nmap¶
Resources¶
- https://lms.onnocenter.or.id/wiki/index.php/Nmap
- https://noxtal.com/cheatsheets/2020/07/13/nmap-cheatsheet/
Beberapa intruksi bagus :¶
guide : nmap [Scan Type(s)] [Options] {target specification}
scan ip :
nmap $IP
scan host :
nmap hostname.com
scan range IP :
nmap 192.168.1.1-20
scan subnet
nmap 192.168.1.0/24
port selection : (single)
nmap -p 80 $IP
port selection : (most commond)
nmap -F $IP
port selection : (range)
nmap -p 1-100 $IP
port selection : (all)
nmap -p- $IP
scaning mesin :
nmap -v -sS -O 192.168.0.254
nmap –sV –O 192.168.12.120
nmap –Pn --script vuln 192.168.12.120
-v |
untuk verbose supaya banyak keluar informasi |
-sS |
scanning port dengan mengirim paket SYNC |
-O |
dicoba juga untuk menebak sitem operasi yang digunakan |
very verbose :
nmap -vv $IP
bypass firewall :
nmap -Pn $IP
default scan :
nmap -vv -sC -sV -oN nmap.log $IP
complete scan :
nmap -vv -A -p- -oN nmap-complete.log $IP
vulnerability scan :
nmap -vv --script vuln -oN nmap-vuln.log $IP
http scan :
nmap -vv --script http* -oN nmap-http.log $IP
mysql scan :
nmap -vv --script mysql* -oN nmap-mysql.log $IP
ftp scan :
nmap -vv --script ftp* -oN nmap-ftp.log $IP
smb scan :
nmap -vv --script smb* -oN nmap-smb.log $IP
ssh scan :
nmap -vv --script ssh* -oN nmap-ssh.log $IP
ip address information :
nmap --script=asn-query,whois,ip-geolocation-maxmind $IP
passing brute force :
nmap --script=ssh-brute --script-args userdb=usernames.lst,passwd=passwords.lst $IP
brute force ftp password :
nmap -p21 –script ftp-brute.nse –script-args userdb=rockyou.txt,passdb=rockyou.txt 192.168.1.105
brute force telnet password :
nmap -p23 --script telnet-brute.nse --script-args userdb=rockyou.txt,passdb=rockyou.txt 192.168.1.105
brute force smb password :
nmap --script smb-brute.nse -p445 192.168.0.7
nmap --script smb-brute.nse -p445 192.168.0.80
nmap -sU -sS --script smb-brute.nse -p U:137,T:139 192.168.0.80
nmap –p445 –script smb-brute.nse –script-args userdb=/root/Desktop/user.txt,passdb=/root/Desktop/pass.txt 192.168.1.105
brute force mysql : *masih ada catatan
nmap --script=mysql-brute <target>
nmap -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt --script-trace 192.168.0.100
nmap -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt,passdb=/root/pass.txt --script-trace 192.168.0.100