Skip to content

Latest commit

 

History

History
86 lines (52 loc) · 2.47 KB

README.md

File metadata and controls

86 lines (52 loc) · 2.47 KB

grab.js Coverage Status Build Status

Usage

Quick Example

const grabber = require('grab.js');
grabber.grab(ip, port)
  .run()
  .then(result => { /* process the result */ })
  .catch(err => { /* error handling */ })

Api

grabber.grab(ip, port, options}

Returns a Grab object. You need to call run method to execute it.

  • ip: target ip
  • port port number
  • options (optional): An object contains initial settings for the Grab, supports tls and payload and both of them are optional.

Grab#run()

Exeute the task, returns a Promise which yields a record. The record can have following fields:

  • record.banner: the banner Buffer
  • record.certificate: certificate information (only avaliable when TLS is enabled)

Grab.tls

Enable TLS.

Grab.payload

The Buffer to send when connection established. Payload file can be found under nmap/paylaods.

grabber.escape(buffer)

Escape buffer to printable chars.

grabber.parser(service)

Returns a promise that loads a parser function with given parser rule name. Rule names can be found under nmap/parsers.

Parser.parse(buffer)

Parse buffer to fingerprints. Fingerprint could have following fields:

  • cpes: common platform enumeration
  • os: operating system
  • product: product name
  • device: device type
  • service: service name, same as the only arguments for grabber.parser
  • version: software version

Notice that a Parser object instance is not exported. This is by design.

Command util

This project provides a cli tool for quick banner grab like zgrab

For example, scanning ftp banner on given CIDR:

sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json

Leave cidr blank to scan 0.0.0.0/20

find nmap to checkout all avaliable parsers and payloads.

Options

  • -p, --port the port
  • -s, --tls use tls (https, imaps, etc)
  • --payload send a payload upon connection. ls -R nmap/payloads to see all supported parsers.
  • --parser parse banner with nmap's rule. ls nmap/parsers to see all supported parsers.

Special thanks

Thanks to the marvellous nmap project who has collected so many rules for fingerprinting.

License

GPLv2