Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Banner grabbing
From: "'Joshua D. Abraham'" <jabra () ccs neu edu>
Date: Fri, 13 Jan 2006 14:43:22 -0500

On Fri, Jan 13, 2006 at 12:34:14AM -0800, Brandon Enright wrote:
Joshua D. Abraham wrote:

Hey Guys,

Currently, I am building a tool that is based on nmap. I would like to
be able to grab banners when performing an nmap scan. I looked briefly
at the code and I believe that the banners are being captured and not
displayed. Currently, I am using another tool to capture the banners
and I would like to depreciate this dependency.  My skills in C/C++
are very rusty and I would really like to see this as a feature in

Joshua Abraham

You are looking for the Service Version flag "-sV".  Nmap will try a number
of different payloads depending on the port and attempt to match against a
list of regular expressions.

If you are also operating system fingerprinting with "-O" you may want to
use "-A" instead which turns on both "-O" and "-sV".

Hope that helps.


Currently, I am using -A in the tool I have built. What i am looking
for is nmap to display the banners for the service not just the
version and service name.


$ telnet 22
Connected to
Escape character is '^]'.
SSH-2.0-OpenSSH_3.9p1 Debian-1ubuntu2

Which is different from:

$ nmap -A
Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2006-01-13
14:39 EST
Interesting ports on localhost.localdomain (
(The 1658 ports scanned but not shown below are in state: closed)
    22/tcp  open  ssh     OpenSSH 3.9p1 (protocol 2.0)

Nmap run completed -- 1 IP address (1 host up) scanned in 15.418


Brandon Enright
UCSD ACS/Network Operations
bmenrigh () ucsd edu

Sent through the nmap-dev mailing list

Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]