« How to install Hamachi on Ubuntu (All) as a service | Main | Nbtscan »
Friday
06Mar2009

Snarf

DateFriday, March 6, 2009 at 10:51PM

  I have been using a program lately called snarf. I always use it with the -v option. I have incorporated it into my version of bashpodder and I also use it for all of my command line downloads. Snarf is not included by default in ubuntu, so you will have to manually install it.

sudo apt-get install snarf

  Here is an example of how I would use it.

 

snarf -v http://hydrogen.oshean.org/psw-airpwn.m4v

 

the output should look something like this

 

drew@laptop:~$ snarf -v http://hydrogen.oshean.org/psw-airpwn.m4v
HTTP/1.1 200 OK
Date: Tue, 09 Sep 2008 02:01:35 GMT
Server: Apache
Last-Modified: Mon, 09 Oct 2006 00:10:48 GMT
ETag: "1eb407a-3305d52-45299388"
Accept-Ranges: bytes
Content-Length: 53501266
Connection: close
Content-Type: text/plain; charset=iso-8859-1

http://hydrogen.oshe
an.org/psw-airpwn.m4v (52247K)
psw-airpwn.m4v [#### ] 10927K | 291.38K/ss

 

  As you can see the ###'s are the progress bar. If you look at the beginning of the output you can see what kind of server it is running on.

  Snarf is a good tool for information gathering bacause snarf will usually output a lot of information about the server you are downloading from. If you are trying to assess the server without doing say, an nmap or port scan you could just "snarf -v" the website's homepage.

  Let's try another one.

drew@laptop:~$ snarf -v twit.tv
HTTP/1.1 200 OK
Date: Tue, 09 Sep 2008 02:11:26 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Set-Cookie: SESS75d408f2ce389493e4955f4b0d50c557=gamt7i1jcg52e1c60qd15aksa0; expires=Thu, 02 Oct 2008 05:44:46 GMT; path=/; domain=.twit.tv
Last-Modified: Tue, 09 Sep 2008 02:06:41 GMT
ETag: "1a906da29faa3716f27d19c6d8073eab"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8

http://twit.tv (unknown size)
index.html [-] 32K
33753 bytes transferred in 0.22 sec (147.33k/sec)

  Here we can see that the server is running apache version 2.0.52 on a red hat machine. If you know some redhat or apache vulnerabilities ...

 

AuthorDrew | CommentPost a Comment |

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.
Author Email (optional):
Author URL (optional):
Post:
 
All HTML will be escaped. Hyperlinks will be created for URLs automatically.
Alert
Comment Moderation Enabled
Your comment will not appear until it has been cleared by a website editor.