Nmap scripts eine Seite: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
(16 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
 
=Locate the scripts=
 
=Locate the scripts=
*locate nse | grep scripts
+
locate nse | grep scripts
 
=Finding Vulnerability Scanning Scripts=
 
=Finding Vulnerability Scanning Scripts=
*locate *vuln*.nse
+
locate *vuln*.nse
 
oder besser
 
oder besser
*cd /usr/share/nmap/scripts
+
cd /usr/share/nmap/scripts
*ls
+
ls
  
 
=help=
 
=help=
 
;ssh-hostkey
 
;ssh-hostkey
*nmap --script-help=ssh-hostkey
+
nmap --script-help=ssh-hostkey
<pre>
 
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-01 05:06 CET
 
 
 
ssh-hostkey
 
Categories: safe default discovery
 
https://nmap.org/nsedoc/scripts/ssh-hostkey.html
 
  Shows SSH hostkeys.
 
 
 
  Shows the target SSH server's key fingerprint and (with high enough
 
  verbosity level) the public key itself.  It records the discovered host keys
 
  in <code>nmap.registry</code> for use by other scripts.  Output can be
 
  controlled with the <code>ssh_hostkey</code> script argument.
 
 
 
  You may also compare the retrieved key with the keys in your known-hosts
 
  file using the <code>known-hosts</code> argument.
 
 
 
  The script also includes a postrule that check for duplicate hosts using the
 
  gathered keys.
 
</pre>
 
 
;nfs-showmount
 
;nfs-showmount
*nmap  --script-help=nfs-showmount.nse
+
nmap  --script-help=nfs-showmount.nse
<pre>
 
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-13 07:26 CET
 
 
 
nfs-showmount
 
Categories: discovery safe
 
https://nmap.org/nsedoc/scripts/nfs-showmount.html
 
  Shows NFS exports, like the <code>showmount -e</code> command.
 
</pre>
 
 
 
 
=ssh misc=
 
=ssh misc=
*[[nmap-scripts-ssh]]
+
==Fingerprint der Hostkeys==
 +
nmap --script ssh-hostkey 192.168.34.1
 +
==Welche Authentifizierungsmethoden werden unterstützt==
 +
nmap  --script ssh-auth-methods 192.168.34.1
 +
==Welche Cipher-Suits werden unterstützt==
 +
nmap  --script ssh2-enum-algos 192.168.34.1
 +
==ssh Bruteforce==
 +
nmap  --script ssh-brute --script-args userdb=users.txt,passdb=pass.txt 192.168.34.1
  
=ssl misc=
+
=Nmap-scripts-ssl=
*[[nmap-scripts-ssl]]
+
==Welche Certs werden angeboten==
 +
nmap  --script ssl-cert.nse  192.168.34.1 -p 993
 +
==Welche Cipher Suits werden angeboten==
 +
*nmap -sV --script ssl-enum-ciphers 192.168.34.1 -p 993
 
=smtp misc=
 
=smtp misc=
*[[nmap-scripts-smtp]]
+
nmap --script smtp-open-relay.nse ox.xinux.org -p 25 
 +
==Welche Kommandos werden vom Mailserver unterstützt==
 +
nmap  --script smtp-commands ox.xinux.org -p 25
 +
==User auf dem Mailsystem herausfinden==
 +
nmap  --script smtp-enum-users ox.xinux.org -p 25
 
=proxy misc=
 
=proxy misc=
*[[nmap-scripts-proxy]]
+
==Finde Offene Proxys==
 
+
nmap --script "http-open-proxy" -p 3128  10.82.10.40
 
=http misc=
 
=http misc=
*[[nmap-scripts-http]]
+
==Show HTTP Title==
=wordpress-version misc=
+
nmap --script http-title -sV -p 80 192.168.34.1
*[[nmap-scripts-wordpress-version]]
+
==HTTP Bannergrabbing==
 
+
nmap -sV -p 80 --script=banner 192.168.34.1
 
+
==Find Files or interestings Dirs on Webserver==
 
+
nmap -sV --script http-enum -p 443 10.3.4.12
=Alle Schwachstellen=
+
=Verschiedenes=
*nmap -sV --script vulners 10.0.10.104
+
==Alle Schwachstellen==
 
+
nmap -sV --script vulners 10.0.10.104
 
+
==NFS Check==
=NFS Check=
+
nmap -sV  --script=nfs-showmount.nse  10.82.10.40
*nmap -sV  --script=nfs-showmount.nse  10.82.10.40
+
==SMB Check==
=SMB Check=
+
nmap -p 445 --script smb-os-discovery 10.82.10.40
*nmap -p 445 --script smb-os-discovery 10.82.10.40
+
==Traceroute Geolocation==
 
+
nmap --traceroute  --script traceroute-geolocation.nse -p 80 www.facebook.com
=Traceroute Geolocation=
+
==FTP Bannergrabbing==
*nmap --traceroute  --script traceroute-geolocation.nse -p 80 www.facebook.com
+
nmap -sV -p 21 --script=banner 10.3.4.12
=FTP Bannergrabbing=
 
*nmap -sV -p 21 --script=banner 10.3.4.12
 
 
 
 
=Update the Script Database=
 
=Update the Script Database=
*nmap --script-updatedb
+
nmap --script-updatedb
  
 
=links=
 
=links=

Aktuelle Version vom 19. Mai 2025, 08:58 Uhr

Locate the scripts

locate nse | grep scripts

Finding Vulnerability Scanning Scripts

locate *vuln*.nse

oder besser 

cd /usr/share/nmap/scripts
ls

help

ssh-hostkey
nmap --script-help=ssh-hostkey
nfs-showmount

nmap --script-help=nfs-showmount.nse

ssh misc

Fingerprint der Hostkeys

nmap  --script ssh-hostkey 192.168.34.1

Welche Authentifizierungsmethoden werden unterstützt

nmap  --script ssh-auth-methods 192.168.34.1

Welche Cipher-Suits werden unterstützt

nmap  --script ssh2-enum-algos 192.168.34.1

ssh Bruteforce

nmap  --script ssh-brute --script-args userdb=users.txt,passdb=pass.txt 192.168.34.1

Nmap-scripts-ssl

Welche Certs werden angeboten

nmap  --script ssl-cert.nse  192.168.34.1 -p 993

Welche Cipher Suits werden angeboten

  • nmap -sV --script ssl-enum-ciphers 192.168.34.1 -p 993

smtp misc

nmap --script smtp-open-relay.nse ox.xinux.org -p 25

Welche Kommandos werden vom Mailserver unterstützt

nmap  --script smtp-commands ox.xinux.org -p 25

User auf dem Mailsystem herausfinden

nmap  --script smtp-enum-users ox.xinux.org -p 25

proxy misc

Finde Offene Proxys

nmap --script "http-open-proxy" -p 3128  10.82.10.40

http misc

Show HTTP Title

nmap --script http-title -sV -p 80 192.168.34.1

HTTP Bannergrabbing

nmap -sV -p 80 --script=banner 192.168.34.1

Find Files or interestings Dirs on Webserver

nmap -sV --script http-enum -p 443 10.3.4.12

Verschiedenes

Alle Schwachstellen

nmap -sV --script vulners 10.0.10.104

NFS Check

nmap -sV  --script=nfs-showmount.nse  10.82.10.40

SMB Check

nmap -p 445 --script smb-os-discovery 10.82.10.40

Traceroute Geolocation

nmap --traceroute  --script traceroute-geolocation.nse -p 80 www.facebook.com

FTP Bannergrabbing

nmap -sV -p 21 --script=banner 10.3.4.12

Update the Script Database

nmap --script-updatedb

links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Nmap_scripts_eine_Seite&oldid=63176