In this section, we will grab the HTTP banner of a website. Banner grabbing or OS fingerprinting is a method to determine the operating system that is running on a target web server. In the following program, we will sniff the packets of a website on our computer, as we did in Chapter 3, Sniffing and Penetration Testing.
The code for the banner grabber is shown as follows:
import socket import struct import binascii s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.ntohs(0x0800)) while True: pkt = s.recvfrom(2048) banner = pkt[54:533] print banner print "--"*40
Since you must have read Chapter 3, Sniffing and Penetration Testing, you should be familiar with this code. The
banner = pkt[54:533] statement is new here. Before
pkt[54:], the packet contains TCP, IP, and Ethernet information. After doing some hit and trail, I found that the banner grabbing information resides between
[54:533].You can do hit and trail by taking slice