt to grab the banner. Optionally, an HTTP option can help simulate HTTP GET requests to a webserver.

Parameters:

• args (Hash) (defaults to: {})

Options Hash (args):

• :http (Boolean) —

  Perform an HTTP GET request.

Yields:

• (Hash)

See Also:

• #use_ips
• #use_ports

# File 'lib/violent_ruby/banner_grabber/banner_grabber.rb', line 59

def grab(args = {})
  ips   = use_ips(args)
  ports = use_ports(args)
  ips.each do |ip|
    ports.each do |port|
      if socket = connect(ip, port)
        if args[:http]
          socket.puts("GET / HTTP/1.1\r\nHost:3.1.3.3.7\r\n\r\n")
        end
        unless banner = socket.recv(1024)
          banner = false
        end
      end
      if socket
        yield format_result(ip, port, true, banner)
        socket.close
      else
        yield format_result(ip, port, false)
      end
    end
  end
end