..
~~
~~
Nmap Arabic
Copyright abdallah kurdi
.. :
/http://abd-kurdi.blogspot.com
http://www.Arhack.net
BSD
. .
/ " "
~~
~~
.............................................................................................................................................................
: ......................................................................Nmap
: .........................................................
: .........................................................................
: .........................................................
: ....................................................
: .....................................................
: .......................................................................
: ............................................................
: .......................................................................
: .....................................
: ........................................................Zenmap
Nmap : )......................................................(NSE
: ).........................................................(Ndiff
: ........................................................................
: )....................................................................................................(Nmap
: )...............................................................................................(Nmap
: )............................................................................................................(CIDR
: )................................................................................(TCP/IP
~~
~~
...................................................................................................................
....................................................................................................................................................
: : ).........................................................................................................(Nmap
................................................................................................................................................................
) (Nmap ...............................................................................................................................................XP/
)(Nmap ........................................................................................................................................
............................................................................................................................................
)(Nmap .......................................................................................................................................
) (Nmap ................................................................................................................................ . Mac OS X
: ...................................................................................................
.............................................................................................................................................
................................................................................................................................................... .....................
.....................................................................................................................................................................
................................................................................................................................................. .............IP
..................................................................................................................................................................
................................................................................................................................................... ...................
........................................................................................... ................................................................
............................................................................................................................... .....................
........................................................................................................................................... ...............
........................................................................................................................ .....................................
)...................................................................................................................................................... (IPv6
: ..........................................................................................................
..........................................................................................................................................................
).................................................................................................................................................................. (Ping
)........................................................................................ ............................................................... (Ping
) ( Ping ......................................................................................................................................TCP SYN
) (Ping .........................................................................................................................................TCP ACK
) (Ping ................................................................................................................................ ................ UDP
...................................................................................................................................................................SCTP INIT Ping
..................................................................................................................................................................ICMP Echo Ping
)(Ping )....................................................................................................................................................... (ICMP
ICMP Address MaskPing .....................................................................................................................
IP Protocol Ping .......................................................................................................... Ping
............................................................................................................................................................................ ARP Ping
Trace route ...........................................................................................................................................................
)............................................................................................................................................................... (DNS
) (DNS ........................................................................................................................................................
~~
).....................................................................................................................................................(DNS
) / (DNS ................................................................................................................................................
...................................................................................................................................................... (HOST)/
: ..........................................................................................
/ ................................................................................................................................
).......................................................................................................................................( TCP SYN
).....................................................................................................................................................(TCP
)................................................................................................................................................................ (UDP
)......................................................................................................................................................( TCP NULL
)......................................................................................................................................................... ( TCP FIN
)...........................................................................................................................................................(Xmas
).......................................................................................................... ...................................(TCP
).............................................................................................................................................. (TCP ACK
) .....................................................................................................................................(IP Protocol
)(Ethernet .......................................................................................................................................................
............................................................................... ........................................................................................ IP
: ................................................................................/
........................................................................................................................... /
.....................................................................................................................................................
/ .....................................................................................................................................................
...........................................................................................................................................................
..............................................................................................................................................................
..................................................................................................................................................................
.......................................................................................................................................................
...........................................................................................................................................
: ...................................................................................
.....................................................................................................................................................
............................................................................................................................................................
)......................................................................................................................................................... (TCP/IP
..................................................................................................................................................
..........................................................................................................................................................
................................................................................................................................
)..................................................................................................................................................... (RPC
: .........................................................................................................
.................................................................................................................................................
.............................................................................................................................................
.............................................................................................................................................................
..........................................................................................................................................
~~
.............................................................................................................................................
........................................................................................... ..................................................
...........................................................................................................................................
)............................................................................................................................................................. (RTT
)............................................................................................................................................................. (RTT
..............................................................................................................................................
)..........................................................................................................................................................( TTL
.........................................................................................................................................................
..............................................................................................................................................
.............................................................................................................................................
...........................................................................................................................................................
.........................................................................................................................................................
.....................................................................................................................................
: .......................................................................................
............................................................................................................................
.......................................................................... ....................................................................................
)................................................................................................................................. (MTU
.................................................................................. .........................................................................
).............................................................................................................................................. (Idle Zombie
....................................................................................... ...............................................................
.............................................................................................................................................................
.............................................................................................................................................
)........................................................................................................................................................... (MAC
.............................................................................................................................................................
: .........................................................................................................
...................................................................................................................................................
..........................................................................................................................................................
)..................................................................................................................................................... (XML
).......................................................................................................................................... (Grepable
........................................................................................ .................................................
..................................................................................................................................................
).......................................................................................................................... .................................... (133t
~ ~
: ...................................................................
...............................................................................................................
....................................................................................................................................................
).................................................................................................................................................... (Nmap
....................................................................................................................................................................
......................................................................................................................................................................
................................................................................................................ ..............
........................................................................................................................................................
..................................................................................................................................................................
............................................................................................................................................
......................................................................................................................................................
~ ~
(Zenmap) : .............................................................................
)....................................................................................................................... (Zenmap
).............................................................................................................................................. (Zenmap
).......................................................................................................................................... (Zenmap
).............................................................................................................................................. (Zenmap
...................................................................................................................................................................
............................................................................. ..........................................................................
...................................................................................................................................................
......................................................................................................................................................
........................................................................................................................................................
..................................................................................................................................................
.....................................................................................................................................
.......................................................................... ...................................................................
........................................................................................................................................
(Nmap) : ..............................................................................(NSE).
)..................................................................................................................................... (Nmap
) (Script ................................................................................................................................................
) (Script ...........................................................................................................................................
)........................................................................................................................................................ (Script
) (Script ....................................................................................................................................
) (Script .............................................................................................................................................
)....................................................................................................................................................... (Script
)............................................................................... ........................................................... (Script
........................................................................................................... Ndiff :
).................................................................................................................................................. (Ndiff
) (Ndiff ...................................................................................................................................
)..................................................................................................................................... (Ndiff
)....................................................................................................................................... (XML
: ..................................................................................................
............................................................................................................................................
~ ~
...................................................................................................................................................
.............................................................................................................................................
........................................................................................................................................................
...............................................................................................................................................
.............................................................................................................................................................. Wireshark
............................................................................................................................................ Scanme.Insecure.org
)(Nmap ......................................................................................................................................
).................................................................................................................................... (Nmap
.......................................................................................................................................
)....................................................................................................................................... (CIDR
)................................................................................................................ ( TCP/IP
~ ~
)(Nmap
: ^__^ )(HECR.SYRIA
~ ~
~ ~
)(Nmap GNU
www.gnu.org/copyleft/gpl.html
)(TCP / IP
) (Nmap ""
.
) (Nmap .
/ :
) (
Windows Mac OS X
Nmap ) (NSE ) (
Ndiff )) (Nmap (
) Zenmap (
Nmap . Nmap :
~ ~
~ ~
: ) (Nmap
) (Nmap
www.insecure.org/search.html
. Nmap
(Nmap) www.nmap.org / /.
TCP/IP
) (Nmap )(
/www.nmap.org/submit ..............
Nmap
Nmap .
Nmap .insecure.org
.www.insecure.org/advertising.html
~ ~
C:\>nmap scanme.insecure.org
) (Nmap
$nmap scanme.insecure.org
) (Nmap X OS / /
#nmap scanme.insecure.org
/ / OS X Root/
~ ~
: )(Nmap
~ ~
)(Nmap Microsoft Windows OS .X
Nmap Nmap .
OS X
.
Mac OS
) (nmap
:
Nmap Windows
Nmap
Nmap ) (
Nmap Mac OS X
~ ~
Nmap Windows
...
Nmap .www.nmap.org
...
. Nmap )( (Nmap) .
Windows
~ ~
) (WinPcap
)(WinPcap
~ ~
) (WinPcap ) (WinPcap
) (Nmap )(WinPcap
WinPcap
~ ~
( Nmap)
./ / /
C:\Users\ABD>nmap scanme.insecure.org
STATE SERVICE
Nmap
( Nmap)
~ ~
Nmap
) (Nmap .
)) (Nmap .(
.....
# apt-get install Nmap
....
# yum install Nmap
....
# Emerge Nmap
Nmap :
# Nmap -V
Nmap version 6.25 ( http://nmap.org
~ ~
Nmap .....
6.25Nmap www.nmap.org
Nmap
Nmap .
...
www.nmap.org/download.html
$ wget http://nmap.org/dist/nmap-6.25.tgz
--2013-04-9 10:46 -- http://nmap.org/dist/nmap-6.25.tgz
Nmap
Nmap :
$ tar -xf nmap-6.25.tgz
...
~ ~
....
/.configure && make . ( cd nmap -6.25/). Nmap
$ cd nmap-6.25/
$ ./configure && make
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
...
...
.
:
$ sudo make install
Password: ********
~ ~
...
( Nmap)
$ nmap local host
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 CDT
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on e6400 (127.0.0.1):
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp
open
ssh
25/tcp
open
smtp
111/tcp open
rpcbind
139/tcp open
netbios-ssn
445/tcp open
microsoft-ds
631/tcp open
ipp
Nmap
~ ~
Nmap Mac OS X
..
) (Nmap Mac OS X www.nmap.org
: ) (Nmap Mac OS X
. 5.00
..
Nmap . . Nmap
~ ~
..
)( . Nmap . .
~ ~
..
. Nmap
Nmap Mac OS X
~ ~
...
Nmap nmap local host Mac OS X
Terminal Terminal
Nmap Mac OS X
Nmap .
~ ~
~ ~
. Nmap :
. Nmap
. ..
Nmap Sudo .
.
.
~ ~
) (Nmap IP ) (Nmap
IP .. XXX
>C:\Users\ABD
. .
SERVICE
STATE
POTR
http
open
80/tcp
\ ) (TCP/IP ...
~ ~
) (Nmap . IP ) (.
>C:\Users\ABD
Nmap .
: Nmap
192.168.1.1,100,101 . ^_^
~ ~
IP
IP .
) : ( Nmap
C:\Users\ABD>Nmap 192.168.10.1-100
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 CDT
Interesting ports on 192.168.10.1:
Not shown: 997 filtered ports
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp closed ftp
80/tcp open http
Interesting ports on 192.168.10.100:
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
Nmap done: 100 IP addresses (2 hosts up) scanned in 25.84 seconds
IP
~ ~
Nmap ) (CIDR ) (/
) : Nmap (CIDR/
C:\Users\ABD>Nmap 192.168.10.1/24
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 CDT
Interesting ports on 192.168.10.1:
Not shown: 996 filtered ports
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp closed ftp
23/tcp closed telnet
80/tcp open http
Interesting ports on 192.168.10.100:
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 256 IP addresses (2 hosts up) scanned in 8.78 second
(/) CDIR
~ ~
) IP (
Nmap .
:
Nmap iL ^_^
192.168.10.1
192.168.10.100
192.168.10.101
192.168.10.1 192.168.10.100 192.168.10.101
list.txt . list.txt
list.txt
-iL Nmap .list.txt
~ ~
) (iR ) ( . ) (Nmap
....
Nmap iR XXX :
C:\Users\ABD>nmap -iR 1
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap done: 1 IP address (1 host up) scanned in 8.69 seconds
>C:\Users\ABD
IP
: .
) (-iR1 Nmap IP .
) (.
.
~ ~
) (--exclude
C:\Users\ABD>192.168.10.0/24
--exclude 192.168.10.100
Starting Nmap 6.25 ( http://nmap.org ) 2013-04-9 10:46 CDT
Interesting ports on 192.168.10.1:
Not shown: 996 filtered ports
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp closed ftp
23/tcp closed telnet
80/tcp open http
...
IP
^_^
/ CIDR )/ (CIDR
.
C:\Users\ABD>Nmap 192.168.10.0/24 --exclude 192.168.10.100
Starting Nmap 6.25 ( http://nmap.org ) at 2012-12-31 14:29 Pacific Standard Time
~ ~
txt.
) (--excludefile ) (--exclude ) (file
--excludefile list.txt
C:\Users\ABD>nmap 192.168.10.0/24 --excludefile list.txt
Starting Nmap 6.25 ( http://nmap.org ) at 2012-12-31 14:42 Pacific Standard Time
Interesting ports on 192.168.10.100:
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
Nmap done: 253 IP addresses (1 host up) scanned in 33.10 second
list.txt ^_^.
~ ~
. ( Nmap )( A-)
Nmap -A XXX :
C:\Users\ABD>nmap -A 10.10.1.51
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 CDT
Interesting ports on 10.10.1.51:
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
80/tcp open http Linksys WAP54G wireless-G router http config
|_ html-title: 401 Unauthorized
| http-auth: HTTP Service requires authentication
|_ Auth type: Basic, realm = Linksys WAP54G
MAC Address: 00:12:17:AA:66:28 (Cisco-Linksys)
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.18 - 2.4.35 (likely embedded)
Network Distance: 1 hop
Service Info: Device: WAP
OS and Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.61 seconds
. Nmap
( A-)
~ ~
IPv6
( IPv6)( -6)
(Nmap) -6 xxx :
C:\Users\ABD>nmap -6 fe70::29aa:9db8:4154:d80e
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46
Central Daylight Time
Interesting ports on fe80::29aa:9db9:4164:d80e:
Not shown: 993 closed ports
PORT STATE SERVICE
135/tcp open msrpc
445/tcp open microsoft-ds
5357/tcp open unknown
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 227.32 seconds
IPv6
Nmap . IPv6
.(/) CIDR IPv6 IPv6
IPv6 IPv6 :
~ ~
~ ~
-PN
-sP
-PS
-PA
-PU
-PY
-PE
-PP
-PM
-PO
-PR
--traceroute
-R
-n
--system-dns
--dns-servers
-sL
Dont Ping
Perform a Ping Only Scan
~ ~
Dont Ping
..
( Nmap ) ping .
Nmap Ping )(-PN
Nmap XXX :
C:\Users\ABD>nmap 10.10.5.11
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 CDT
Note: Host seems down. If it is really up, but blocking our ping probes,
try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 3.16 seconds
) (Nmap
) Ping (-PN
Nmap PN XXX :
C:\Users\ABD>nmap -PN 10.10.5.11
Starting Nmap 6.25 ( http://nmap.org ) at 2012-12-31 17:17 Pacific Standard Time
Nmap scan report for 10.10.5.11
Host is up (0.024s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 44.56 seconds
>C:\Users\ABD
)(-PN
-PN Nmap
~ ~
) (-sP ping .
Nmap -sP:
ping
.
252 192.168.10.1 .
Nmap sP XXX :
ping )()(
~ ~
PORT
:
) (-PS 80
.. -PS 80,25,23,21
^_^
~ ~
PORT
80/tcp
:
) (PS-
.. PS 80,25,23,21-
^_^
~ ~
UDP Ping
Nmap PU XXX :
PORT
)(UDP/Ping
UDP UDP
.
.TCP
: ) (UDP ) (40125
... nmap PU22,80,25,445
~ ~
nmap PY port1,port2,port3 :
).(SCTP
SCTP .
PY- . :
nmap -PY22,80,445,20,25.
~ ~
Nmap PE XXX :
PORT
80/tcp
)(-PE
: ) (-PE ) (Ping
.
~ ~
nmap PP XXX :
ICMP
ICMP
. -PP
.
~ ~
nmap PM XXX :
C:\Users\ABD>nmap -PM 192.168.1.1
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 192.168.1.1
Host is up (0.0059s latency).
Not shown: 997 closed ports
PORT
80/tcp
STATE SERVICE
open http
PM
~ ~
IP Protocol Ping
nmap PO Protocol1,Protocol2,Protocol3 :
PORT
80/tcp
) (IP Ping
) (ICMP) (IGMP
) (nmap PO ICMP,IGMP )(IGMP,2) (ICMP,1
:
www.iana.org/assignments/protocol-numbers
~ ~
ARP Ping
nmap PR XXX :
PORT
80/tcp
) (-PR
) (Ping .
LAN ) ARP (.
: ARP .
~ ~
Traceroute
( Traceroute)
.( --traceroute)
STATE SERVICE
ADDRESS
1 6.00 ms 192.115.1.1
2 34.00 ms 192.115.10.3
3 34.00 ms scanme.nmap.org (74.207.244.221)
Nmap done: 1 IP address (1 host up) scanned in 29.36 seconds
C:\Users\ABD>
( tracepath)( traceroute)
. ( nmap)
~ ~
nmap R XXX :
C:\Users\ABD>nmap -R 64.13.134.52
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
)Nmap scan report for scanme.nmap.org (64.13.134.52
Host is up (0.079s latency).
Not shown: 994 filtered ports
STATE SERVICE
PORT
open ssh
22/tcp
open domain
53/tcp
closed gopher
70/tcp
open http
80/tcp
) (-R ) (IP
DNS
) ( Nmap ^_^
: ) (NMAP
~ ~
(-n) ( DNS)
C:\Users\ABD>nmap -n 64.13.134.52
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 64.13.134.52
Host is up (0.069s latency).
Not shown: 994 filtered ports
PORT
STATE SERVICE
22/tcp
open ssh
53/tcp
open domain
70/tcp
closed gopher
80/tcp
open http
. Nmap DNS
. ( -n )
. DNS
~ ~
nmap system-dns :
STATE SERVICE
.
. Nmap DNS
~ ~
nmap--dns-servers (server1,server2,server3) :
PORT
Nmap DNS .
) (--dns-servres Nmap .
DNS
.DNS
: .IPv6
~ ~
nmap sL XXX :
. DNS IP . DNS
.. IP DNS
~ ~
~ ~
~ ~
) (NMAP .
) ( Nmap TCP .
) TCP (UDP
) (Nmap .
.
-sS
-sT
-sU
UDP Scan
-sN
-sF
-sX
Xmas Scan
-sA
--scanflags
IP Protocol Scan
-sO
--send-eth
--send-ip
Send IP Packet
: /
.
~ ~
TCP SYN
nmap sS XXX :
PORT
80/tcp
) (TCP SYN
) /( ....
) (TCP SYN ) (TCP
) (SYN
.
.
:
) (TCP SYN
~ ~
) (TCP )(-sT
nmap sT XXX :
PORT
80/tcp
. )(IPV6
TCP
) .(
: .
) (-sS
~ ~
UDP Scan
UDP
(( ) UDP) ( -sU)
nmap sU XXX :
.UDP
.UDP ( SNMP DHCP DNS ) TCP
./ / TCP UDP
~ ~
nmap sN XXX :
)(--scanflags 73
~ ~
nmap sF XXX :
STATE
open|filtered http
PORT
80/tcp
: .
)(--scanflags 73
~ ~
Xmas Scan
)(Xmas
nmap sX XXX :
STATE
open|filtered http
PORT
80/tcp
) (--Scanflags 73
~ ~
(TCP) ( --scanflags)
STATE SERVICE
TCP ( --scanflags)
(--scanflags FIN ACK)
SYN
ACK
PSH
URG
RST
FIN
Flag
Usage
SYN
Synchronize
ACK
Acknowledgment
PSH
Push
URG
Urgent
RST
Reset
FIN
Finished
(TCP)
~ ~
(nmap sA XXX) :
PORT STATE
) (-sA
) (TCP ACK ) (Nmap )(RST
.
) (RST .
80
: ) (-sA /
~ ~
IP Protocol Scan
(nmap sO XXX) :
3C:\Users\ABD>nmap -sO 10.10.1.41
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 10.10.1.41
Host is up (0.026s latency).
Not shown: 255 open|filtered protocols
PROTOCOL STATE SERVICE
tcp
open
icmp
open
udp
open
17
: IP IANA
www.iana.org/assignments/protocol-number
~ ~
( nmap) ( --send-eth)
(nmap send-eth) :
STATE SERVICE
. IP Nmap
.IP
(--send-ip) (77)
~ ~
Send IP Packets
(IP)
(nmap send-ip) :
(IP)
( nmap) ( IP)
(--send-eth) (76)
~ ~
~ ~
Port Scanning Options
~ ~
: TCP / IP IANA
.www.iana.org/assignments/port-numbers
-F
}-p{port
}-p{port
"*" -p
}--top-ports{number
-r
~ ~
100 ( -F)
(nmap F XXX) :
C:\Users\ABD>nmap -F 72.29.72.224
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for quela.dizinc.com (72.29.72.224)
Host is up (0.18s latency).
Not shown: 88 filtered ports
PORT
STATE SERVICE
. 1000 ( NMAP)
. 100 ( -F)
~ ~
Scan Specific Ports
( -p)
C:\Users\ABD>nmap -p 80 33.29.88.252
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for quela.dizinc.com (36.99.88.114)
Host is up (0.025s latency).
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
C:\Users\ABD>
STATE SERVICE
200 ( -F)
~ ~
Scan Ports by Name
) (-F .
STATE
PORT
http
80/tcp open
imap
143/tcp open
) (imap,http ). (-F
.
)*( .... http,https.
(nmap p "http*" XXX )....
~ ~
Scan Ports by Protocol
) (U,T sU UDP
sT . TCP
) (-p .
PORT STATE
25/tcp filtered
: ) (nmap ) (TCP
) (UDP ) (-sU
~ ~
Scan All Ports
IP 65,535( -p"*")
STATE SERVICE
~ ~
Scan Top Ports
) (--top-ports
(nmap top-ports 10 XXX ) :
C:\Users\ABD>nmap --top-ports 10 .15.25.156.55
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
)Nmap scan report for 241.box203.quadra10c.serveex.com (22.365.33.253
Host is up (0.13s latency).
STATE
SERVICE
ftp
PORT
21/tcp open
80/tcp open
pop3
110/tcp open
443/tcp open
:
...................
~ ~
Perform a Sequential Port Scan
) (-r
(nmap r XXX ) :
C:\Users\ABD>nmap -r 66.63.184.241
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
)Nmap scan report for 241.box203.quadra10c.serveex.com (66.63.184.241
Host is up (0.16s latency).
Not shown: 988 filtered ports
STATE SERVICE
PORT
) (nmap
.
) (-r ) (nmap .
: ) (-r
) (-v .
~ ~
~ ~
~ ~
) Nmap ( .
.
.TCP / IP
Nmap .TCP / IP .
Nmap .
-O
--osscan-guess
-sV
--version-trace
RPC
-sR
~ ~
)(-o
(nmap O XXX ) :
C:\Users\ABD>nmap
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46
Central Daylight Time
...
)MAC Address: 00:0C:29:D5:38:F4 (VMware
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.9 - 2.6.28
Network Distance: 1 hop
...
) (nmap .
) (nmap .
.
: ) (-O) (-v
~ ~
TCP/IP
.( nmap)
www.nmap.org/submit ( nmap)
... No exact OS matches for host (If you know what OS is running on it, see
http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.00%D=12/16%OT=3001%CT=1%CU=32781%PV=Y%DS=1%G=Y%M=00204A%TM=4B29
OS:4048%P=i686-pc-windows-windows)SEQ(CI=I%II=I%TS=U)OPS(O1=M400%O2=%O3=%O4
OS:=%O5=%O6=)OPS(O1=M400%O2=M400%O3=%O4=%O5=%O6=)OPS(O1=%O2=M400%O3=M400%O4
OS:=%O5=%O6=)OPS(O1=%O2=%O3=M400%O4=%O5=%O6=)OPS(O1=M400%O2=%O3=M400%O4=%O5
OS:=%O6=)WIN(W1=7FF%W2=0%W3=0%W4=0%W5=0%W6=0)WIN(W1=7FF%W2=7FF%W3=0%W4=0%W5
OS:=0%W6=0)WIN(W1=0%W2=7FF%W3=7FF%W4=0%W5=0%W6=0)WIN(W1=0%W2=0%W3=7FF%W4=0%
OS:W5=0%W6=0)WIN(W1=7FF%W2=0%W3=7FF%W4=0%W5=0%W6=0)ECN(R=Y%DF=Y%T=40%W=0%O=
OS:%CC=N%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T1(R=Y%DF=Y%T=40%S=O%A=O
OS:%F=AS%RD=0%Q=)T1(R=Y%DF=Y%T=40%S=Z%A=S+%F=AR%RD=0%Q=)T2(R=Y%DF=Y%T=40%W=
OS:0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T3(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=
OS:)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=
OS:S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF
.
.
~ ~
. ( nmap)
(--Oscan-guess)
STATE SERVICE
. ( nmap)
.
(--osscan-guess) ( --fyzzy) :
.
~ ~
) (-sV
(nmap sV XXX ) :
C:\Users\ABD>nmap -sV 88.26.11.24.1
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
)Nmap scan report for 241.box203.quadra10c.serveex.com (65.123.11.29
Host is up (0.16s latency).
Not shown: 988 filtered ports
STATE SERVICE VERSION
PORT
)-fips mod_bwlimited/1.4
465/tcp open ssl/smtp Exim smtpd 4.80
)993/tcp open ssl/imap Courier Imapd (released 2011
995/tcp open ssl/pop3 Courier pop3d
Service Info: Host: box203.exaservers.com
>C:\Users\ABD
) (-sV .
Nmap .
: ) (-sV .
9100-9107 .
.
) (--allports ) . (--allports sV
~ ~
. ( --version-trace)
.
.10
~ ~
RPC
. ( -sR )
(nmap sR XXX ) :
C:\Users\ABD>nmap -sR 66.63.184.241
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 241.box203.quadra10c.serveex.com (66.63.184.241)
Host is up (0.24s latency).
Not shown: 988 filtered ports
PORT
Pure-FTPd
-fips mod_bwlimited/1.4)
110/tcp open pop3
Courier pop3d
.( RPC) ( -sR )
. (NFS) ( RPC)
. 80/443 ( Apache 2.2.23 ((Uinx)) )
~ ~
.
Timing Options
~ ~
).(nmap
.
.
) ( .
.
}-T{0-5
-ttl
TLL
--min-parallelism
-max-parallslism
--min-hostgroup
--max-hostgroup
--max-rtt-timeout
RTT
--initial-rtt-timeout
RTT
--max-retries
--host-timeout
--scan-delay
--max-scan-delay
--min-rate
--max-rate
--defeat-rst-ratelimit
~ ~
/ :
) (nmap / .
.
/ .
)/ (
)(
300s
5m
1h
)(nmap
: (--host-timeout) : ). (108
:
~ ~
:
) (-T ). (nmap
(nmap T4 XXX ) :
C:\Users\ABD>nmap -T4 192.168.10.1
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 192.168.10.1
Host is up (0.059s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 8.53 seconds
>C:\Users\ABD
) (.
6 5-0 ) ( ) (.
.
-T0
-T1
-T2
-T3
-T4
-T5
)(nmap
~ ~
) (--min-parallelism )(nmap .
PORT
) (nmap .
. .
: ) (--min-parallelism
.
~ ~
:
.(nmap) ( --max-paralelism)
STATE SERVICE
open http
.( nmap)( --max-parallelism 1)
.
~ ~
) (--min-hostgroup .
(nmap --min-hostgroup 30 XXX ) :
C:\Users\ABD>nmap --min-hostgroup 30 10.10.1.0/24
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Interesting ports on 10.10.1.1:
Not shown: 998 closed ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
)MAC Address: 00:06:B1:12:0D:14 (Sonicwall
Interesting ports on 10.10.1.2:
Not shown: 998 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
)MAC Address: 00:19:B9:A6:ED:D9 (Dell
) (nmap .
/.
) (--min-hostgroup ) (nmap .
~ ~
.( nmap) ( --max-hostgroup )
.( --max-hostgroup) ( --min-hostgroup)
.
~ ~
RTT
) (--initial-rtt-timeout ).(nmap
PORT
)) (-T3 (.
.
.
) (RTT .
.
~ ~
)(RTT
) (--max-rtt-timeout )) (RTT ( .
PORT
: .
) (400 ).(400ms
.
~ ~
) (--max-retries
).(nmap
PORT
) (nmap .
) (--max-retries .
.
.
) (--max-retries .
) (nmap .
~ ~
):(TTL
) (--ttl ) (TTL ) (.
PORT
) (TTL .
.
: ) (255
. .
~ ~
) (--host-timeout ) (nmap .
Nmap 1
.
.
) (--host-timeout ) (nmap .
.
) (nmap .
) (WAN .
: ) (nmap
.
) (nmap .
.
~ ~
)(--scan-delay ) (nmap / .
). (nmap
) (nmap .
)/(IDS ( .
/ ).(nmap
~ ~
) (--max-scan-delay ) (nmap .
PORT
) (nmap / .
) (--max-scan-delay / .
.
~ ~
) (--min-rate ) (nmap .
PORT
) (nmap .
.
.
) (nmap ).(nmap
.
:
.
~ ~
:
) (--max-rate ) (nmap .
PORT
) (nmap .
.
....
: ) (max-rate 0.1--
) (0.1 ) (nmap .
~ ~
) (--defeat-rst-ratelimit ).(RST
PORT
) (RST .
.
: ) (nmap
..
~ ~
~ ~
) (nmap .
) (nmap .
.
-f
--mtu
MTU
-D
-sl
--source-port
--date-length
--randomize-hosts
--spoof-mac
)(MAC
--badsum
~ ~
) (-f ) (8 .
(nmap f XXX ) :
C:\Users\ABD>nmap -f 10.10.1.48
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Nmap scan report for 10.10.1.48
Host is up (0.039s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 100.92 seconds
>C:\Users\ABD
) (-f ) (nmap 8 .
.
...
:
.
--send-eth f XXX :...
~ ~
) (MTU:
) (--mtu ).(MTU
PORT
: ) (MTU .
--mtu 8,12,14,16,18,20,22,24,26,28,..
: ) (ETH ) (MTU
.
~ ~
) (-D ) (nmap .
PORT
IP .
.
) (IP .
.
.
) (nmap -D RND:10 ) (nmap .
.
) (nmap D 192.168.1.1,192.168.100,192.168.1.2...
:
.
~ ~
/ :
) (-sI
.
.
10.10.1.41 / 10.10.1.252 .
IP ID .
/
: .
) .(nmap sI PN XXX
/ http://nmap.org/book/idlescan.html ..
~ ~
) (--source-port .
PORT
: ) (g- )(source-port--
~ ~
) (--data-length .
) (nmap .
.
.
.
~ ~
.( --randomize-hosts)
.( --randomize-hosts)
.
..
~ ~
)(MAC
) (--spoof-mac ) (MAC ).(MAC
) (MAC
/ :
) (MAC
)(0
) (MAC
)(MAC
) (
)(MAC
~ ~
) (--badsum / .
TCP/IP .
.
/ .
).(--badsum
:
.
~ ~
~ ~
~ ~
) (nmap .
XML ).(grepable
.
)) (ndiff .(
: ) (ndiff GREP
-oN
-oX
)(XML
-oG
)(grepable
-oA
--stats-every
-oS
)(133t
~ ~
(text)
(TEXT) ( -oN)
STATE SERVICE
.( scan.text)
C:\Users\ABD>nmap oN scan.text XXXXXXX
Starting Nmap 6.25 ( http://nmap.org ) at 2013-02-09 05:57 Pacific Standard Time
Nmap scan report for 241.XXXXX.XXXXXX0c.XXXXXx.com (XXXXXXX)
Host is up (0.16s latency).
Not shown: 988 filtered ports
PORT
STATE SERVICE
( --append-otuput) nmap :
(-oN)
(nmap oN append-output scan.text XXXX) :
~ ~
(XML)
.(XML) ( -oX)
STATE SERVICE
(XML)
( XML)
~ ~
(GREpable)
(GREpable) ( -oG)
STATE SERVICE
(GREpable)
(((( ))) GREP)
# Nmap 6.25 scan initiated Sat Feb 09 06:43:50 2013 as: nmap -oG scan.text XXXX
Host: XXXXXXX (241.XXXX.XXXXXXXcom)
Status: Up
(GREpabl)
.(scan.txet)
.
~ ~
.( text)(grepabl)(xml) ( -oA)
STATE SERVICE
scans.*
-rw-r--r-- 1 nick nick 284 2013-02-09 06:43 scans.gnmap
-rw-r--r-- 1 nick nick 307 2013-02-09 06:43 scans.nmap
-rw-r--r-- 1 nick nick 515 2013-02-09 06:43 scans.xml
Scans.gnmap
(GRPabl)
Scans.nmap
(text)
Scans.XML
(XML)
(nmap)
~ ~
.( --stats-every)
.
.(--stats-every)( nmap)
.( nmap)
. /
.(99 )/( h)( m)( s)
~ ~
133t
STATE SERVICE
(133t)
.( leet) ( )( )
.
.
Start1ng nmap 6.25 ( hTtp://nmaP.org ) at 2013-02-09 08:18 PaC!f!C $tandard TIme
nmap scan r3port fOr 241.XXXXXXXXXXXXXXXXX (XXXXXXXXXXX)
Ho$t Iz up (0.20z latEncy).
Not $H0wn: 988 FilTeR3d ports
PoRT
$tAT3 $ERVIC3
~ ~
~ ~
) (nmap .
.
) (nmap .
.
-h
-V
)(Nmap
-v
-d
--reason
--open
--backet-trace
--iflist
-e
~ ~
.( -h)
(nmap h ) :
C:\Users\ABD>nmap -h
Nmap 6.25 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num hosts>: Choose random targets
--exclude <host1[,host2][,host3],...>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sn: Ping Scan - disable port scan
-Pn: Treat all hosts as online -- skip host discovery
( nmap)
$ man nmap
( man nmap )
( man nmap) :
.Nmap
http://nmap.org/book/man.html
. :
http://nmap.org
~ ~
Nmap
)(-V .
(nmap V ) :
)(Nmap
) (Nmap .
) (Nmap .
)www.nmap.org (Nmap
.
)(up-to-date version ).(bug-free version
~ ~
.( -v)
(nmap v XXX ) :
C:\Users\ABD>nmap -v 66.63.184.241
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
Initiating Ping Scan at 12:18
Scanning 66.63.184.241 [4 ports]
Completed Ping Scan at 12:18, 0.19s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 12:18
Completed Parallel DNS resolution of 1 host. at 12:18, 0.03s elapsed
Initiating SYN Stealth Scan at 12:18
Scanning 241.box203.quadra10c.serveex.com (66.63.184.241) [1000 ports]
Discovered open port 21/tcp on 66.63.184.241
Discovered open port 993/tcp on 66.63.184.241
Discovered open port 443/tcp on 66.63.184.241
Discovered open port 143/tcp on 66.63.184.241
Discovered open port 110/tcp on 66.63.184.241
Discovered open port 995/tcp on 66.63.184.241
SYN Stealth Scan Timing: About 44.13% done; ETC: 12:19 (0:00:39 remaining)
Discovered open port 465/tcp on 66.63.184.241
Completed SYN Stealth Scan at 12:19, 51.64s elapsed (1000 total ports)
Nmap scan report for 241.box203.quadra10c.serveex.com (66.63.184.241)
Host is up (0.16s latency).
Not shown: 989 filtered ports
PORT
STATE SERVICE
( Nmap)
.
.( -vv)( -v) :
~ ~
.( -d)
(nmap)
.
.( -d)
.( -d) ( 9-1)
....( -d9) ( -d1)
~ ~
...( --reason)
syn-ack
syn-ack
reset
conn-refused
syn-ack
syn-ack
syn-ack
.
.
. SYN-ACK
.(reset),(conn-refused)
.( )
~ ~
.( nmap) ( --open)
STATE SERVICE
.( --open)
.
.
C:\Users\ABD>nmap XX.XXX.XXX
Starting Nmap 6.25 ( http://nmap.org ) at 2013-02-09 13:14 Pacific Standard Time
Nmap scan report for 241.XXXXXXXXXXXXXXXXXX.com (XXXX.XXX.)
Host is up (0.18s latency).
Not shown: 988 filtered ports
PORT
STATE SERVICE
~ ~
.( Nmap) ( --packet-trace)
.( --packet-trace)
.
(129 ):
.(nmap oN scan.text --packet-trace XXX ) :
~ ~
) (iflist .
(nmap iflist) :
C:\Users\ABD>nmap --iflist
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
************************************************INTERFACES
UP MTU MAC
down 1500 00:FF:
TYPE
ethernet
ethernet
FE:74:B3:A9
****************************************************ROUTES
lo0
255.255.255.255/32
eth1
192.168.1.100/32
eth1
255.255.255.255/32
eth1
192.168.1.0/24
lo0
127.0.0.0/8
lo0
224.0.0.0/4
eth0
224.0.0.0/4
eth1
224.0.0.0/4
eth1
0.0.0.0/0
.
..
) (ifconfig ) (.
) (IPCONFIG ).(netstat
.
~ ~
) (-e ).(Nmap
(nmap e eth0 ) :
.
.
) (Nmap )(-e
) (-e ) (Nmap ) (eth0 ...
~ ~
~ ~
Zenmap
~ ~
Zenmap
Zenmap Nmap .
Nmap
.
Zenmap GUI
~ ~
Zenmap
:
Zenmap Zenmap Zenmap GUI
:
Zenmap Nmap :
:
Debian/Ubuntu:
Emerge Zenmap
Gentoo
)(Zenmap GUI
~ ~
Zenmap
Zenmap .1,2,3
)(Zenmap GUI
: 1 ) (.
: 2 )( .
: 3 .
~ ~
Zenmap
.
) ( Zenmap .
)(Zenmap
: .
~ ~
) (Zenmap .
.
)(Zenmap
~ ~
). (Zenmap
) (profile ) CTRL+P (.
) (Zenmap .
.
.
.
~ ~
/ .
)(Ports/Hosts
)( ) ( )( )( ..
Zenmap
~ ~
Zenmap
) (Zenmap .
~ ~
) ( Zenmap .
)(Zenmap
) (Zenmap SVG,PDF,PNG
~ ~
) ( )(Host Details
) (Zenmap .
~ ~
)( ) (scans .
) (Zenmap
~ ~
)(Zenmap
) ( Zenmap .
XML ) .(130
.
~ ~
Znmeap
~ ~
) (Nmap )(NSE
~ ~
Nmap NSE
: ) / ( )(Script/Scripts
) (NSE ) (nmap .
).(nmap
.
.
).(Nmap
: ) (NSE ).(Lua
) (Lua .
) (Lua http://www.lua.org
: ) (NSE ) (.
.
NSE
.
}--script {script
}--script {script1,script2,
)( --script
) .( --script
}--script {trace
--script-updatedb
~ ~
. NSE ( --script)
STATE SERVICE
(NSE)
~ ~
( NSE)
. ( Nmap)
STATE SERVICE
| Statistics
|
SMTP
.SMTP )*(
.nmap --script script1,script2,script3:
. )*( :
"ftp*","smtp*","http*"
.(--script-args) ( Nmap) :
/http://nmap.org/nsedoc
~ ~
) (--script NSE /.
:
/
)(NSE
all
auth
default
Discovery
) (WHOIS
external
intrusive
Malware
safe
vuln
NSE
NSE .
.
: NSE
/http://nmap.org/nsedoc
~ ~
.( --script)
STATE SERVICE
~ ~
:
.(nmap --script malware , vuln {XXX} ) :
.
) (malware ).(vuln
NSE ) (default ) (safe .
.(nmap script "default and safe" {XXX} ) :
) (and .
) (or .
(nmap scaript "default or safe" {XXX} ) :
.
) (not .
. (nmap script "not intrusive" {XXX} ) :
.
~ ~
.( --script-trace)
.
.( trace)
.
.(nmap script default {XXXX} --script-trace >trace.txt ) :
.
~ ~
) (--script-updatedb .
.(nmap --script-updatedb) :
C:\Users\ABD>nmap script-updatedb
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
NSE: Updating rule database.
NSE script database updated successfully.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.38 seconds
Nmap .
./usr/share/nmap/scripts .
.C:\Program Files\Nmap\scripts.
.
).(--script-updatedb
~ ~
~ ~
Ndiff
~ ~
Ndiff :
Nmap .
) (Ndiff XML ) .(130
) (Ndiff GUI ) Zenmap .(159
Ndiff
)(Ndiff
-v
)(Ndiff
--xml
)(XML
~ ~
Ndiff
Ndiff ).(XML
-PORT
STATE SERVICE
+PORT
~ ~
)(Ndiff
) (-v Ndiff
-PORT
STATE SERVICE
+PORT
) (Ndiff
XML .
.
)) (Ndiff (173 .
.
~ ~
XML
XML Ndiff
.(Ndiff) XML
.
. :
.(Ndiff xml scan1.xml scan.2.xml >Ndiff.xml ) :
.
~ ~
~ ~
~ ~
).(Nmap
) (Nmap .
179
180
181
182
183
)(wireshark
184
Scanme.Insecure.org
185
Nmap
~ ~
) ( Nmap .
PORT
)(Nmap
. .
.
~ ~
.(nmap iteractive ) :
C:\Users\ABD>nmap --interactive
'nmap: unrecognized option `--interactive
) Nmap 6.25 ( http://nmap.org
}Usage: nmap [Scan Type(s)] [Options] {target specification
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num hosts>: Choose random targets
--exclude <host1[,host2][,host3],...>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
.
) (Nmap ).(Nmap
.
).(Nmap
) (5.00 .
).(--interactive
http://seclists.org/nmap-dev/2010/q1/1242
.
.
.
) .(181
~ ~
Nmap .
.
.
) (Nmap
.
).(Space
~ ~
Nmap )( Nmap .
.
/http://nmap.online-domain-tools.com
) (Nmap
: Nmap .
) (5 ) (IP
)(24 7 .
~ ~
Wireshark
Wireshark .
) ( . .
) (nmap .
.www.wireshark.org .
~ ~
Scanme.insecure.org
.
Nmap .
C:\Users\ABD>nmap -F scanme.insecure.org
Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-9 10:46 Pacific Standard Time
)Nmap scan report for scanme.insecure.org (74.207.244.221
Host is up (0.15s latency).
rDNS record for 74.207.244.221: scanme.nmap.org
Not shown: 96 filtered ports
STATE SERVICE
PORT
: Nmap
.
~ ~
Nmap
:(fyodor's)
http://nmap.org/book/man.html
:(Nmap)
http://nmap.org/book/install.html
:(Nmap)
/http://nmap.org/nsedoc
:(Zenmap)
http://nmap.org/book/zenmap.html
:(Nmap)
http://nmap.org/changelog.html
:(Nmap)
/http://seclists.org
:(Nmap)
/http://nmap.online-domain-tools.com
:(Nmap)
/http://sectools.org
:(Nmap)
http://www.nmap.org/fb
:(Nmap)
https://twitter.com/nmap
:(Nmap)
/http://nmapcookbook.blogspot.com
~ ~
~ ~
: 1
/http://nmapcookbook.blogspot.com
()
(IPv6)
nmap {XXX}
nmap {XXX1,XXX2,XXX3}
nmap iL {list.txt}
nmap ( (IP))
nmap {ip/255}
Nmap iR {number}
nmap {XXX} --exclude {XXX}
nmap {XXX} --excludefile {list.txt}
nmap A {XXX}
nmap -6 {XXX}
()
(Ping)
(ping)
TCP SYN Ping
TCP ACK Ping
UDP Ping
SCTP INIT Ping
ICMP Echo Ping
ICMP Ping
ICMP Ping
Ping (IP)
ARP Ping
DNS
DNS
DNS
DNS
nmap sP {XXX}
nmap PN {XXX}
nmap PS {XXX}
nmap PA {XXX}
nmap PU {XXX}
nmap PY {XXX}
nmap PE {XXX}
nmap PP {XXX}
nmap PM {XXX}
nmap PO {XXX}
nmap PR {XXX}
nmap traceroute {XXX}
nmap R {XXX}
nmap n {XXX}
nmap --system-dns {XXX}
nmap --dns-servers {XXX}
nmap sL {XXX}
TCP SYN
TCP
UDP
TCP NULL
TCP FIN
Xmas
TCP ACK
TCP
IP
(IP)
nmap sS {XXX}
nmap sT {XXX}
nmap sU {XXX}
nmap sN {XXX}
nmap sF {XXX}
nmap sX {XXX}
nmap sA {XXX}
nmap --scanflags {flags} {XXX}
nmap sO {XXX}
nmap --send-eth {XXX}
nmap send-ip {XXX}
~ ~
/
}nmap F {XXX
}nmap p { port{s} } {XXX
}nmap p { port name (s) } {XXX
}nmap sU sT p U:{ports} T:{ports} {XXX
}nmap p "*" {XXX
}nmap --top-ports {number} {XXX
}nmap r {XXX
}nmap O {XXX
/http://nmap.org/submit
}nmap O osscan-guess {XXX
}nmap sV {XXX
}nmap sV version-trace {XXX
TCP/IP
RPC
}nmap T {5-0} {XXX
}nmap --ttl {time} {XXX
}nmap --min-parallelism {number} {XXX
}nmap --max-parallelism {number} {XXX
}nmap --min-hostgroup {number} {XXX
}nmap max-hostgroup {number} {XXX
}nmap --initial-rtt-timeout {time} {XXX
}nmap --max-rtt {TTL} {XXX
}nmap --max-retries {number} {XXX
}nmap --host-timeout {time} {XXX
}nmap --scan-delay {time} {XXX
}nmap --max-scan-delay {time} {XXX
}nmap --min-rate {number} {XXX
}nmap --max-rate {number} {XXX
}nmap --defeat-rst-ratelimit {XXX
TTL
RTT
RTT
}nmap f {XXX
}nmap mtu {MTU} {XXX
}nmap D RND:{number} {XXX
}nmap sI {zombie} {XXX
}nmap --source-port {port} {XXX
}nmap --date-length {size} {XXX
}nmap --randomize-hosts {XXX
}nmap --spoof-mac {MAC} {XXX
}nmap --badsum {XXX
MTU
/
MAC
~ ~
XML
Grepable
133t
Nmap
nmap -h
nmap -V
nmap -v {XXX}
nmap -d {XXX}
nmap --reason {XXX}
nmap --open {XXX}
nmap --packet-trace {XXX}
nmap --iflist
nmap -e {eth0} {XXX}
Nmap /
Ndiff
Ndiff
XML
~ ~
~ ~
: 2 / Nmap
: open/
/ .
: closed/
/ .
..
: filtred/
Nmap .
: unfiltered/
Nmap .
: open/filtered/
Nmap .
: closed /filtered/
Nmap .
~ ~
~ ~
: 3 CIDR
CIDR
/0
/1
/2
/3
/4
/5
/6
/7
/8
/9
/10
/11
/12
/13
/14
/15
/16
/17
/18
/19
/20
/21
/22
/23
/24
/25
/26
/27
/28
/29
/30
/31
/32
000.000.000.000
128.000.000.000
192.000.000.000
224.000.000.000
240.000.000.000
248.000.000.000
252.000.000.000
254.000.000.000
255.000.000.000
255.128.000.000
255.192.000.000
255.224.000.000
255.240.000.000
255.248.000.000
255.252.000.000
255.254.000.000
255.255.000.000
255.255.128.000
255.255.192.000
255.255.224.000
255.255.240.000
255.255.248.000
255.255.252.000
255.255.254.000
255.255.255.000
255.255.255.128
255.255.255.192
255.255.255.224
255.255.255.240
255.255.255.248
255.255.255.252
255.255.255.254
255.255.255.255
~ ~
~ ~
TCP/IP : 4
20
21
22
23
25
42
53
67
68
69
80
110
119
123
135
137
138
139
143
161
162
389
443
445
636
873
993
995
1433
3306
3389
5800
5900
TCP
TCP
TCP:UDP
TCP
TCP
TCP:UDP
TCP:UDP
UDP
UDP
UDP
TCP:UDP
TCP
TCP
UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP:UDP
TCP
TCP:UDP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
FTP Data
FTP Control
secure shell {SSH}
Telnet
{SMTP}
Windows Internet Name Service {WINS}
Domain Name system {DNS}
DHCP server
DHCP Client
Trivial File Transfer Protocol {TFTP}
Hypertext Transfer Protocol {HTTP}
Post office Protocol 3 {POP3}
Network News Transfer {NTTP}
Network time Protocol {NTP}
Microsoft RPC
NetBIOS Service
NetBIOS Datagram service
NetBIOS Session Service
Internet massage Access Protocol {IMAP}
Simple Network Management Protocol {SNMP}
Simple Network Management Protocol {SNMP} Trap
~ ~
). (HECR.SYRIA
: } {
.
: )(HECR.SYRIA
" "
www.arhack.net
~ ~
~ ~