How can I find all hosts that are up, and display only
Nman scan report for xxxx.xxxx.xxxx (ip address)
Host is up(latency)
MAC Address -mac adress-(company)
Assuming your targets are directly connected:
nmap -n -sn <targets>
(no rDNS, ping scan)
Related
i have loop to use Nmap command
for subnet in `cat list_subnet.tmp`
do
echo ${subnet}
nmap -sL -n ${subnet}
done
and nmap cannot list. this is output.
./abc.sh
10.159.18.1/27
Starting Nmap 7.70 ( https://nmap.org ) at 2022-11-03 09:06 +07
"nable to split netmask from target expression: "10.159.18.1/27
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.00 seco
but when i run normal. it is ok
/usr/bin/nmap -sL -n 10.159.18.1/27
Starting Nmap 7.70 ( https://nmap.org ) at 2022-11-03 09:06 +07
Nmap scan report for 10.159.18.0
Nmap scan report for 10.159.18.1
Nmap scan report for 10.159.18.2
Nmap scan report for 10.159.18.3
Nmap scan report for 10.159.18.4
Nmap scan report for 10.159.18.5
Nmap scan report for 10.159.18.6
Nmap scan report for 10.159.18.7
i think have problem with bask. and it not cannot run in loop. any ideal to fix that.
To All,
I am writing a service running HTTPS protocol that accept secure connection using Openssl.
After that, I tested SSL connection using nmap with the following command:
nmap --script ssl-enum-ciphers -p 443 192.168.2.1
Nmap scan report for 192.168.2.1
Host is up (0.0029s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256k1) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256k1) - A
| compressors:
| NULL
| cipher preference: client
|_ least strength: A
However, if the the argument -sV is added, then it displays following
nmap --script ssl-enum-ciphers -sV -p 443 192.168.2.1
Starting Nmap 7.01 ( https://nmap.org ) at 2021-05-25 09:15 CST
Nmap scan report for 192.168.2.1
Host is up (0.0030s latency).
PORT STATE SERVICE VERSION
443/tcp open ssl/https?
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.79 seconds
the -sV is used to probe service/version info, I am wondering is it because I am using ECHDE only?
Anyway, here's how I setup my SSL connection (Remove error checking for easy reading).
SSL_library_init();
SSL_load_error_strings();
CTX = SSL_CTX_new(TLSv1_2_server_method());
SL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384");
SSL_CTX_ctrl((CTX),SSL_CTRL_SET_ECDH_AUTO,1,NULL);
SSL_CTX_use_certificate_file(CTX, pem, SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(CTX, pem, SSL_FILETYPE_PEM);
SSL_CTX_use_certificate_chain_file(CTX, chain);
I am suspecting the ciphers ECDHE, because if I use Cipher list "AES128-SHA256:AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384", everything seems to work fine.
Any help is appreciated, thanks.
We have sporadic connection failures when webserver tries to connect to service on the net.
There is a problem to trace failure from PHP for many reasons.
I'm a web-programmer and not familiar with command-line scripts. Can anyone help with following cmd-script:
-there is a list of ips separated by newline in text file (ip_list.txt)
-take ip from list and ping it, if it fails on first attempt - traceroute it
-go to next ip in file
I don't really sure what you want to test, but here's a pretty useful command to test ping. Enter ping IP_ADDRESS -l 10 -n 10 directly to cmd, change the IP_ADDRESS to ip address you want. -l 10 - Ping you ip address with 10 bytes of data
-n 10 - Ping for 10 times
ping /? - For more informations
To get each ip address (line by line) in a text file, use for /f %%a in (YOUR_FILE.txt) do ( //to do ). Since I'm not sure about what you want, so that's all I can help with :)
I am doing a nmap bash script, and I am just wondering if there is any possibility to use array list for my port commands. For example:
port=[23,45,75,65]
for i in 21 do
nmap -p x,y 192.168.1.$i
done
e.g. At the x,y place I want to use the number 23,45
I'm not sure if that's what you want, but you can try this:
ports="23,45,75,65"
for i in 21 do
nmap -p "$ports" 192.168.1.$i
done
You can also do:
ports="23,45,75,65"
targets="1-25"
nmap -p "$ports" "192.168.1.$targets"
Scanning an array of ports is already built in to nmap. See http://nmap.org/book/man-port-specification.html for more details on the syntax, but here's an excerpt that may give you what you need:
For example, the argument -p U:53,111,137,T:21-25,80,139,8080 would scan UDP ports 53, 111,and 137, as well as the listed TCP ports.
I use the following command
netstat -ano -p tcp | findstr "18812"
and got result like this:
TCP 0.0.0.0:18812 0.0.0.0:0 LISTENING 3116
TCP 127.0.0.1:3099 127.0.0.1:18812 ESTABLISHED 5112
TCP 127.0.0.1:18812 127.0.0.1:3099 ESTABLISHED 3116
But the line 2 is not what I want,i.e: I want the lines which the source port is 18812, rather than the dst port .
Any body knows how to deal with this? Thanks very much!
Edit: I tried regular expression, but "\d","+","\s" seems not work
One small improvement to the solution in your comment to fedmich. Probably not needed for port 18812 since the max number of digits is 5, and you've used all of them. But if you are looking for a 4 digit port (or smaller), you will want to make sure there is a space after the port number.
For example, if you were looking for source port 3099
netstat -ano -p tcp | findstr /R /C:"TCP[ ]*[0-9.]*:3099 "
Are you sure you are using regular expression on the first and last part?
".*STRING.*"
Try this out.
netstat -ano -p tcp | findstr ".*:18812.*"