Nmap banner NSE Script

Script Overview

---

Script source code: https://github.com/nmap/nmap/tree/master/scripts/banner.nse
Script categories: discovery, safe
Target service / protocol: any
Target network port(s): any
List of CVEs: -

Script Description

---

A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds.

The banner will be truncated to fit into a single line, but an extra line may be printed for every increase in the level of verbosity requested on the command line.

Banner NSE Script Arguments

---

This is a full list of arguments supported by the banner.nse script:

banner.ports

Which ports to grab. Same syntax as -p option. Use "common" to only grab common text-protocol banners. Default: all ports.

banner.timeout

How long to wait for a banner. Default: 5s

- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:

nmap --script=banner --script-args banner.ports=value,banner.timeout=value <target>

Banner NSE Script Example Usage

---

Here's an example of how to use the banner.nse script:

nmap --script=banner <target>

Banner NSE Script Example Output

---

Here's a sample output from the banner.nse script:

21/tcp open  ftp
|_ banner: 220 FTP version 1.0\x0D\x0A

Banner NSE Script Example XML Output

---

There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.

Author

---

• jah

References

---

• https://nmap.org/nsedoc/scripts/banner.html
• https://github.com/nmap/nmap/tree/master/scripts/banner.nse

See Also

---

Visit Nmap NSE Library for more scripts.

The banner.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.

failed for %s on %s port %s. Message: %s

---

Here is a relevant code snippet related to the "failed for %s on %s port %s. Message: %s" error message:

72:	
73:	  local status, response = comm.get_banner(host, port, opts)
74:	
75:	  if not status then
76:	    local errlvl = { ["EOF"]=3,["TIMEOUT"]=3,["ERROR"]=2 }
77:	    stdnse.debug(errlvl[response] or 1, "failed for %s on %s port %s. Message: %s", host.ip, port.protocol, port.number, response or "No Message.")
78:	    return nil
79:	  end
80:	
81:	  return response:match("^%s*(.-)%s*$");
82: