Nmap 7 10 0 0 0
Author: c | 2025-04-24
LIGHT_PARAM airplane_beacon_rotate 0. 0. 7. 1 0 LIGHT_PARAM airplane_beacon_rotate_sp 0. 0. 7. 1 0 10 10 Middle
0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 7 6 0 0 0 0 0 0 0 0 0 0 6 3 0 0
Posted Mon April 01, 2019 06:58 PM Originally posted by: KiloBravo The 2:7.60-3 build of nmap in the AIX ToolKit has version-specific dependencies it is not checking for and fails to operate until they are manually satisfied: /* Original Functioning Environment: */ nmap.ppc 2:7.60-1 lua.ppc 5.3.3-1 pcre.ppc 8.33-1 # yum install ncat nmap nping Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package ncat.ppc 2:7.60-3 will be installed --> Processing Dependency: libpcap >= 1.9.0-1 for package: 2:ncat-7.60-3.ppc ---> Package nmap.ppc 2:7.60-1 will be updated ---> Package nmap.ppc 2:7.60-3 will be an update ---> Package nping.ppc 2:0.7.60-3 will be installed --> Running transaction check ---> Package libpcap.ppc 0:1.8.1-1 will be updated ---> Package libpcap.ppc 0:1.9.0-1 will be an update --> Processing Dependency: dbus >= 1.11.12-1 for package: libpcap-1.9.0-1.ppc --> Processing Dependency: libdbus-1.a(libdbus-1.so.3) for package: libpcap-1.9.0-1.ppc --> Running transaction check ---> Package dbus.ppc 0:1.12.10-1 will be installed --> Processing Dependency: expat >= 2.2.4 for package: dbus-1.12.10-1.ppc --> Running transaction check ---> Package expat.ppc 0:2.2.0-1 will be updated ---> Package expat.ppc 0:2.2.4-1 will be an update --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================================================== Package Arch Version Repository Size ==================================================================================================================================== Installing: ncat ppc 2:7.60-3 PHS_AIX_Toolbox 343 k nping ppc 2:0.7.60-3 PHS_AIX_Toolbox 505 k Updating: nmap ppc 2:7.60-3 PHS_AIX_Toolbox 6.8 M Installing for dependencies: dbus ppc 1.12.10-1 PHS_AIX_Toolbox 2.0 M Updating for dependencies: expat ppc 2.2.4-1 PHS_AIX_Toolbox 511 k libpcap ppc 1.9.0-1 PHS_AIX_Toolbox 904 k Transaction Summary ==================================================================================================================================== Install 3 Packages Upgrade 3 Packages Total download size: 11 M Is this ok [y/N]: y Downloading Packages: (1/6): dbus-1.12.10-1.aix6.1.ppc.rpm | 2.0 MB 00:00:00 (2/6): expat-2.2.4-1.aix6.1.ppc.rpm | 511 kB 00:00:00 (3/6): libpcap-1.9.0-1.aix6.1.ppc.rpm | 904 kB 00:00:00 (4/6): ncat-7.60-3.aix6.1.ppc.rpm | 343 kB 00:00:00 (5/6): nmap-7.60-3.aix6.1.ppc.rpm | 6.8 MB 00:00:00 (6/6): nping-0.7.60-3.aix6.1.ppc.rpm | 505 kB 00:00:00 ------------------------------------------------------------------------------------------------------------------------------------ Total 9.7 MB/s | 11 MB 00:01 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Updating : expat-2.2.4-1.ppc 1/9 Installing : dbus-1.12.10-1.ppc 2/9 Updating : libpcap-1.9.0-1.ppc 3/9 Updating : 2:nmap-7.60-3.ppc 4/9 Installing : 2:nping-0.7.60-3.ppc 5/9 Installing : 2:ncat-7.60-3.ppc 6/9 Cleanup : 2:nmap-7.60-1.ppc 7/9 Cleanup : libpcap-1.8.1-1.ppc 8/9 Cleanup : expat-2.2.0-1.ppc 9/9 Installed: ncat.ppc 2:7.60-3 nping.ppc 2:0.7.60-3 Dependency Installed: dbus.ppc 0:1.12.10-1 Updated: nmap.ppc 2:7.60-3 Dependency Updated: expat.ppc 0:2.2.4-1 libpcap.ppc 0:1.9.0-1 Complete! # nmap -sS -O -vv -A --script vuln target exec(): 0509-036 Cannot load program nmap because of the following errors: 0509-150 Dependent module /opt/freeware/lib/liblua.a(liblua-5.3.so) could not be loaded. 0509-152 Member liblua-5.3.so is not found in archive
SILKYPIX Developer Studio Pro 7 0 0 0 0 0 0 0 0 0 0 0
1 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedNSE: Starting runlevel 2 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedNSE: Starting runlevel 3 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedRead data files from: /usr/bin/../share/nmapOS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 25.09 seconds Raw packets sent: 65 (4.396KB) | Rcvd: 41 (3.068KB) 考察Nmapの場合、全ポートに対してオプションで指定した動作を試みるので時間がかかるRustScanは全ポートをスキャンしてから、空いているポートに対してnmapで指定したオプションを試みるので時間が短縮される全ポートスキャンする場合、RustScanを使ったほうが早い最後にRustScanはOSCPで禁止されてなく普通に使われているツールと思われるので、これからもRustScanを使いこなしていこうと思います追記Nmapの検証で、高速オプション「-T4」を使用してなかったので再度Nmapの時間を計測1016.57秒(約17分)作業ログ└─# nmap -p- -T4 -sV -A -oN nmap.txt 10.10.216.174Starting Nmap 7.92 ( ) at 2021-11-30 23:21 UTCTraceroute Timing: About 32.26% done; ETC: 23:38 (0:00:00 remaining)Nmap scan report for 10.10.216.174Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE VERSION80/tcp open http Apache httpd 2.4.18 ((Ubuntu))|_http-title: Apache2 Ubuntu Default Page: It works|_http-server-header: Apache/2.4.18 (Ubuntu)6379/tcp open redis Redis key-value store 6.0.7No exact OS matches for host (If you know what OS is running on it, see ).TCP/IP fingerprint:OS:SCAN(V=7.92%E=4%D=11/30%OT=80%CT=1%CU=33336%PV=Y%DS=4%DC=T%G=Y%TM=61A6B5OS:F4%P=x86_64-pc-linux-gnu)SEQ(SP=103%GCD=1%ISR=10B%TI=Z%CI=I%II=I%TS=8)SEOS:Q(SP=103%GCD=1%ISR=10B%TI=Z%II=I%TS=8)OPS(O1=M506ST11NW7%O2=M506ST11NW7%OS:O3=M506NNT11NW7%O4=M506ST11NW7%O5=M506ST11NW7%O6=M506ST11)WIN(W1=68DF%W2OS:=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)ECN(R=Y%DF=Y%T=40%W=6903%O=M506NNSOS:NW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%OS:DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%OS:O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%OS:W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%OS:RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)Network Distance: 4 hopsTRACEROUTE (using port 587/tcp)HOP RTT ADDRESS1 113.49 ms 10.13.0.12 ... 34 254.71 ms 10.10.216.174OS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 1016.57 seconds15Go to list of users who liked6Register as a new user and use Qiita more convenientlyYou get articles that match your needsYou can efficiently read back useful informationYou can use dark themeWhat you can do with signing up15Go to list of users who liked6Deleted articles cannot be recovered.Draft of this article would be also deleted.Are you sure you want to delete this article?Portable XAMPP -0 / -0 / -0 / -0 / 7
# yum install lua Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package lua.ppc 0:5.3.3-1 will be updated ---> Package lua.ppc 0:5.3.4-2 will be an update --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================================================== Package Arch Version Repository Size ==================================================================================================================================== Updating: lua ppc 5.3.4-2 PHS_AIX_Toolbox 1.7 M Transaction Summary ==================================================================================================================================== Upgrade 1 Package Total download size: 1.7 M Is this ok [y/N]: y Downloading Packages: lua-5.3.4-2.aix6.1.ppc.rpm | 1.7 MB 00:00:00 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Updating : lua-5.3.4-2.ppc 1/2 Cleanup : lua-5.3.3-1.ppc 2/2 Updated: lua.ppc 0:5.3.4-2 Complete! # nmap -sS -O -vv -A --script vuln target exec(): 0509-036 Cannot load program nmap_64 because of the following errors: rtld: 0712-001 Symbol _GLOBAL__AIXI_libpcre_so was referenced from module nmap_64(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol _GLOBAL__AIXD_libpcre_so was referenced from module nmap_64(), but a runtime definition of the symbol was not found. rtld: 0712-002 fatal error: exiting. # yum install pcre Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package pcre.ppc 0:8.33-1 will be updated ---> Package pcre.ppc 0:8.42-1 will be an update --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================================================== Package Arch Version Repository Size ==================================================================================================================================== Updating: pcre ppc 8.42-1 PHS_AIX_Toolbox 716 k Transaction Summary ==================================================================================================================================== Upgrade 1 Package Total download size: 716 k Is this ok [y/N]: y Downloading Packages: pcre-8.42-1.aix6.1.ppc.rpm | 716 kB 00:00:00 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Updating : pcre-8.42-1.ppc 1/2 Cleanup : pcre-8.33-1.ppc 2/2 Updated: pcre.ppc 0:8.42-1 Complete! # nmap -sS -O -vv -A --script vuln ux9044 ...functional output.... LIGHT_PARAM airplane_beacon_rotate 0. 0. 7. 1 0 LIGHT_PARAM airplane_beacon_rotate_sp 0. 0. 7. 1 0 10 10 MiddleSiSoftware Sandra : 0 0 0 0 0 0 0 0
IntroductionThis document describes the TCP and UDP ports that Cisco CGR2010 platform uses for applications and intranetwork communications.Default PortsCisco CGR2010 has these ports enabled by default :Router#show control-plane host open-portsActive internet connections (servers and established)Prot Local Address Foreign Address Service State tcp *:23 *:0 Telnet LISTENRouter#In case that SSH is enabled in the router, port 22 is open in the CGR 2010:Router#show control-plane host open-portsActive internet connections (servers and established)Prot Local Address Foreign Address Service State tcp *:22 *:0 SSH-Server LISTEN tcp *:23 *:0 Telnet LISTENUse Nmap to verify the ports that are enabled in the router.C:\Program Files (x86)\Nmap>nmap -sS -p1-10000 10.31.126.137Starting Nmap 7.70 ( ) at 2018-12-06 20:05 Central Standard Time (Mexico)Nmap scan report for 10.31.126.137Host is up (0.0054s latency).Not shown: 9998 closed portsPORT STATE SERVICE22/tcp open ssh23/tcp open telnetNmap done: 1 IP address (1 host up) scanned in 14.23 secondsC:\Program Files (x86)\Nmap>When a switch module is installed on the CGR2010, the router opens the ports 2003, 4003, 6003 and 9003. Take a look at the Table.C:\Program Files (x86)\Nmap>nmap -sS -p1-10000 10.31.126.137Starting Nmap 7.70 ( ) at 2018-12-06 20:22 Central Standard Time (Mexico)Nmap scan report for 10.31.126.137Host is up (0.0067s latency).Not shown: 9994 closed portsPORT STATE SERVICE22/tcp open ssh23/tcp open telnet2003/tcp open finger4003/tcp open pxc-splr-ft6003/tcp open X11:39003/tcp open unknownNmap done: 1 IP address (1 host up) scanned in 12.54 secondsC:\Program Files (x86)\Nmap>Table of Reverse Port ServicesService Name Reserved Port RangeNormal Telnet2000-2xxxRaw TCP4000-4xxxTelnet Binary Mode6000-6xxxReverse Xremote9000-9xxxThis behavior is addressed in these CDETS:SILKYPIX Developer Studio Pro 6 0 0 0 0 0 0 0 0 0 0 0
15Go to list of users who liked6Deleted articles cannot be recovered.Draft of this article would be also deleted.Are you sure you want to delete this article?More than 3 years have passed since last update.RustScanというポートスキャンが高速でできるツールを見つけたので検証してみました。リポジトリRustScan@GitHubインストールKali Linuxのインストールコマンドwget -i rustscan_2.0.1_amd64.deb検証環境ローカルはVirtual BoxのKali linuxスキャン対象はTryHackMe - Resで提供されているサーバ、ポート80と6379が空いている検証①:Nmap検証内容Nmapコマンドで以下のオプションを指定して実行時間を計測オプション説明-p-全ポート指定(デフォルトは1-1024)-sVバージョン検出-AOS検出-oNファイル出力(output Normal)検証結果1621.94秒(約27分)実行ログ└─# nmap -p- -sV -A -oN nmap.txt 10.10.216.174 Starting Nmap 7.92 ( ) at 2021-11-30 22:52 UTCStats: 0:24:29 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth ScanNmap scan report for 10.10.216.174Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE VERSION80/tcp open http Apache httpd 2.4.18 ((Ubuntu))|_http-title: Apache2 Ubuntu Default Page: It works|_http-server-header: Apache/2.4.18 (Ubuntu)6379/tcp open redis Redis key-value store 6.0.7No exact OS matches for host (If you know what OS is running on it, see ).TCP/IP fingerprint:OS:SCAN(V=7.92%E=4%D=11/30%OT=80%CT=1%CU=41258%PV=Y%DS=4%DC=T%G=Y%TM=61A6B1OS:70%P=x86_64-pc-linux-gnu)SEQ(SP=102%GCD=1%ISR=109%TI=Z%CI=I%II=I%TS=8)OPOS:S(O1=M506ST11NW7%O2=M506ST11NW7%O3=M506NNT11NW7%O4=M506ST11NW7%O5=M506STOS:11NW7%O6=M506ST11)WIN(W1=68DF%W2=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)ECOS:N(R=Y%DF=Y%T=40%W=6903%O=M506NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(OS:R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%OS:F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=NOS:%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%COS:D=S)Network Distance: 4 hopsTRACEROUTE (using port 443/tcp)HOP RTT ADDRESS1 115.52 ms 10.13.0.12 ... 34 252.41 ms 10.10.216.174OS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 1621.94 seconds検証②:RustScan検証内容RustScanで同じオプションを指定して実行時間を計測検証結果ポートスキャン:3秒バージョン検出スキャン:25秒実行ログ└─# rustscan -a 10.10.216.174 --ulimit 5000 -- -sV -A -oN rustscan.txt.----. .-. .-. .----..---. .----. .---. .--. .-. .-.| {} }| { } |{ {__ {_ _}{ {__ / ___} / {} \ | `| || .-. \| {_} |.-._} } | | .-._} }\ }/ /\ \| |\ |`-' `-'`-----'`----' `-' `----' `---' `-' `-'`-' `-'The Modern Day Port Scanner.________________________________________: :: : --------------------------------------🌍HACK THE PLANET🌍[~] The config file is expected to be at "/root/.rustscan.toml"[~] Automatically increasing ulimit value to 5000.Open 10.10.216.174:80Open 10.10.216.174:6379[~] Starting Script(s)[>] Script to be run Some("nmap -vvv -p {{port}} {{ip}}")[~] Starting Nmap 7.92 ( ) at 2021-11-30 22:50 UTCNSE: Loaded 155 scripts for scanning.NSE: Script Pre-scanning.NSE: Starting runlevel 1 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedNSE: Starting runlevel 2 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedNSE: Starting runlevel 3 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedInitiating Ping Scan at 22:50Scanning 10.10.216.174 [4 ports]Completed Ping Scan at 22:50, 0.37s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 22:50Completed Parallel DNS resolution of 1 host. at 22:50, 0.01s elapsedDNS resolution of 1XAMPP -0 / -0 / -0 / -0 / -0
I just freshly installed nmap 7.80 and its bundled npcap 0.9982 from the Windows installer downloaded on the official page, but whenever i try to run any kind of nmap scan, it ends up with errordnet: Failed to open device eth0QUITTING!Output of my nmap -iflist:lo0 eth0 eth0 eth0 eth0 **************************ROUTES**************************DST/MASK DEV METRIC GATEWAY255.255.255.255/32 lo0 281169.254.207.22/32 lo0 281169.254.255.255/32 lo0 281192.168.123.158/32 eth0 291255.255.255.255/32 eth0 291192.168.123.255/32 eth0 291127.255.255.255/32 lo0 331127.0.0.1/32 lo0 331255.255.255.255/32 eth0 331192.168.123.0/24 eth0 291169.254.0.0/16 lo0 281127.0.0.0/8 lo0 331224.0.0.0/4 lo0 281224.0.0.0/4 eth0 291224.0.0.0/4 eth0 3310.0.0.0/0 eth0 35 192.168.123.1fe80::2043:6173:1163:cf16/128 lo0 2812a0b:e181:600:900:c105:6040:55bc:b6e1/128 eth0 291fe80::b105:bf3f:d639:691b/128 eth0 2912a0b:e181:600:900:b105:bf3f:d639:691b/128 eth0 291::1/128 lo0 331fe80::/64 lo0 281fe80::/64 eth0 2912a0b:e181:600:900::/64 eth0 4131ff00::/8 lo0 281ff00::/8 eth0 291ff00::/8 eth0 331::/0 eth0 4131 fe80::5ee2:8cff:fe9e:fc0c">************************INTERFACES************************DEV (SHORT) IP/MASK TYPE UP MTU MAClo0 (lo0) ::1/128 loopback up 1500lo0 (lo0) 127.0.0.1/8 loopback up 1500eth0 (eth0) 2a0b:e181:600:900:b105:bf3f:d639:691b/64 ethernet up 1500 B8:85:84:C0:7A:97eth0 (eth0) 2a0b:e181:600:900:c105:6040:55bc:b6e1/128 ethernet up 1500 B8:85:84:C0:7A:97eth0 (eth0) fe80::b105:bf3f:d639:691b/64 ethernet up 1500 B8:85:84:C0:7A:97eth0 (eth0) 192.168.123.158/24 ethernet up 1500 B8:85:84:C0:7A:97DEV WINDEVICElo0 lo0 eth0 eth0 eth0 eth0 **************************ROUTES**************************DST/MASK DEV METRIC GATEWAY255.255.255.255/32 lo0 281169.254.207.22/32 lo0 281169.254.255.255/32 lo0 281192.168.123.158/32 eth0 291255.255.255.255/32 eth0 291192.168.123.255/32 eth0 291127.255.255.255/32 lo0 331127.0.0.1/32 lo0 331255.255.255.255/32 eth0 331192.168.123.0/24 eth0 291169.254.0.0/16 lo0 281127.0.0.0/8 lo0 331224.0.0.0/4 lo0 281224.0.0.0/4 eth0 291224.0.0.0/4 eth0 3310.0.0.0/0 eth0 35 192.168.123.1fe80::2043:6173:1163:cf16/128 lo0 2812a0b:e181:600:900:c105:6040:55bc:b6e1/128 eth0 291fe80::b105:bf3f:d639:691b/128 eth0 2912a0b:e181:600:900:b105:bf3f:d639:691b/128 eth0 291::1/128 lo0 331fe80::/64 lo0 281fe80::/64 eth0 2912a0b:e181:600:900::/64 eth0 4131ff00::/8 lo0 281ff00::/8 eth0 291ff00::/8 eth0 331::/0 eth0 4131 fe80::5ee2:8cff:fe9e:fc0cTried running command prompt in admin mode, tried reinstalling nmap, tried upgrading to npcap 0.9983, tried rebooting.0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 7 6 0 0 0 0 0 0 0 0 0 0 6 3 0 0
HomevncviewerVNCViewer Unable To Connect To Host No Route To Host (113)Error Message:# vncviewer 10.154.0.160 VNC Viewer Free Edition 4.1.2 for X - built Jul 27 2010 10:24:13 Copyright (C) 2002-2005 RealVNC Ltd. See for information on VNC. Fri May 4 17:23:26 2012 main: unable to connect to host: No route to host (113) ormain: unable to connect to host: Connection refused (111) FROM REMOTE SYSTEM Level 1)Check whether vncserver is running with specified port.# netstat -ap | grep vn tcp 0 0 *:vnc-server *:* LISTEN 5324/vino-server Level 2)if it is running check whether these port is opening on localhost and also to the remote host.# nmap localhostLevel 3)Also to the remote host ip.# nmap If you find any difference between these port.Then we have to check with iptables and selinux.Level 4)Kill gnome-screensaver1)if gnome-screensaver is running on server then we can't take remote vncviewer connectivity. kill gnome-scrensaver then we can take the remote connectivity. Level 5)If any of the user is not login in X window in tty login then also we will get that error message.So confirm X window is created in any of the tty login.Default tty1.# w | grep tty root tty1 :0 12:38 3:03m 3.34s 3.34s /usr/bin/Xorg :. LIGHT_PARAM airplane_beacon_rotate 0. 0. 7. 1 0 LIGHT_PARAM airplane_beacon_rotate_sp 0. 0. 7. 1 0 10 10 Middle
SILKYPIX Developer Studio Pro 7 0 0 0 0 0 0 0 0 0 0 0
From 0 to 9. The higher the intensity, the more probes sent to the targeted host. The NMAP default is 7. Running the following command finds only common ports on the host:nmap 192.168.1.100 -sU -sV –version-intensity 0Why Would You Do a UDP Scan with NMAP?Administrators have several reasons for performing a UDP scan using NMAP. It could be to simply audit the network for open unnecessary ports. For cybersecurity reasons, unnecessary services should be disabled, and an NMAP scan tells administrators which machines are running services that can be shut down.Another reason for a UDP scan is to find vulnerabilities on the network. If an attacker can install malware on the network, a compromised host could be running a malicious service on a UDP port. Using the NMAP scan, an administrator would find the open port and perform additional scans and analysis on the host. NMAP could also be used to discover hosts on the network. Shadow IT is the term given to unauthorized devices installed on the network. An administrator could find the unauthorized device and find out who owns it and how it was installed on the environment.ConclusionFor any administrator responsible for network security, the NMAP tool is a great auditing and vulnerability scanner. NMAP can discover machines, operating systems, and services that should not run on the environment. Discovery of unauthorized devices and open ports is essential in securing hosts and protecting corporate data. Port scanning is just one facet of the type of monitoring that you will need to do to keep your data center safe. Power your security analytics with performant, scalable, and simple data infrastructure solutions by Pure Storage.Portable XAMPP -0 / -0 / -0 / -0 / 7
Vulnerable ApplicationX11 (X Window System) is a graphical windowing system most common on unix/linux, although implementations may be found in windowswith software such as Hummingbird Exceed X Server. The service can accept connections from any users when misconfiguredwhich is done with the command xhost +.Ubuntu 10.04sudo nano /etc/gdm/gdm.schemasFind: security/DisallowTCP b true"> security/DisallowTCP b trueChange true to falselogout or rebootVerification: sudo netstat -antp | grep 6000tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 1806/XNow, to verify you allow ANYONE to get on X11, type: xhost +Ubuntu 12.04, 14.04sudo nano /etc/lightdm/lightdm.confUnder the [SeatDefaults] area, add:xserver-allow-tcp=trueallow-guest=truelogout or rebootVerification: sudo netstat -antp | grep 6000tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 1806/XNow, to verify you allow ANYONE to get on X11, type: xhost +Ubuntu 16.04Use the Ubuntu 12.04 instructions, however change SeatDefaults to Seat:*Fedora 15vi /etc/gdm/custom.confUnder the [security] area, add:logout/rebootNow, to verify you allow ANYONE to get on X11, type: xhost +Solaris 10svccfg -s svc:/application/x11/x11-server setprop options/tcp_listen = truesvc disable cde-loginsvc enable cde-loginxhost +Verification StepsInstall and configure X11Start msfconsoleDo: use auxiliary/scanner/x11/open_x11Do: set rhosts [IPs]Do: runScenariosA run against Ubuntu 14.04 (192.168.2.75), Ubuntu 16.04 (192.168.2.26), and Solaris 10 (192.168.2.32) use auxiliary/scanner/x11/open_x11 msf auxiliary(open_x11) > set rhosts 192.168.2.75 192.168.2.26 rhosts => 192.168.2.75 192.168.2.26 msf auxiliary(open_x11) > run [+] 192.168.2.75:6000 - 192.168.2.75 Open X Server (The X.Org Foundation) [*] Scanned 1 of 3 hosts (33% complete) [+] 192.168.2.26:6000 - 192.168.2.26 Open X Server (The X.Org Foundation) [*] Scanned 2 of 3 hosts (66% complete) [+] 192.168.2.32:6000 - 192.168.2.32 Open X Server (Sun Microsystems, Inc.) [*] Auxiliary module execution completed"> msf > use auxiliary/scanner/x11/open_x11 msf auxiliary(open_x11) > set rhosts 192.168.2.75 192.168.2.26 rhosts => 192.168.2.75 192.168.2.26 msf auxiliary(open_x11) > run [+] 192.168.2.75:6000 - 192.168.2.75 Open X Server (The X.Org Foundation) [*] Scanned 1 of 3 hosts (33% complete) [+] 192.168.2.26:6000 - 192.168.2.26 Open X Server (The X.Org Foundation) [*] Scanned 2 of 3 hosts (66% complete) [+] 192.168.2.32:6000 - 192.168.2.32 Open X Server (Sun Microsystems, Inc.) [*] Auxiliary module execution completedConfirmingThe following are other industry tools which can also be used.nmap# nmap -p 6000 --script=x11-access 192.168.2.26,75Starting Nmap 7.40 ( ) at 2017-04-23 13:15 EDTNmap scan report for ubuntu-desktop-16 (192.168.2.26)Host is up (0.0021s latency).PORT STATE SERVICE6000/tcp open X11|_x11-access: X server access is grantedMAC Address: 00:0C:29:60:27:F9 (VMware)Nmap scan report for ubuntu-desktop-14 (192.168.2.75)Host is up (0.0021s latency).PORT STATE SERVICE6000/tcp open X11|_x11-access: X server access is grantedMAC Address: 00:0C:29:0E:C4:6E (VMware)xdpyinfoThis is one of the standard linux tools to get info on an X display.# xdpyinfo -display 192.168.2.75:0 | head -n 5name of display: 192.168.2.75:0version number: 11.0vendor string: The X.Org Foundationvendor release number: 11803000X.Org version: 1.18.3ExploitationExploiting this mis-configuration has several methods. The target can have their display viewed, keystrokes logged, and potential keyboard typed.KeyloggingTo keylog the remote host, we use a tool called xspyxspy -display [ip]:0Screen MonitoringEntire DisplayIt. LIGHT_PARAM airplane_beacon_rotate 0. 0. 7. 1 0 LIGHT_PARAM airplane_beacon_rotate_sp 0. 0. 7. 1 0 10 10 MiddleSiSoftware Sandra : 0 0 0 0 0 0 0 0
Describe the bugWhen running nmap with the -sT parameter, the scan never completes. Keeps just saying 0.00% done. Have let it run for more than an hour.To ReproduceRun nmap with -sT parameter. Runs fine when the parameter is removedExpected behaviorI expect it to run within a few seconds. The same command worked perfectly in 7.93.Version info (please complete the following information):OS: Windows server 2012Output of nmap --version:Nmap version 7.94 ( )Platform: i686-pc-windows-windowsCompiled with: nmap-liblua-5.4.4 openssl-3.0.8 nmap-libssh2-1.10.0 nmap-libz-1.2.13 nmap-libpcre-7.6 Npcap-1.75 nmap-libdnet-1.12 ipv6Compiled without:Available nsock engines: iocp poll selectOutput of nmap --iflistStarting Nmap 7.94 ( ) at 2023-06-23 16:31 Central Daylight TimeINTERFACESDEV (SHORT) IP/MASK TYPE UP MTU MACeth0 (eth0) fe80::5b7f:b21:7155:7e30/64 ethernet down 1500 3C:EC:EF:B2:54:42eth1 (eth1) fe80::7561:3224:ade4:5230/64 ethernet up 1500 AC:1F:6B:87:66:D3eth1 (eth1) 10.2.1.52/24 ethernet up 1500 AC:1F:6B:87:66:D3lo0 (lo0) ::1/128 loopback up -1lo0 (lo0) 127.0.0.1/8 loopback up -1DEV WINDEVICEeth0 \Device\NPF_{6BCFDEC4-A31F-4CE4-82B1-56C4B1C2F3D5}eth1 \Device\NPF_{E645965B-E8A9-46EF-BE19-82BAB3D8EBC7}eth1 \Device\NPF_{E645965B-E8A9-46EF-BE19-82BAB3D8EBC7}lo0 \Device\NPF_Loopbacklo0 \Device\NPF_Loopback \Device\NPF_{984DE894-CEB8-4667-A0A9-02CD6637677A} \Device\NPF_{9E8736B7-6794-496A-98B2-1F20B959622A} \Device\NPF_{09D6E3C2-A2FB-44A4-A46B-F3F614AF90BE}ROUTESDST/MASK DEV METRIC GATEWAY255.255.255.255/32 eth1 261255.255.255.255/32 eth1 28110.2.1.52/32 eth1 28110.2.1.255/32 eth1 281127.255.255.255/32 lo0 331127.0.0.1/32 lo0 331255.255.255.255/32 lo0 33110.2.1.0/24 eth1 281127.0.0.0/8 lo0 331224.0.0.0/4 eth1 261224.0.0.0/4 eth1 281224.0.0.0/4 lo0 3310.0.0.0/0 eth1 281 10.2.1.31fe80::5b7f:b21:7155:7e30/128 eth0 261fe80::7561:3224:ade4:5230/128 eth1 281::1/128 lo0 331fe80::/64 eth0 261fe80::/64 eth1 281ff00::/8 eth0 261ff00::/8 eth1 281ff00::/8 lo0 331Additional contextNoneComments
Posted Mon April 01, 2019 06:58 PM Originally posted by: KiloBravo The 2:7.60-3 build of nmap in the AIX ToolKit has version-specific dependencies it is not checking for and fails to operate until they are manually satisfied: /* Original Functioning Environment: */ nmap.ppc 2:7.60-1 lua.ppc 5.3.3-1 pcre.ppc 8.33-1 # yum install ncat nmap nping Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package ncat.ppc 2:7.60-3 will be installed --> Processing Dependency: libpcap >= 1.9.0-1 for package: 2:ncat-7.60-3.ppc ---> Package nmap.ppc 2:7.60-1 will be updated ---> Package nmap.ppc 2:7.60-3 will be an update ---> Package nping.ppc 2:0.7.60-3 will be installed --> Running transaction check ---> Package libpcap.ppc 0:1.8.1-1 will be updated ---> Package libpcap.ppc 0:1.9.0-1 will be an update --> Processing Dependency: dbus >= 1.11.12-1 for package: libpcap-1.9.0-1.ppc --> Processing Dependency: libdbus-1.a(libdbus-1.so.3) for package: libpcap-1.9.0-1.ppc --> Running transaction check ---> Package dbus.ppc 0:1.12.10-1 will be installed --> Processing Dependency: expat >= 2.2.4 for package: dbus-1.12.10-1.ppc --> Running transaction check ---> Package expat.ppc 0:2.2.0-1 will be updated ---> Package expat.ppc 0:2.2.4-1 will be an update --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================================================== Package Arch Version Repository Size ==================================================================================================================================== Installing: ncat ppc 2:7.60-3 PHS_AIX_Toolbox 343 k nping ppc 2:0.7.60-3 PHS_AIX_Toolbox 505 k Updating: nmap ppc 2:7.60-3 PHS_AIX_Toolbox 6.8 M Installing for dependencies: dbus ppc 1.12.10-1 PHS_AIX_Toolbox 2.0 M Updating for dependencies: expat ppc 2.2.4-1 PHS_AIX_Toolbox 511 k libpcap ppc 1.9.0-1 PHS_AIX_Toolbox 904 k Transaction Summary ==================================================================================================================================== Install 3 Packages Upgrade 3 Packages Total download size: 11 M Is this ok [y/N]: y Downloading Packages: (1/6): dbus-1.12.10-1.aix6.1.ppc.rpm | 2.0 MB 00:00:00 (2/6): expat-2.2.4-1.aix6.1.ppc.rpm | 511 kB 00:00:00 (3/6): libpcap-1.9.0-1.aix6.1.ppc.rpm | 904 kB 00:00:00 (4/6): ncat-7.60-3.aix6.1.ppc.rpm | 343 kB 00:00:00 (5/6): nmap-7.60-3.aix6.1.ppc.rpm | 6.8 MB 00:00:00 (6/6): nping-0.7.60-3.aix6.1.ppc.rpm | 505 kB 00:00:00 ------------------------------------------------------------------------------------------------------------------------------------ Total 9.7 MB/s | 11 MB 00:01 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Updating : expat-2.2.4-1.ppc 1/9 Installing : dbus-1.12.10-1.ppc 2/9 Updating : libpcap-1.9.0-1.ppc 3/9 Updating : 2:nmap-7.60-3.ppc 4/9 Installing : 2:nping-0.7.60-3.ppc 5/9 Installing : 2:ncat-7.60-3.ppc 6/9 Cleanup : 2:nmap-7.60-1.ppc 7/9 Cleanup : libpcap-1.8.1-1.ppc 8/9 Cleanup : expat-2.2.0-1.ppc 9/9 Installed: ncat.ppc 2:7.60-3 nping.ppc 2:0.7.60-3 Dependency Installed: dbus.ppc 0:1.12.10-1 Updated: nmap.ppc 2:7.60-3 Dependency Updated: expat.ppc 0:2.2.4-1 libpcap.ppc 0:1.9.0-1 Complete! # nmap -sS -O -vv -A --script vuln target exec(): 0509-036 Cannot load program nmap because of the following errors: 0509-150 Dependent module /opt/freeware/lib/liblua.a(liblua-5.3.so) could not be loaded. 0509-152 Member liblua-5.3.so is not found in archive
2025-04-171 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedNSE: Starting runlevel 2 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedNSE: Starting runlevel 3 (of 3) scan.Initiating NSE at 22:51Completed NSE at 22:51, 0.00s elapsedRead data files from: /usr/bin/../share/nmapOS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 25.09 seconds Raw packets sent: 65 (4.396KB) | Rcvd: 41 (3.068KB) 考察Nmapの場合、全ポートに対してオプションで指定した動作を試みるので時間がかかるRustScanは全ポートをスキャンしてから、空いているポートに対してnmapで指定したオプションを試みるので時間が短縮される全ポートスキャンする場合、RustScanを使ったほうが早い最後にRustScanはOSCPで禁止されてなく普通に使われているツールと思われるので、これからもRustScanを使いこなしていこうと思います追記Nmapの検証で、高速オプション「-T4」を使用してなかったので再度Nmapの時間を計測1016.57秒(約17分)作業ログ└─# nmap -p- -T4 -sV -A -oN nmap.txt 10.10.216.174Starting Nmap 7.92 ( ) at 2021-11-30 23:21 UTCTraceroute Timing: About 32.26% done; ETC: 23:38 (0:00:00 remaining)Nmap scan report for 10.10.216.174Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE VERSION80/tcp open http Apache httpd 2.4.18 ((Ubuntu))|_http-title: Apache2 Ubuntu Default Page: It works|_http-server-header: Apache/2.4.18 (Ubuntu)6379/tcp open redis Redis key-value store 6.0.7No exact OS matches for host (If you know what OS is running on it, see ).TCP/IP fingerprint:OS:SCAN(V=7.92%E=4%D=11/30%OT=80%CT=1%CU=33336%PV=Y%DS=4%DC=T%G=Y%TM=61A6B5OS:F4%P=x86_64-pc-linux-gnu)SEQ(SP=103%GCD=1%ISR=10B%TI=Z%CI=I%II=I%TS=8)SEOS:Q(SP=103%GCD=1%ISR=10B%TI=Z%II=I%TS=8)OPS(O1=M506ST11NW7%O2=M506ST11NW7%OS:O3=M506NNT11NW7%O4=M506ST11NW7%O5=M506ST11NW7%O6=M506ST11)WIN(W1=68DF%W2OS:=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)ECN(R=Y%DF=Y%T=40%W=6903%O=M506NNSOS:NW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%OS:DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%OS:O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%OS:W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%OS:RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)Network Distance: 4 hopsTRACEROUTE (using port 587/tcp)HOP RTT ADDRESS1 113.49 ms 10.13.0.12 ... 34 254.71 ms 10.10.216.174OS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 1016.57 seconds15Go to list of users who liked6Register as a new user and use Qiita more convenientlyYou get articles that match your needsYou can efficiently read back useful informationYou can use dark themeWhat you can do with signing up15Go to list of users who liked6Deleted articles cannot be recovered.Draft of this article would be also deleted.Are you sure you want to delete this article?
2025-04-06IntroductionThis document describes the TCP and UDP ports that Cisco CGR2010 platform uses for applications and intranetwork communications.Default PortsCisco CGR2010 has these ports enabled by default :Router#show control-plane host open-portsActive internet connections (servers and established)Prot Local Address Foreign Address Service State tcp *:23 *:0 Telnet LISTENRouter#In case that SSH is enabled in the router, port 22 is open in the CGR 2010:Router#show control-plane host open-portsActive internet connections (servers and established)Prot Local Address Foreign Address Service State tcp *:22 *:0 SSH-Server LISTEN tcp *:23 *:0 Telnet LISTENUse Nmap to verify the ports that are enabled in the router.C:\Program Files (x86)\Nmap>nmap -sS -p1-10000 10.31.126.137Starting Nmap 7.70 ( ) at 2018-12-06 20:05 Central Standard Time (Mexico)Nmap scan report for 10.31.126.137Host is up (0.0054s latency).Not shown: 9998 closed portsPORT STATE SERVICE22/tcp open ssh23/tcp open telnetNmap done: 1 IP address (1 host up) scanned in 14.23 secondsC:\Program Files (x86)\Nmap>When a switch module is installed on the CGR2010, the router opens the ports 2003, 4003, 6003 and 9003. Take a look at the Table.C:\Program Files (x86)\Nmap>nmap -sS -p1-10000 10.31.126.137Starting Nmap 7.70 ( ) at 2018-12-06 20:22 Central Standard Time (Mexico)Nmap scan report for 10.31.126.137Host is up (0.0067s latency).Not shown: 9994 closed portsPORT STATE SERVICE22/tcp open ssh23/tcp open telnet2003/tcp open finger4003/tcp open pxc-splr-ft6003/tcp open X11:39003/tcp open unknownNmap done: 1 IP address (1 host up) scanned in 12.54 secondsC:\Program Files (x86)\Nmap>Table of Reverse Port ServicesService Name Reserved Port RangeNormal Telnet2000-2xxxRaw TCP4000-4xxxTelnet Binary Mode6000-6xxxReverse Xremote9000-9xxxThis behavior is addressed in these CDETS:
2025-04-1915Go to list of users who liked6Deleted articles cannot be recovered.Draft of this article would be also deleted.Are you sure you want to delete this article?More than 3 years have passed since last update.RustScanというポートスキャンが高速でできるツールを見つけたので検証してみました。リポジトリRustScan@GitHubインストールKali Linuxのインストールコマンドwget -i rustscan_2.0.1_amd64.deb検証環境ローカルはVirtual BoxのKali linuxスキャン対象はTryHackMe - Resで提供されているサーバ、ポート80と6379が空いている検証①:Nmap検証内容Nmapコマンドで以下のオプションを指定して実行時間を計測オプション説明-p-全ポート指定(デフォルトは1-1024)-sVバージョン検出-AOS検出-oNファイル出力(output Normal)検証結果1621.94秒(約27分)実行ログ└─# nmap -p- -sV -A -oN nmap.txt 10.10.216.174 Starting Nmap 7.92 ( ) at 2021-11-30 22:52 UTCStats: 0:24:29 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth ScanNmap scan report for 10.10.216.174Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE VERSION80/tcp open http Apache httpd 2.4.18 ((Ubuntu))|_http-title: Apache2 Ubuntu Default Page: It works|_http-server-header: Apache/2.4.18 (Ubuntu)6379/tcp open redis Redis key-value store 6.0.7No exact OS matches for host (If you know what OS is running on it, see ).TCP/IP fingerprint:OS:SCAN(V=7.92%E=4%D=11/30%OT=80%CT=1%CU=41258%PV=Y%DS=4%DC=T%G=Y%TM=61A6B1OS:70%P=x86_64-pc-linux-gnu)SEQ(SP=102%GCD=1%ISR=109%TI=Z%CI=I%II=I%TS=8)OPOS:S(O1=M506ST11NW7%O2=M506ST11NW7%O3=M506NNT11NW7%O4=M506ST11NW7%O5=M506STOS:11NW7%O6=M506ST11)WIN(W1=68DF%W2=68DF%W3=68DF%W4=68DF%W5=68DF%W6=68DF)ECOS:N(R=Y%DF=Y%T=40%W=6903%O=M506NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(OS:R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%OS:F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=NOS:%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%COS:D=S)Network Distance: 4 hopsTRACEROUTE (using port 443/tcp)HOP RTT ADDRESS1 115.52 ms 10.13.0.12 ... 34 252.41 ms 10.10.216.174OS and Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 1621.94 seconds検証②:RustScan検証内容RustScanで同じオプションを指定して実行時間を計測検証結果ポートスキャン:3秒バージョン検出スキャン:25秒実行ログ└─# rustscan -a 10.10.216.174 --ulimit 5000 -- -sV -A -oN rustscan.txt.----. .-. .-. .----..---. .----. .---. .--. .-. .-.| {} }| { } |{ {__ {_ _}{ {__ / ___} / {} \ | `| || .-. \| {_} |.-._} } | | .-._} }\ }/ /\ \| |\ |`-' `-'`-----'`----' `-' `----' `---' `-' `-'`-' `-'The Modern Day Port Scanner.________________________________________: :: : --------------------------------------🌍HACK THE PLANET🌍[~] The config file is expected to be at "/root/.rustscan.toml"[~] Automatically increasing ulimit value to 5000.Open 10.10.216.174:80Open 10.10.216.174:6379[~] Starting Script(s)[>] Script to be run Some("nmap -vvv -p {{port}} {{ip}}")[~] Starting Nmap 7.92 ( ) at 2021-11-30 22:50 UTCNSE: Loaded 155 scripts for scanning.NSE: Script Pre-scanning.NSE: Starting runlevel 1 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedNSE: Starting runlevel 2 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedNSE: Starting runlevel 3 (of 3) scan.Initiating NSE at 22:50Completed NSE at 22:50, 0.00s elapsedInitiating Ping Scan at 22:50Scanning 10.10.216.174 [4 ports]Completed Ping Scan at 22:50, 0.37s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 22:50Completed Parallel DNS resolution of 1 host. at 22:50, 0.01s elapsedDNS resolution of 1
2025-04-06