ctf：kali2：端口扫描:nmap和portscan

直接使用nmap无需use

msf6 auxiliary(scanner/mysql/mysql_login) > nmap -O -sV 192.168.3.54
[*] exec: nmap -O -sV 192.168.3.54

Starting Nmap 7.93 ( https://nmap.org ) at 2022-12-09 05:11 EST
Nmap scan report for 192.168.3.54
Host is up (0.00037s latency).
Not shown: 991 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu4 (Ubuntu Linux; protocol 2.0)
80/tcp open http Apache httpd 2.2.14 ((Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL...)
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
143/tcp open imap Courier Imapd (released 2008)
443/tcp open ssl/https?
445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
5001/tcp open java-object Java Object Serialization
8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
8081/tcp open http Jetty 6.1.25
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port5001-TCP:V=7.93%I=7%D=12/9%Time=639309C6%P=x86_64-pc-linux-gnu%r(NU
SF:LL,4,"\xac\xed\0\x05");
MAC Address: 08:00:27:51:C0:85 (Oracle VirtualBox virtual NIC)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.17 - 2.6.36
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.70 seconds
msf6 auxiliary(scanner/mysql/mysql_login) > search portscan

Matching Modules
================

# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 auxiliary/scanner/portscan/ftpbounce normal No FTP Bounce Port Scanner
1 auxiliary/scanner/natpmp/natpmp_portscan normal No NAT-PMP External Port Scanner
2 auxiliary/scanner/sap/sap_router_portscanner normal No SAPRouter Port Scanner
3 auxiliary/scanner/portscan/xmas normal No TCP "XMas" Port Scanner
4 auxiliary/scanner/portscan/ack normal No TCP ACK Firewall Scanner
5 auxiliary/scanner/portscan/tcp normal No TCP Port Scanner
6 auxiliary/scanner/portscan/syn normal No TCP SYN Port Scanner
7 auxiliary/scanner/http/wordpress_pingback_access normal No Wordpress Pingback Locator

Interact with a module by name or index. For example info 7, use 7 or use auxiliary/scanner/http/wordpress_pingback_access

msf6 auxiliary(scanner/mysql/mysql_login) > use auxiliary/scanner/portscan/tcp
msf6 auxiliary(scanner/portscan/tcp) > show options

Module options (auxiliary/scanner/portscan/tcp):

Name Current Setting Required Description
---- --------------- -------- -----------
CONCURRENCY 10 yes The number of concurrent ports to check per host
DELAY 0 yes The delay between connections, per thread, in milliseconds
JITTER 0 yes The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.
PORTS 1-10000 yes Ports to scan (e.g. 22-25,80,110-900)
RHOSTS yes The target host(s), see https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit
THREADS 1 yes The number of concurrent threads (max one per host)
TIMEOUT 1000 yes The socket connect timeout in milliseconds

View the full module info with the info, or info -d command.

msf6 auxiliary(scanner/portscan/tcp) > set RHOSTS 192.168.3.54
RHOSTS => 192.168.3.54
msf6 auxiliary(scanner/portscan/tcp) > exploit

[+] 192.168.3.54: - 192.168.3.54:22 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:80 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:139 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:143 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:445 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:443 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:5001 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:8080 - TCP OPEN
[+] 192.168.3.54: - 192.168.3.54:8081 - TCP OPEN
[*] 192.168.3.54: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/portscan/tcp) > back
msf6 >

ctf：kali2：端口扫描:nmap和portscan相关推荐

UDP 端口扫描 - Nmap
0x00:简介 nmap 在二层做主机发现时使用的参数是 sn(ping 扫描,不做端口扫描).在三层做主机发现时也是使用的 sn 参数,这里二三层都用的 sn 参数,而具体使用的是二层协议 arp ...
渗透测试用工具（一）端口扫描Nmap
参考链接https://www.cnblogs.com/weihua2616/p/6599629.html 一.Nmap Nmap作为渗透工具可以用于以下方面: 主机发现 - 识别网络上的主机.例如, ...
网络安全自学篇之Web漏洞及端口扫描之Nmap、ThreatScan和DirBuster工具
前言: Web渗透技术的核心是发现Web漏洞,发现漏洞有手工和软件自动化扫描两种方式.对于用户验证漏洞.用户凭证管理问题.权限特权及访问控制漏洞.缓存漏洞.跨站脚本漏洞.加密漏洞.路径切换漏洞.代码注 ...
nmap扫描mysql弱口令_弱口令检测和端口扫描
在Linux 6.0 以上版本上操作,并且用远程连接虚拟机rhk-2 二.操作脚本 1.光盘挂载 > mount /dev/cdrom /mnt 2.创建用户和设置用户密码 > usera ...
端口扫描神器 - Nmap的基本使用
搜索公众号:白帽子左一,领配套练手靶场,全套安全课程及工具一.Nmap简介 Nmap是一款网络扫描和主机检测的非常有用的工具. 可以用于收集信息和枚举,同时可以用来作为一个漏洞探测器或安全扫描器. ...
信息收集之基础端口扫描《诸神之眼——Nmap网络安全审计技术揭秘》总结一
端口扫描 <诸神之眼--Nmap网络安全审计技术揭秘>总结手动端口扫描 Nmap Nmap的基本操作活跃主机发现技术基于ARP协议的活跃主机发现技术基于ICMP协议的活跃主机发现技 ...
“诸神之眼”——Nmap端口扫描工具使用小手册
"诸神之眼"--Nmap端口扫描工具使用小手册 1.Nmap介绍 1.1.Nmap简介 Nmap ("Network Mapper(网络映射器)") 是一款开放 ...
linux系统端口扫描工具,[命令] Linux 端口扫描工具 nmap 的使用（转载）
注意:在使用 nmap 命令之前要先安装 nmap 软件包 Nmap 简介 Nmap ("Network Mapper(网络映射器)") 是一款开放源代码的网络探测和安全审核的工 ...
信息收集之nmap端口扫描
0x00 目标指定 1.指定单个IP或多个或C段 nmap 192.168.1.1 192.168.168.1.100 多个使用空格 nmap 192.168.1.0/24 C段 2.从文件中或者扫描 ...

ctf：kali2：端口扫描:nmap和portscan

ctf：kali2：端口扫描:nmap和portscan相关推荐

最新文章

热门文章