https://github.com/chichou/grab.js

simple TCP banner grabbing with node.js
https://github.com/chichou/grab.js

cybersecurity nmap port-scanner security

Last synced: about 2 months ago
JSON representation

simple TCP banner grabbing with node.js

• Host: GitHub
• URL: https://github.com/chichou/grab.js
• Owner: ChiChou
• License: other
• Created: 2016-04-16T07:48:23.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2017-06-15T03:29:26.000Z (almost 8 years ago)
• Last Synced: 2025-03-27T15:51:49.363Z (2 months ago)
• Topics: cybersecurity, nmap, port-scanner, security
• Language: Shell
• Homepage:
• Size: 723 KB
• Stars: 50
• Watchers: 6
• Forks: 15
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# grab.js [![Coverage Status](https://coveralls.io/repos/github/ChiChou/grab.js/badge.svg?branch=master)](https://coveralls.io/github/ChiChou/grab.js?branch=master) [![Build Status](https://travis-ci.org/ChiChou/grab.js.svg?branch=master)](https://travis-ci.org/ChiChou/grab.js)

## Usage

### Quick Example

```js

const grabber = require('grab.js');

grabber.grab(ip, port)

  .run()

  .then(result => { /* process the result */ })

  .catch(err => { /* error handling */ })

```

## Api

### grabber.grab(ip, port, options}

Returns a `Grab` object. You need to call `run` method to execute it.

* `ip`: target ip

* `port` port number

* `options` (optional): An object contains initial settings for the `Grab`, supports `tls` and `payload` and both of them are optional.

### Grab#run()

Exeute the task, returns a Promise which yields a record. The record can have following fields:

* `record.banner`: the banner Buffer

* `record.certificate`: certificate information (only avaliable when TLS is enabled)

### Grab.tls

Enable TLS.

### Grab.payload

The `Buffer` to send when connection established. Payload file can be found under `nmap/paylaods`.

### grabber.escape(buffer)

Escape buffer to printable chars.

### grabber.parser(service)

Returns a promise that loads a parser function with given parser rule name. Rule names can be found under `nmap/parsers`.

### Parser.parse(buffer)

Parse buffer to fingerprints. Fingerprint could have following fields:

* cpes: common platform enumeration

* os: operating system

* product: product name

* device: device type

* service: service name, same as the only arguments for `grabber.parser`

* version: software version

Notice that a `Parser` object instance is not exported. This is by design.

## Command util

This project provides a cli tool for quick banner grab like [zgrab](http://github.com/zmap/zgrab)

For example, scanning ftp banner on given CIDR:

`sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json` 

Leave cidr blank to scan `0.0.0.0/20`

`find nmap` to checkout all avaliable parsers and payloads.

### Options

* `-p, --port` the port

* `-s, --tls` use tls (https, imaps, etc)

* `--payload` send a payload upon connection. `ls -R nmap/payloads` to see all supported parsers.

* `--parser` parse banner with nmap's rule. `ls nmap/parsers` to see all supported parsers.

## Special thanks 

Thanks to the marvellous [nmap project](https://nmap.org) who has collected so many rules for fingerprinting.

## License

GPLv2