Skip to main content

Posts

Showing posts from June 14, 2017

Nmap: How to Scan Random Targets (part-6)

Scan Random Targets The -iR parameter can be used to select random internet hosts to scan. Nmap will randomly generate the specified number of targets and attempt to scan them. Usage syntax: nmap -iR [number of targets] # nmap -iR 3 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-07 23:40 CDT ... Nmap done: 3 IP addresses (2 hosts up) scanned in 36.91 seconds Scanning three randomly generated IP addresses  note For privacy reasons we do not display the results of the above scan in this book. Executing nmap -iR 3 instructs Nmap to randomly generate 3 IP addresses to scan. There aren’t many good reasons to ever do a random scan unless you are working on a research project (or just really bored). Additionally, if you do a lot of aggressive random scanning you could end up getting in trouble with your internet service provider.

Top 11 Firefox Add-ons a Hacker Must Have

11 Firefox Add-ons a Hacker Must Have 1. Tamper Data Tamper data is a great tool to view and modify HTTP/HTTPS headers and post parameters. We can alter each request going from our machine to the destination host with this. It helps in security testing web applications by modifying POST parameters. It can be used in performing XSS and SQL Injection attacks by modifying header data. Add Tamper data to Firefox: https://addons.mozilla.org/en-us/firefox/addon/tamper-data/ 2. Firebug Firebug is a nice add-on that integrates a web development tool inside the browser. With this tool, you can edit and debug HTML, CSS, and JavaScript live on any webpage to see the effect of changes. It helps while analyzing JS files to find XSS vulnerabilities. It’s a very helpful add-on for finding DOM based XSS for security testing professionals. Add Firebug to your browser: https://addons.mozilla.org/en-US/firefox/addon/firebug/   3. Hackbar Hackbar is a simple penetration tool ...

NMAP: How to scan list targets (part-5)

Scan a List of Targets I f you have a large number of systems to scan, you can enter the IP address (or host names) in a text file and use that file as input for Nmap on the command line. $ cat list.txt 192.168.10.1 192.168.10.100 192.168.10.101 Target IP addresses in a text file The list.txt file above contains a list of hosts to be scanned. Each entry in the list.txt file must be separated by a space, tab, or newline. The -iL parameter is used to instruct Nmap to extract the list of targets from the list.txt file. Usage syntax: nmap -iL [list.txt] $ nmap -iL list.txt Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-07 19:44 CDT Interesting ports on 192.168.10.1: Not shown: 997 filtered ports PORT STATE SERVICE 20/tcp closed ftp-data 21/tcp closed ftp 80/tcp open http Interesting ports on 192.168.10.100: Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh ... Nmap scan using a list for target specification The resulting scan displayed above will be performed for each ...

nmap: how to scan entire subnet (part-4)

Scan an Entire Subnet Nmap can be used to scan an entire subnet using CIDR (Classless Inter-Domain Routing) notation.   Usage syntax: nmap [Network/CIDR]   $ nmap 192.168.10.1/24 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-07 20:43 CDT Interesting ports on 192.168.10.1: Not shown: 996 filtered ports PORT STATE SERVICE 20/tcp closed ftp-data 21/tcp closed ftp 23/tcp closed telnet 80/tcp open http Interesting ports on 192.168.10.100: Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 2049/tcp open nfs Nmap done: 256 IP addresses (2 hosts up) scanned in 8.78 second Scanning an entire class C subnet using CDIR notation The above example instructs Nmap to scan the entire 192.168.10.0 network using CIDR notation. CIDR notation consists of the network address and subnet mask (in binary bits) separated by a slash. See Appendix C for a cross reference of subnet masks and their CIDR notatio...

NMAP: how to scan range of IP Addresses (part-3)

Scan a Range of IP Addresses   A range of IP addresses can be used for target specification as demonstrated in the example below. Usage syntax: nmap [Range of IP addresses] $ nmap 192.168.10.1-100 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-07 20:40 CDT Interesting ports on 192.168.10.1: Not shown: 997 filtered ports PORT STATE SERVICE 20/tcp closed ftp-data 21/tcp closed ftp 80/tcp open http Interesting ports on 192.168.10.100: Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds Nmap done: 100 IP addresses (2 hosts up) scanned in 25.84 seconds Scanning a range of IP addresses In this example Nmap is instructed to scan the range of IP addresses from 192.168.10.1 through 192.168.10.100. You can also use ranges to scan multiple networks/subnets. For example typing nmap 192.168.1-100.* would scan the class C IP networks of 192.168.1.* through 192.168.100.*. NOTE The asterisk is a w...

NMAP: how to scan multiple targets basic (part-2)

Scan Multiple Targets Nmap can be used to scan multiple hosts at the same time. The easiest way to do this is to string together the target IP addresses or host names on the command line Usage syntax: nmap [target1 target2 etc] $ nmap 192.168.10.1 192.168.10.100 192.168.10.101 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-07 20:30 CDT Interesting ports on 192.168.10.1: Not shown: 997 filtered ports PORT STATE SERVICE 20/tcp closed ftp-data 21/tcp closed ftp 80/tcp open http Interesting ports on 192.168.10.100: Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 2049/tcp open nfs Nmap done: 3 IP addresses (2 hosts up) scanned in 6.23 seconds Multiple target scan The example above demonstrates using Nmap to scan three addresses at the same time. Tip Since all three targets in the above example are on the same subnet you   could use the shorthand notation ...