Solved

Expect Banner Grabbing with Telnet

Posted on 2014-03-25
3
558 Views
Last Modified: 2014-03-26
Hi,

I'm new to expect, but thought it would work well for scripting some banner grabbing. I've been working through the "Exploring Expect" book, and doing quite a bit of reading on the net, but can't seem to put it all together.

For this test script, I'm just trying to grab a banner from a service listening on a given port. Here is what I've got so far, and here is where I'm stuck. I suspect it's because I'm not using the correct string/syntax for one of my expect statement.

Here is what I manually type into the terminal
$ telnet 192.168.1.104 8834
Trying 192.168.1.104...
Connected to delta4.mynet.com (192.168.1.104).
Escape character is '^]'.
GET / HTTP/1.1

HTTP/1.1 400 Bad Request
Date: Tue, 25 Mar 2014 08:55:42 GMT
Server: NessusWWW
Connection: close
Expires: Tue, 25 Mar 2014 08:55:42 GMT
Content-Length: 208
Content-Type: text/html
X-Frame-Options: DENY
Cache-Control:
Expires: 0
Pragma :

Here is my script as it is now
--------------------------------------------------------------------------
#!/usr/bin/expect

if {[llength $argv] != 2} {
    puts "usage: $argv0 IP_address port\n"
    exit 1
}

set timeout -1
match_max 100000

set address [lindex $argv 0]
set port [lindex $argv 1]

spawn telnet $address $port
expect "^Escape*"
send "GET / HTTP/1.1\r\r"
expect "HTTP*"
expect eof

--------------------------------------------------------------------------
When I run the script, here is as far a it goes
$ ./get.exp 192.168.1.104 8834
spawn telnet 192.168.1.104 8834
Trying 192.168.1.104...
Connected to delta4.mynet.com (192.168.1.104).
Escape character is '^]'.
--------------------------------------------------------------------------

I realize I am not putting any expect statements in for the lines
Trying 192.168.1.104...
Connected to delta4.mynet.com (192.168.1.104).
but then, in the book, where the author has an example ftp snippet, he skips over all the lines following where he sends his password, and doesn't use an expect statement until he expects the ftp> prompt. So, following his lead, I thought it would be ok to skip over the first few lines received following the telnet statement until I got to the line
Escape character is '^]'.  Here is where the program hangs.

if anyone can help me out with this, I would appreciate very much.

Thanks,
jpetter
0
Comment
Question by:jpetter
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
simon3270 earned 500 total points
ID: 39954730
You don't need the "^" or "*" characters in your expect strings - have, for example

    expect "Escape"

You also don't strictly need the expect "HTTP" bit, since you are immediately following it with an expect eof - you can just have the expect eof.
0
 

Author Comment

by:jpetter
ID: 39955844
simon3270,

Thanks so much! That did the trick...I appreciate the quick help.

jpetter
0
 

Author Closing Comment

by:jpetter
ID: 39955847
Spot on with the solution, and quick to respond...many thanks to simon3270.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
Over the years I've spent many an hour playing on hardened, DMZ'd servers, with only a sub-set of the usual GNU toy's to keep me company; frequently I've needed to save and send log or data extracts from these server back to my PC, or to others, and…
Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now