Banner Grabbing Technique -A method used to gain information about a computer system on a network and the services (with version number) running on its open ports.
Banners are the welcome screens (text message received from the host) that divulge (to make public) software version numbers and other system information on network hosts.
Banner information include the operating system, the version number, and the specific service packs.
Banners can be grabbed using telnet or tools like nmap,netcat.
Common Service ports used for banner grabbing:
- Hyper Text Transfer Protocol (HTTP) - port 80
- File Transfer Protocol (FTP) - port 21
- Simple Mail Transfer Protocol (SMTP) - port 25
- Post Office Protocol version 3 (POP3)- port 110
- telnet - port 23
- Secure Shel(SSH) - port 22
- Netcat is a feature-packed networking utility.Often called as “Swiss Army Knife”.Some of its features include port scanning, file transfer, port listening, redirecting network traffic and it can be used as a backdoor.
- Grab a banner using Netcat:
nc -v [target host] [port number]
-v = verbose
- Ncat is improved implementation of netcat for nmap by it's devs.
- Grab a banner using Ncat:
ncat [options] [hostname] [port]
3.TELNET (TELecommunication NETwork) is a network protocol used on the Internet or LAN. It allows a user to log in on any other computer on the network.
- Grab a banner using telnet:
telnet [target_ip] [port]
port - port number of the service you wan to grab banner for
- You will be presented with a login prompt or any other information.
Nmap
- Grab a banner using nmap:
nmap -sV --script=banner [target_ip] -p [port] -oX [filename.xml]
-p is optional,to grab banners for all services remove it
-sV = service details with version number
-oX = export banner grabbed in xml format
- convert the exported results to html using xsltproc
Shodan is a search engine for banners grabbed from portscanning the Internet and more.
