Banner grabbing error: HTTP/1.0 408 Request Time-out python socket programming

Banner grabbing error: HTTP/1.0 408 Request Time-out python socket programming

import socket
from IPy import IP
#multiple targets
targets = input('Enter target/s use comma to split target: ') #type in ip address

#use nslookup to find ip address of website and use www. nslookup (www.gb.facebook.com/)

def scan(target):
    converted_ip = check_ip(target)
    print('\n' + 'Scanning Targer' + ' ' +str(target) )
    for port in range(75,81):
        scan_port(converted_ip, port)



def check_ip(ip):
    try:
        IP(ip) #converts to ip address
        return ip
    except ValueError:
        return socket.gethostbyname(ip) #converts website name to ip address
        

        
def get_banner(s):
    return s.recv(2048)

def scan_port(ip_address, port):
    try:
        sock = socket.socket()
        sock.settimeout(10)#this is how long to look for the port however the accuracy of the port will be low
        sock.connect((ip_address,port)) #connect to ip address
        try:
            banner = get_banner(sock)
            
            print('port'+ str(port)  +'is open and banner is open' + str(banner.decode().strip('\n')))
        except:
            print('port'+ str(port)  +'is open')
      
    except:
        pass
    
        
#converted_ip = check_ip(ip_address)



  if ',' in targets:
        for ip_add in targets.spilt(','): #words spilt with comma
            scan(ip_add.strip(' ')) #removes empty spaces
    else:
        scan(targets)

我试图用横幅抓取一个网站,但我收到了这个错误:

Enter target/s use comma to split target: testphp.vulweb.com

Scanning Targer testphp.vulweb.com
port80is open and banner is openHTTP/1.0 408 Request Time-out
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html><body><h1>408 Request Time-out</h1>
Your browser didn't send a complete request in time.
</body></html>
    

我尝试增加 sock.settimeout() 以增加找到 'banner' 所花费的时间,但是当我减少找到 'banner' 所花费的时间时出现了这种情况完全没找到,欢迎指教

看看错误吧return:Your browser didn't send a complete request in time.

尝试完成您的 HTTP 请求,如下所示:

def get_banner(s, target):
    # target is dns host name, ie "testphp.vulweb.com"
    headers = \
        "GET / HTTP/1.1\r\n" \
        f"Host: {target}\r\n" \
        "User-Agent: python-custom-script/2.22.0\r\n" \
        "Accept-Encoding: gzip, deflate\r\nAccept: */*\r\n" \
        "Connection: keep-alive\r\n\r\n"
    print("\n\n" + headers)

    s.send(headers.encode())  # send request
    resp = s.recv(2048)  # receive response
    return resp

— 注意你必须将 target 作为 Host header

输出将是:

Scanning Targer testphp.vulweb.com, ip: 70.32.1.32, port: 80


GET / HTTP/1.1
Host: testphp.vulweb.com
User-Agent: python-custom-script/2.22.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive


port 80 is open and banner is openHTTP/1.1 302 Found
Date: Sun, 25 Oct 2020 22:06:45 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1603663605.4398154; expires=Wed, 23-Oct-2030 22:06:45 GMT; Max-Age=315360000
Location: http://ww1.testphp.vulweb.com/?sub1=20201026-0906-4558-946c-192d28ec2089
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

请注意它 return 302(重定向)状态代码,因此可能(取决于您的目标)您需要在 Location 响应 header 上关注 url