Nmap advanced usage-bug warning-the black bar safety net

ID MYHACK58:62200716978
Type myhack58
Reporter 佚名
Modified 2007-09-20T00:00:00


Today with Nmap when HOU found Nmap tips Happy 10th Birthday to Nmap, may it live to be 1 1 0! (It's been 1 0 years old birthday, perhaps you can can live to be 1 1 0 years old)didn't think 9 7 years 9 months 1 day it was born the day of 1 0 years of grinding sword. In honor of this great port scanner of the king, in addition to Online streaming of several versions of the tutorials are several years ago. I put some of their own using the tips out Nmap the king is not white called, it has the industry's most strong several functions, some of which feature other commercial and free scanner can not be replaced Such as System / Application Version TCP stack probes, but a lot of people are just simple with a-O-sV parameters to the probe, I put my probe method the way nmap-P0-sT-vv-n-p80 --script=./ showSMTPVersion. nse-iL c:\smtp.txt -oN c:\Vulnerable.txt

-sV --version-all Detect the application version, using the highest intensity detected

-O --osscan-guess DetectionOSversion, use the most aggressive mode

-P0 The vast majority of hosts are rejecting ICMP,without this parameter cannot be scanned

-sT Someone might wonder why not faster-sS? There are two reasons, the first of many firewall detects a syn scan with-sS what sweep does not come out, The second range of scan time the semi-connected as 3 times the connection of the TCP connection to determine precise and reliable -vv Make you understand the scanning process in detail, if you find which process is that you don't need can be immediately adjusted,

-n In a wide range of the scan address when the candidate does not use this parameter causes nmap abnormal slow, half-day card to that I don't know why, the result is added-vv parameter is found, the original is to put each ip are dns resolution again, plus-n can not resolve dns.

-p80 Scan TCP 8 0 port

--script=./ showSMTPVersion. nse nmap was added by script scan engine can scan the web directory as well as remote overflow and weak password, this functionality seems to be recently a few months only

-iL c:\smtp.txt Read c:\smtp. txt the list of Hosts file the ip

-oN c:\Vulnerable.txt 将 探测 结果 保存 在 c:\Vulnerable.txt