davidlares · February 18, 2020 22:22
diff --git a/vuln.py b/vuln.py
 #!/usr/bin/python3

 import socket
 import os
 import sys # handling CLI args

 def get_banner(ip, port):
    try:
        socket.setdefaulttimeout(2)
        s = socket.socket()
        # connection evaluation
        s.connect((host, port))
        banner = s.recv(1024) # receiving bits
        return banner
    except Exception as e:
        return # say nothing

 def check_vulnerabilities(banner, filename):
    f = open(filename, 'r') # open file
    # looping through the txt
    for line in f.readlines():
        if line.strip("\n") in banner:
            print("[+] Vuln Server: ", banner.strip("\n"))

 def main():
    # check the number of args passed
    if len(sys.argv) == 2:
        filename = sys.argv[1]
        # check existance
        if not os.path.isfile(filename):
            print("[-] File does not exists - not found")
            exit(0)
        # check user privilege
        if not os.access(filename, os.R_OK):
            print("[-] Access Denied")
            exit(0)
    else:
        print("[-] Usage: " + str(sys.argv[0]) + " <vuln filename> ")
        exit()

    # list of known (common) ports
    port_list = [21,22,25,80,110,443]

    # looping ports (full range)
    for x in range(1,255):
        # setting the subnet static range
        ip = "192.168.1." + str(x)
        for port in port_list:
            banner = get_banner(ip, port)
            if banner:
                print("[+] %s/%s: %s" % ip, str(port), banner.strip("\n"))
                # evaluating the banner against the txt file
                check_vulnerabilities(banner,filename)

 if __name__ == "__main__":
    main()
diff --git a/vulnbanners.txt b/vulnbanners.txt
 SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1
	#!/usr/bin/python3

	import socket
	import os
	import sys # handling CLI args

	def get_banner(ip, port):
	try:
	socket.setdefaulttimeout(2)
	s = socket.socket()
	# connection evaluation
	s.connect((host, port))
	banner = s.recv(1024) # receiving bits
	return banner
	except Exception as e:
	return # say nothing

	def check_vulnerabilities(banner, filename):
	f = open(filename, 'r') # open file
	# looping through the txt
	for line in f.readlines():
	if line.strip("\n") in banner:
	print("[+] Vuln Server: ", banner.strip("\n"))

	def main():
	# check the number of args passed
	if len(sys.argv) == 2:
	filename = sys.argv[1]
	# check existance
	if not os.path.isfile(filename):
	print("[-] File does not exists - not found")
	exit(0)
	# check user privilege
	if not os.access(filename, os.R_OK):
	print("[-] Access Denied")
	exit(0)
	else:
	print("[-] Usage: " + str(sys.argv[0]) + " <vuln filename> ")
	exit()

	# list of known (common) ports
	port_list = [21,22,25,80,110,443]

	# looping ports (full range)
	for x in range(1,255):
	# setting the subnet static range
	ip = "192.168.1." + str(x)
	for port in port_list:
	banner = get_banner(ip, port)
	if banner:
	print("[+] %s/%s: %s" % ip, str(port), banner.strip("\n"))
	# evaluating the banner against the txt file
	check_vulnerabilities(banner,filename)

	if __name__ == "__main__":
	main()