Nmap scripts
Version vom 1. März 2023, 04:07 Uhr von Thomas.will (Diskussion | Beiträge) (→Finding Vulnerability Scanning Scripts)
Locate the scripts
- locate nse | grep scripts
Finding Vulnerability Scanning Scripts
- locate *vuln*.nse
oder besser
- cd /usr/share/nmap/scripts
- ls
ssh misc
ssl misc
smtp misc
http misc
wordpress-version misc
Alle Schwachstellen
- nmap -sV --script vulners 10.0.10.104
Finde Offene Proxys
- nmap --script "http-open-proxy" -p 3128 10.82.10.40
Host is up (0.0033s latency). rDNS record for 10.82.10.40: squid.linux.lab PORT STATE SERVICE 3128/tcp open squid-http | http-open-proxy: Potentially OPEN proxy. |_Methods supported: GET HEAD CONNECTION
Help with a script
- nmap --script-help=nfs-showmount.nse
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-13 07:26 CET nfs-showmount Categories: discovery safe https://nmap.org/nsedoc/scripts/nfs-showmount.html Shows NFS exports, like the <code>showmount -e</code> command.
NFS Check
- nmap -sV --script=nfs-showmount.nse 10.82.10.40
SMB Check
- nmap -p 445 --script smb-os-discovery 10.82.10.40
Traceroute Geolocation
- nmap --traceroute --script traceroute-geolocation.nse -p 80 www.facebook.com
FTP Bannergrabbing
- nmap -sV -p 21 --script=banner 10.3.4.12
Update the Script Database
- nmap --script-updatedb
links
- https://hackertarget.com/7-nmap-nse-scripts-recon/
- http://resources.infosecinstitute.com/nmap-scripting-example/#gref
- https://null-byte.wonderhowto.com/how-to/hack-like-pro-using-nmap-scripting-engine-nse-for-reconnaissance-0158681/
- https://pentestlab.blog/2012/03/08/nmap-scripting-engine-basic-usage-2/