Banner grabbing with Nmap NSE
Nmap has an integrated Nmap Scripting Engine (NSE) script that can be used to read banners from network services running on remote ports. This specific recipe will demonstrate how to use Nmap NSE to acquire service banners in order to identify the services associated with open ports on a target system.
Getting ready
To use Nmap NSE to gather service banners, you will need to have a remote system running network services that discloses information when a client device connects to them. In the examples provided, an instance of Metasploitable2 is used to perform this task. For more information on setting up Metasploitable2, please refer to the Installing Metasploitable2 recipe in Chapter 1, Getting Started.
How to do itβ¦
Nmap NSE scripts can be called using the --script
option in Nmap and then specifying the name of the desired script. For this particular script, a -sT
full-connect scan should be used, as service banners can only be collected when a full TCP connection...