Neurohazard
暮雲煙月,皓首窮經;森羅萬象,如是我聞。

正则表达式解析 port banner

wpadmin~September 4, 2019 /Software Engineering

Contents

正则表达式解析 FTP banner

<!–more–>

案例 1 FTP

package main

import (
    &quot;fmt&quot;
    &quot;regexp&quot;
)

func main() {
    banner1 := &quot;220 MT_ILO_Novatel FTP server (MikroTik 5.8) ready&quot;
    banner2 := &quot;220 Piano -1 FTP server (MikroTik 6.41.3) ready&quot;
    banner3 := &quot;220 MikroTik FTP server (MikroTik 6.35.4) ready&quot;
    re := regexp.MustCompile(`(?m)220\s.+\s[fFtTpP]{3}\s[sSeEvVrR]{6}\s\([MmIiKkRroOtT]{8}\s(.+)\)\sready`)
    match := re.FindStringSubmatch(banner1)
    fmt.Println(match[1])
    match = re.FindStringSubmatch(banner2)
    fmt.Println(match[1])
    match = re.FindStringSubmatch(banner3)
    fmt.Println(match[1])
}

案例 2 Lighttpd

package main

import (
    &quot;fmt&quot;
    &quot;regexp&quot;
    &quot;strings&quot;
)

func main() {
    banner1 := &quot;lighttpd/1.4.10a aaa&quot;
    banner2 := &quot;lighttpd ccc&quot;
    banner3 := &quot;lighttpd/1.4.30 www&quot;
    banner4 := &quot;lighttpd/1.4.10a&quot;
    banner5 := &quot;lighttpd/1.4.28.p07&quot;
    banner6 := &quot;lighttpd/1.4.32-Android-Blackeye-Web-Server&quot;

    re := regexp.MustCompile(`(?m)lighttpd(/)*(\d(\.\w+)*){0,1}`)
    match := re.FindStringSubmatch(banner1)
    // fmt.Println(match[1])
    fmt.Println(strings.Join(match, &quot;||&quot;))
    match = re.FindStringSubmatch(banner2)
    fmt.Println(strings.Join(match, &quot;||&quot;))
    match = re.FindStringSubmatch(banner3)
    fmt.Println(strings.Join(match, &quot;||&quot;))
    match = re.FindStringSubmatch(banner4)
    fmt.Println(strings.Join(match, &quot;||&quot;))
    match = re.FindStringSubmatch(banner5)
    fmt.Println(strings.Join(match, &quot;||&quot;))
    match = re.FindStringSubmatch(banner6)
    fmt.Println(strings.Join(match, &quot;||&quot;))

}

mini_httpd

严格版
mini_httpd/\d{0,4}\.\d{0,4}\s\d{2}[a-zA-Z]{3}\d{4}

简单版
mini_httpd/(\d{1,}\.\d{1,})

测试字符串

Server: mini_httpd/1.21 18oct2014
Server: mini_httpd/1.21-fli4l
Server: mini_httpd/1.19/bhoc
Server: mini_httpd/1.15c
Server: mini_httpd/1.21n1

nginx

简单版
nginx\/{0,1}(\d\.\d{0,2}\.\d{0,2}){0,1}

测试字符串

Server: nginx/1.12.2
Server: nginx
Server: nginx/1.14.1
Server: nginx/1.14.0 (Ubuntu)
Server: nginx/1.10.3 (Ubuntu)
Server: nginx/0.3.33
Server: nginx + Phusion Passenger 6.0.2
Server: nginx centminmod
Server: nginx/1.14.1 + Phusion Passenger 4.0.60

Leave a Reply

Your email address will not be published. Required fields are marked *