Snarf
Submitted by Drew on Mon, 09/08/2008 - 21:55.
I have been using a program lately called snarf. I always use it with the -v option. I have incorporated it into my version of bashpodder and I also use it for all of my command line downloads. Snarf is not included by default in ubuntu, so you will have to manually install it.
sudo apt-get install snarf
Here is an example of how I would use it.
snarf -v http://hydrogen.oshean.org/psw-airpwn.m4v
the output should look something like this
drew@laptop:~$ snarf -v http://hydrogen.oshean.org/psw-airpwn.m4v HTTP/1.1 200 OK Date: Tue, 09 Sep 2008 02:01:35 GMT Server: Apache Last-Modified: Mon, 09 Oct 2006 00:10:48 GMT ETag: "1eb407a-3305d52-45299388" Accept-Ranges: bytes Content-Length: 53501266 Connection: close Content-Type: text/plain; charset=iso-8859-1 http://hydrogen.oshe an.org/psw-airpwn.m4v (52247K) psw-airpwn.m4v [#### ] 10927K | 291.38K/ss
As you can see the ###'s are the progress bar. If you look at the beginning of the output you can see what kind of server it is running on.
Snarf is a good tool for information gathering bacause snarf will usually output a lot of information about the server you are downloading from. If you are trying to assess the server without doing say, an nmap or port scan you could just "snarf -v" the website's homepage.
Let's try another one.
drew@laptop:~$ snarf -v twit.tv HTTP/1.1 200 OK Date: Tue, 09 Sep 2008 02:11:26 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/5.2.6 Set-Cookie: SESS75d408f2ce389493e4955f4b0d50c557=gamt7i1jcg52e1c60qd15aksa0; expires=Thu, 02 Oct 2008 05:44:46 GMT; path=/; domain=.twit.tv Last-Modified: Tue, 09 Sep 2008 02:06:41 GMT ETag: "1a906da29faa3716f27d19c6d8073eab" Expires: Sun, 19 Nov 1978 05:00:00 GMT Cache-Control: must-revalidate Connection: close Content-Type: text/html; charset=utf-8 http://twit.tv (unknown size) index.html [-] 32K 33753 bytes transferred in 0.22 sec (147.33k/sec)
Here we can see that the server is running apache version 2.0.52 on a red hat machine. If you know some redhat or apache vulnerabilities ...
That is it for now.
Good luck and enjoy.
Drew
»
- Drew's blog
- Add new comment
- 288 reads
