Grab.js NPM | npm.io

grab.js

Usage

Quick Example

const grabber = require('grab.js');
grabber.grab(ip, port)
  .run()
  .then(result => { /* process the result */ })
  .catch(err => { /* error handling */ })

Api

grabber.grab(ip, port, options}

Returns a Grab object. You need to call run method to execute it.

ip: target ip
port port number
options (optional): An object contains initial settings for the Grab, supports tls and payload and both of them are optional.

Grab#run()

Exeute the task, returns a Promise which yields a record. The record can have following fields:

record.banner: the banner Buffer
record.certificate: certificate information (only avaliable when TLS is enabled)

Grab.tls

Enable TLS.

Grab.payload

The Buffer to send when connection established. Payload file can be found under nmap/paylaods.

grabber.escape(buffer)

Escape buffer to printable chars.

grabber.parser(service)

Returns a promise that loads a parser function with given parser rule name. Rule names can be found under nmap/parsers.

Parser.parse(buffer)

Parse buffer to fingerprints. Fingerprint could have following fields:

cpes: common platform enumeration
os: operating system
product: product name
device: device type
service: service name, same as the only arguments for grabber.parser
version: software version

Notice that a Parser object instance is not exported. This is by design.

Command util

This project provides a cli tool for quick banner grab like zgrab

For example, scanning ftp banner on given CIDR:

sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json

Leave cidr blank to scan 0.0.0.0/20

find nmap to checkout all avaliable parsers and payloads.

Options

-p, --port the port
-s, --tls use tls (https, imaps, etc)
--payload send a payload upon connection. ls -R nmap/payloads to see all supported parsers.
--parser parse banner with nmap's rule. ls nmap/parsers to see all supported parsers.