Author : Ph03n1X
Status : Lagi mumet trus jail nggrab UGM :D

MASS PORT BANNER GRABBING
-------------------------
Usage :
1. gcc -o port_grab port_grab.c
2. Buatsebuah file yang berisi daftar host yang mau digrab
3. Exec file mass.sh
4. Mass Operating system fingerprint using thcrut

port_grab.c
------------

#include "stdio.h"
#include "sys/types.h"
#include "sys/socket.h"
#include "string.h"
#include "netdb.h"
#include "netinet/in.h"
#include "fcntl.h"
#define TIMEOUT 5 
#define ERROR -1
#define MAX 1024

char buff[MAX],logging[MAX+5];
FILE *banner;
char messege[65535];

/*HERE YOU NEED TO CONFIGURE BY YOURSELF*/
#define PORT_TO_GRAB 8
int port[]={21,22,25,80,110,143,3128,3306};

int getbanner(char *server, int port, int fd){
	
	int numbytes;
	if((numbytes = recv(fd, buff, MAX-1, 0)) == 0 ){
		perror("recv");
		exit(1);
	}

	buff[numbytes] = '\0';
	if((banner=fopen("banner.log","a"))==NULL){
		printf("File ga bisa di buat\n");
		exit(0);
	}

	sprintf(logging,"server %s on port %d\n------------------------------------\n",server,port);
	fputs(logging,banner);
	fputs("\n",banner);
	fputs(buff,banner);
	fputs("\n",banner);
	fclose(banner);
}

int con_timeout(int sf,struct sockaddr *alamat,socklen_t dawa,int timeout)
{
	int res,slen,flags;
	struct timeval tv;
	struct sockaddr_in      almt;
	fd_set rdf,wrf;

	fcntl(sf,F_SETFL,O_NONBLOCK);
	res = connect(sf,alamat,dawa);
	if (res>=0)return res;

	FD_ZERO(&rdf);
	FD_ZERO(&wrf);
	FD_SET(sf, &rdf);
	FD_SET(sf, &wrf);
	bzero(&tv, sizeof(tv));
	tv.tv_sec = timeout;

	if (select(sf + 1, &rdf, &wrf, 0, &tv) <= 0)
	return -1;
	if (FD_ISSET(sf, &wrf) || FD_ISSET(sf, &rdf)) {
		slen = sizeof(almt);
		if (getpeername(sf, (struct sockaddr*)&almt, &slen) == -1)
		return -1;
		flags = fcntl(sf, F_GETFL, NULL);
		fcntl(sf, F_SETFL, flags & ~O_NONBLOCK);
		return 0;
	}
	return -1;
}


tcp_connect(char *server,int port)
{
	int sock;
	struct hostent *helo;
	struct sockaddr_in address;
	char host[50],hasil[100];

	if((sock=socket(AF_INET,SOCK_STREAM,0))<0){
		printf("Gagal bikin socket\n");	
		exit(0);
	}

	helo = gethostbyname(server);
	if(helo == NULL){
		printf("\nGa bisa resolve host %s\n",server);
		exit(0);
	}

	bzero((char *) &address, sizeof(address));
	address.sin_family = AF_INET;
	bcopy( (char *)helo->h_addr,(char *)&address.sin_addr.s_addr,helo->h_length);
	address.sin_port = htons(port);

	if(con_timeout(sock,(struct sockaddr*)&address,sizeof(address),TIMEOUT)==ERROR){
		printf("port %d is close\n",port);
	}
	else
	{
		if(port==80 || port==3128)
		{
			snprintf(messege,sizeof(messege),"GET / HTTP/1.1\n\rHost:%s\n\r\n\r\n\r",server);
			send(sock,messege,strlen(messege),0);
			getbanner(server,port,sock);
		}
		else{
			getbanner(server,port,sock);
		}
			
		
	}
	close(sock);
}

int main(int argc,char *argv[]){
	
	int i;
	if(argc!=2){
		printf("Code By Ph03n1X || king_purba@yahoo.co.uk\n");
		printf("Gunakan: %s <target>\n\n",argv[0]);
		exit(0);
	}
	for(i=0;i<PORT_TO_GRAB;i++){
		tcp_connect(argv[1],port[i]);
	}
}


mass.sh
--------

#!/bin/sh
echo ketikkan nama file list host yang mau di grab : ;
read list;
rm -rf banner.log
echo;
echo Open port dilog dalam file banner.log;
echo Hanya close port yang ditampilkan dilayar;
echo;
daftar=$(cat $list)
for host in $daftar
do
echo PORT GRABBING SERVER $host;
echo --------------------------------------;
./port_grab $host
echo;
done
#EoF