前言:
现在小伙伴们对“framesetcss”大体比较注重,咱们都想要知道一些“framesetcss”的相关文章。那么小编在网上汇集了一些有关“framesetcss””的相关内容,希望大家能喜欢,小伙伴们快快来学习一下吧!1.Nmap介绍
Nmap(“Network Mapper”)是一个用于网络发现和安全审计的免费开源实用程序,Nmap 使用原始 IP 数据包来确定网络上有哪些主机、这些主机提供哪些服务(应用程序名称和版本号)、所运行的操作系统(和操作系统版本)、使用什么类型的数据包过滤器/防火墙,以及数十种其他特征。
除了经典的命令行 Nmap 可执行程序外,Nmap 套件还包括:
图形用户界面和结果查看工具 (Zenmap)数据传输、重定向和调试工具 (Ncat)、扫描结果比较工具 (Ndiff)数据包生成和响应分析工具 (Nping)2.Nmap的特点主机探测:探测网络上的主机,例如列出响应TCP和ICMP请求、icmp请求、开放特别端口的主机。端口扫描:探测目标主机所开放的端口版本检测:探测目标主机的网络服务,判断其服务名称及版本号系统检测:探测目标主机的操作系统及网络设的硬件特性支持探测脚本的编写:使用Nmap的脚本引擎(NSE)和(Lua)编程语言Nmap可支持市面大部分的操作系统,例如Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS等。Nmap 能扫描出目标的详细信息包括、DNS反、设备类型和mac地址3.Nmap的用途
4.Nmap下载
Download the Free Nmap Security Scanner for Linux/Mac/Windows
以linux系统下使用为例,在命令窗口下输入nmap,可以看到nmap的帮助信息,说明Nmap安装成功。
─$ nmapNmap 7.94 ( )Usage: nmap [Scan Type(s)] [Options] {target specification}TARGET SPECIFICATION:Can pass hostnames, IP addresses, networks, etc.Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254-iL <inputfilename>: Input from list of hosts/networks-iR <num hosts>: Choose random targets--exclude <host1[,host2][,host3],...>: Exclude hosts/networks--excludefile <exclude_file>: Exclude list from fileHOST DISCOVERY:-sL: List Scan - simply list targets to scan-sn: Ping Scan - disable port scan-Pn: Treat all hosts as online -- skip host discovery-PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes-PO[protocol list]: IP Protocol Ping-n/-R: Never do DNS resolution/Always resolve [default: sometimes]--dns-servers <serv1[,serv2],...>: Specify custom DNS servers--system-dns: Use OS's DNS resolver--traceroute: Trace hop path to each hostSCAN TECHNIQUES:-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans-sU: UDP Scan-sN/sF/sX: TCP Null, FIN, and Xmas scans--scanflags <flags>: Customize TCP scan flags-sI <zombie host[:probeport]>: Idle scan-sY/sZ: SCTP INIT/COOKIE-ECHO scans-sO: IP protocol scan-b <FTP relay host>: FTP bounce scanPORT SPECIFICATION AND SCAN ORDER:-p <port ranges>: Only scan specified portsEx: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9--exclude-ports <port ranges>: Exclude the specified ports from scanning-F: Fast mode - Scan fewer ports than the default scan-r: Scan ports sequentially - don't randomize--top-ports <number>: Scan <number> most common ports--port-ratio <ratio>: Scan ports more common than <ratio>SERVICE/VERSION DETECTION:-sV: Probe open ports to determine service/version info--version-intensity <level>: Set from 0 (light) to 9 (try all probes)--version-light: Limit to most likely probes (intensity 2)--version-all: Try every single probe (intensity 9)--version-trace: Show detailed version scan activity (for debugging)SCRIPT SCAN:-sC: equivalent to --script=default--script=<Lua scripts>: <Lua scripts> is a comma separated list ofdirectories, script-files or script-categories--script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts--script-args-file=filename: provide NSE script args in a file--script-trace: Show all data sent and received--script-updatedb: Update the script database.--script-help=<Lua scripts>: Show help about scripts.<Lua scripts> is a comma-separated list of script-files orscript-categories.OS DETECTION:-O: Enable OS detection--osscan-limit: Limit OS detection to promising targets--osscan-guess: Guess OS more aggressivelyTIMING AND PERFORMANCE:Options which take <time> are in seconds, or append 'ms' (milliseconds),'s' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).-T<0-5>: Set timing template (higher is faster)--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes--min-parallelism/max-parallelism <numprobes>: Probe parallelization--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifiesprobe round trip time.--max-retries <tries>: Caps number of port scan probe retransmissions.--host-timeout <time>: Give up on target after this long--scan-delay/--max-scan-delay <time>: Adjust delay between probes--min-rate <number>: Send packets no slower than <number> per second--max-rate <number>: Send packets no faster than <number> per secondFIREWALL/IDS EVASION AND SPOOFING:-f; --mtu <val>: fragment packets (optionally w/given MTU)-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys-S <IP_Address>: Spoof source address-e <iface>: Use specified interface-g/--source-port <portnum>: Use given port number--proxies <url1,[url2],...>: Relay connections through HTTP/SOCKS4 proxies--data <hex string>: Append a custom payload to sent packets--data-string <string>: Append a custom ASCII string to sent packets--data-length <num>: Append random data to sent packets--ip-options <options>: Send packets with specified ip options--ttl <val>: Set IP time-to-live field--spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address--badsum: Send packets with a bogus TCP/UDP/SCTP checksumOUTPUT:-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,and Grepable format, respectively, to the given filename.-oA <basename>: Output in the three major formats at once-v: Increase verbosity level (use -vv or more for greater effect)-d: Increase debugging level (use -dd or more for greater effect)--reason: Display the reason a port is in a particular state--open: Only show open (or possibly open) ports--packet-trace: Show all packets sent and received--iflist: Print host interfaces and routes (for debugging)--append-output: Append to rather than clobber specified output files--resume <filename>: Resume an aborted scan--noninteractive: Disable runtime interactions via keyboard--stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML--webxml: Reference stylesheet from Nmap.Org for more portable XML--no-stylesheet: Prevent associating of XSL stylesheet w/XML outputMISC:-6: Enable IPv6 scanning-A: Enable OS detection, version detection, script scanning, and traceroute--datadir <dirname>: Specify custom Nmap data file location--send-eth/--send-ip: Send using raw ethernet frames or IP packets--privileged: Assume that the user is fully privileged--unprivileged: Assume the user lacks raw socket privileges-V: Print version number-h: Print this help summary page.EXAMPLES:nmap -v -A scanme.nmap.orgnmap -v -sn 192.168.0.0/16 10.0.0.0/8nmap -v -iR 10000 -Pn -p 80SEE THE MAN PAGE () FOR MORE OPTIONS AND EXAMPLES5.Nmap参数相关思维导图6.Nmap常用参数简单扫描,不加参数,以192.168.95.130靶机为例nmap 192.168.95.130
$ nmap 192.168.95.130 Starting Nmap 7.94 ( ) at 2023-08-31 04:57 EDTNmap scan report for 192.168.95.130Host is up (0.0012s latency).Not shown: 977 closed tcp ports (conn-refused)PORT STATE SERVICE21/tcp open ftp22/tcp open ssh23/tcp open telnet25/tcp open smtp53/tcp open domain80/tcp open http111/tcp open rpcbind139/tcp open netbios-ssn445/tcp open microsoft-ds512/tcp open exec513/tcp open login514/tcp open shell1099/tcp open rmiregistry1524/tcp open ingreslock2049/tcp open nfs2121/tcp open ccproxy-ftp3306/tcp open mysql5432/tcp open postgresql5900/tcp open vnc6000/tcp open X116667/tcp open irc8009/tcp open ajp138180/tcp open unknownNmap done: 1 IP address (1 host up) scanned in 0.14 seconds参数-A 检查操作,版本号,脚本扫描,探测路由
nmap -A 192.168.95.130
$ nmap -A 192.168.95.130 Starting Nmap 7.94 ( ) at 2023-08-31 04:43 EDTNmap scan report for 192.168.95.130Host is up (0.0012s latency).Not shown: 977 closed tcp ports (conn-refused)PORT STATE SERVICE VERSION21/tcp open ftp vsftpd 2.3.4| ftp-syst: | STAT: | FTP server status:| Connected to 192.168.95.129| Logged in as ftp| TYPE: ASCII| No session bandwidth limit| Session timeout in seconds is 300| Control connection is plain text| Data connections will be plain text| vsFTPd 2.3.4 - secure, fast, stable|_End of status|_ftp-anon: Anonymous FTP login allowed (FTP code 230)22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)| ssh-hostkey: | 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)|_ 2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)23/tcp open telnet Linux telnetd25/tcp open smtp Postfix smtpd|_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN| ssl-cert: Subject: commonName=ubuntu804-base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX| Not valid before: 2010-03-17T14:07:45|_Not valid after: 2010-04-16T14:07:45|_ssl-date: 2023-08-31T08:44:01+00:00; +2s from scanner time.| sslv2: | SSLv2 supported| ciphers: | SSL2_DES_192_EDE3_CBC_WITH_MD5| SSL2_RC4_128_WITH_MD5| SSL2_RC2_128_CBC_EXPORT40_WITH_MD5| SSL2_RC4_128_EXPORT40_WITH_MD5| SSL2_DES_64_CBC_WITH_MD5|_ SSL2_RC2_128_CBC_WITH_MD553/tcp open domain ISC BIND 9.4.2| dns-nsid: |_ bind.version: 9.4.280/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2)|_http-title: Metasploitable2 - Linux|_http-server-header: Apache/2.2.8 (Ubuntu) DAV/2111/tcp open rpcbind 2 (RPC #100000)| rpcinfo: | program version port/proto service| 100000 2 111/tcp rpcbind| 100000 2 111/udp rpcbind| 100003 2,3,4 2049/tcp nfs| 100003 2,3,4 2049/udp nfs| 100005 1,2,3 42206/udp mountd| 100005 1,2,3 55478/tcp mountd| 100021 1,3,4 41882/tcp nlockmgr| 100021 1,3,4 42697/udp nlockmgr| 100024 1 47382/tcp status|_ 100024 1 59790/udp status139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)445/tcp open etbios- Samba smbd 3.0.20-Debian (workgroup: WORKGROUP)512/tcp open exec netkit-rsh rexecd513/tcp open login OpenBSD or Solaris rlogind514/tcp open shell Netkit rshd1099/tcp open java-rmi GNU Classpath grmiregistry1524/tcp open bindshell Metasploitable root shell2049/tcp open nfs 2-4 (RPC #100003)2121/tcp open ftp ProFTPD 1.3.13306/tcp open mysql MySQL 5.0.51a-3ubuntu5| mysql-info: | Protocol: 10| Version: 5.0.51a-3ubuntu5| Thread ID: 9| Capabilities flags: 43564| Some Capabilities: Support41Auth, ConnectWithDatabase, Speaks41ProtocolNew, SwitchToSSLAfterHandshake, SupportsTransactions, LongColumnFlag, SupportsCompression| Status: Autocommit|_ Salt: \?cXpI]vY:Tz,e<<Uy!55432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7| ssl-cert: Subject: commonName=ubuntu804-base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX| Not valid before: 2010-03-17T14:07:45|_Not valid after: 2010-04-16T14:07:45|_ssl-date: 2023-08-31T08:44:01+00:00; +2s from scanner time.5900/tcp open vnc VNC (protocol 3.3)| vnc-info: | Protocol version: 3.3| Security types: |_ VNC Authentication (2)6000/tcp open X11 (access denied)6667/tcp open irc UnrealIRCd| irc-info: | users: 1| servers: 1| lusers: 1| lservers: 0| server: irc.Metasploitable.LAN| version: Unreal3.2.8.1. irc.Metasploitable.LAN | uptime: 0 days, 0:01:58| source ident: nmap| source host: 6CE67320.3D69DBFD.FFFA6D49.IP|_ error: Closing Link: xzaaxaqfb[192.168.95.129] (Quit: xzaaxaqfb)8009/tcp open ajp13 Apache Jserv (Protocol v1.3)|_ajp-methods: Failed to get a valid response for the OPTION request8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1|_http-favicon: Apache Tomcat|_http-title: Apache Tomcat/5.5|_http-server-header: Apache-Coyote/1.1Service Info: Hosts: metasploitable.localdomain, irc.Metasploitable.LAN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernelHost script results:|_nbstat: NetBIOS name: METASPLOITABLE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)|_smb2-time: Protocol negotiation failed (SMB2)|_clock-skew: mean: 1h00m01s, deviation: 2h00m00s, median: 1s| smb-os-discovery: | OS: Unix (Samba 3.0.20-Debian)| Computer name: metasploitable| NetBIOS computer name: | Domain name: localdomain| FQDN: metasploitable.localdomain|_ System time: 2023-08-31T04:43:52-04:00| smb-security-mode: | account_used: <blank>| authentication_level: user| challenge_response: supported|_ message_signing: disabled (dangerous, but default)Service detection performed. Please report any incorrect results at .Nmap done: 1 IP address (1 host up) scanned in 20.65 seconds-T参数
采用-T选项及数字0−5 或名称。名称有paranoid (0)、sneaky (1)、polite (2)、normal(3)、aggressive (4)和insane (5)
paranoid、sneaky模式用于IDS躲避Polite模式降低了扫描速度以使用更少的带宽和目标主机资源。Normal为默认模式,因此-T3 实际上是未做任何优化。Aggressive模式假设用户具有合适及可靠的网络从而加速扫描.insane模式假设用户具有特别快的网络或者愿意为获得速度而牺牲准确性。-vv参数,Increase verbosity level,提高详细程度
nmap -vv 192.168.95.130
$ nmap -vv 192.168.95.130Starting Nmap 7.94 ( ) at 2023-08-31 05:07 EDTInitiating Ping Scan at 05:07Scanning 192.168.95.130 [2 ports]Completed Ping Scan at 05:07, 0.04s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 05:07Completed Parallel DNS resolution of 1 host. at 05:07, 0.01s elapsedInitiating Connect Scan at 05:07Scanning 192.168.95.130 [1000 ports]Discovered open port 5900/tcp on 192.168.95.130Discovered open port 22/tcp on 192.168.95.130Discovered open port 111/tcp on 192.168.95.130Discovered open port 25/tcp on 192.168.95.130Discovered open port 445/tcp on 192.168.95.130Discovered open port 3306/tcp on 192.168.95.130Discovered open port 23/tcp on 192.168.95.130Discovered open port 139/tcp on 192.168.95.130Discovered open port 53/tcp on 192.168.95.130Discovered open port 80/tcp on 192.168.95.130Discovered open port 21/tcp on 192.168.95.130Discovered open port 5432/tcp on 192.168.95.130Discovered open port 6000/tcp on 192.168.95.130Discovered open port 514/tcp on 192.168.95.130Discovered open port 512/tcp on 192.168.95.130Discovered open port 2049/tcp on 192.168.95.130Discovered open port 6667/tcp on 192.168.95.130Discovered open port 1099/tcp on 192.168.95.130Discovered open port 1524/tcp on 192.168.95.130Discovered open port 2121/tcp on 192.168.95.130Discovered open port 513/tcp on 192.168.95.130Discovered open port 8180/tcp on 192.168.95.130Discovered open port 8009/tcp on 192.168.95.130Completed Connect Scan at 05:07, 0.31s elapsed (1000 total ports)Nmap scan report for 192.168.95.130Host is up, received syn-ack (0.013s latency).Scanned at 2023-08-31 05:07:45 EDT for 1sNot shown: 977 closed tcp ports (conn-refused)PORT STATE SERVICE REASON21/tcp open ftp syn-ack22/tcp open ssh syn-ack23/tcp open telnet syn-ack25/tcp open smtp syn-ack53/tcp open domain syn-ack80/tcp open http syn-ack111/tcp open rpcbind syn-ack139/tcp open netbios-ssn syn-ack445/tcp open microsoft-ds syn-ack512/tcp open exec syn-ack513/tcp open login syn-ack514/tcp open shell syn-ack1099/tcp open rmiregistry syn-ack1524/tcp open ingreslock syn-ack2049/tcp open nfs syn-ack2121/tcp open ccproxy-ftp syn-ack3306/tcp open mysql syn-ack5432/tcp open postgresql syn-ack5900/tcp open vnc syn-ack6000/tcp open X11 syn-ack6667/tcp open irc syn-ack8009/tcp open ajp13 syn-ack8180/tcp open unknown syn-ackRead data files from: /usr/bin/../share/nmapNmap done: 1 IP address (1 host up) scanned in 0.53 seconds
版权声明:
本站文章均来自互联网搜集,如有侵犯您的权益,请联系我们删除,谢谢。
标签: #framesetcss #ubuntup2p1 #xpubuntu804 #ubuntu804添加源
