nmap(zenmap)使用

查詢 網路上 sonicwall 路由器, 但必須透過UDP方式 內文: local ipOps = require "ipOps" local nmap = require "nmap" local packet = require "packet" local stdnse = require "stdnse" local string = require "string" local target = require "target" description = [[ Discovers Sonicwall firewalls which are directly attached (not routed) using the same method as the manufacturers own 'SetupTool'. An interface needs to be configured, as the script broadcasts a UDP packet. The script needs to be run as a privileged user, typically root. References: * https://support.software.dell.com/kb/sw3677) ]] --- -- @usage -- nmap -e eth0 --script broadcast-sonicwall-discover -- -- @output -- | broadcast-sonicwall-discover: -- |   192.168.5.1 -- |     MAC/Serial: 0006B1001122 -- |     Subnetmask: 255.255.255.0 -- |     Firmware: 3.9.1.2 -- |_    ROM: 14.0.1.1 -- -- @args broadcast-sonicwall-discover.timeout time in seconds to wa

在LAN , 傳送   RIPng Request command , 確定是否有電腦或設備 回應 nmap --script broadcast-ripng-discover 內容: local bin = require "bin" local ipOps = require "ipOps" local nmap = require "nmap" local stdnse = require "stdnse" local tab = require "tab" local table = require "table" description = [[ Discovers hosts and routing information from devices running RIPng on the LAN by sending a broadcast RIPng Request command and collecting any responses. ]] --- -- @usage -- nmap --script broadcast-ripng-discover -- -- @output -- | broadcast-ripng-discover: -- |   fe80::a00:27ff:fe9a:880c -- |     route                       metric  next hop -- |     fe80:470:0:0:0:0:0:0/64     1 -- |     fe80:471:0:0:0:0:0:0/64     1 -- |_    fe80:472:0:0:0:0:0:0/64     1 -- -- @args broadcast-ripng-discover.timeout sets the connection timeout --       (default: 5s) author = "Patrik Karlsson" license = "Same as Nmap--S

查詢LAN 裏頭, RIPv2的電腦設備, 透過發送  Request command, 取得回應 nmap --script broadcast-rip-discover 內容: local bin = require "bin" local ipOps = require "ipOps" local nmap = require "nmap" local stdnse = require "stdnse" local tab = require "tab" local table = require "table" description=[[ Discovers hosts and routing information from devices running RIPv2 on the LAN. It does so by sending a RIPv2 Request command and collects the responses from all devices responding to the request. ]] --- -- @usage -- nmap --script broadcast-rip-discover -- -- @output -- Pre-scan script results: -- | broadcast-rip-discover: -- | Discovered RIPv2 devices -- |   10.0.200.107 -- |     ip           netmask        nexthop       metric -- |     10.46.100.0  255.255.255.0  0.0.0.0       1 -- |     10.46.110.0  255.255.255.0  0.0.0.0       1 -- |     10.46.120.0  255.255.255.0  0.0.0.0       1 -- |     10.46.123.0  255.255.255.0  10.0.

nmap 常用到  -T    , 簡單說明: -T1   傳送TCP封包 , Flag=SYN    到目標電腦的開啟port -T2   傳送空TCP封包    到目標電腦的開啟port -T3   傳送TCP封包 , Flag=SYN, URG, PSH, FIN     到目標電腦的開啟port -T4   傳送TCP封包 , Flag=ACK    到目標電腦的開啟port -T5   傳送TCP封包 , Flag=SYN     到目標電腦的關閉port -T6   傳送TCP封包 , Flag=ACK    到目標電腦的關閉port -T7   傳送TCP封包 , Flag=SYN, URG, PSH, FIN     到目標電腦的關閉port 網路封包說明: http://www.pcnet.idv.tw/pcnet/network/network_ip_tcp.htm