Hey there everyone!
The series continues , here is part 2 of Information Gathering , if you have not read the Part-1 , see to it!
This article will describe Nmap also called NetMapper , and it's use!
In my opinion, Nmap is must-use tool for all Pen-testers/Hackers!
It's over 20 years old tool!
It have so many awesome utilities!
FOLLOWING INFORMATION IS JUST FOR EDUCATIONAL PURPOSE,
I'M NOT RESPONSIBLE FOR READER's ACTIONS AFTER READING THIS!
Nmap uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.
It helps a lot to determine vulnerability and exploit that could be used against them as every application, every OS and every port have their particular vulnerability!
It's free, it have huge community that makes it even better!
So now, you can install Nmap on Linux by running following command:
sudo apt-get install nmap
And for further Platforms, download it from nmap.org
To run NMAP Software, just type nmap in Command Prompt or Terminal for Windows and Linux, respectively!
Now it will get you a hundred of lines, where it will have it's intro and all of it's parameters that can be used in NMAP.
Something like this!
Same response will be there when you run nmap --help
So , we are going to test out it's commands with some of it's parameters,
because there are too many, and if we will test all of them, it will take too long!
First of all I think we should scan a server using command given in example of nmap help!
nmap -v -A scanme.nmap.org
DESCRIPTION OF THESE PARAMETERS:::
-v : used to get verbose output, means every step will be shown in text, NOTHING WILL BE HIDDEN
-A : it will detect the OS version of server
But at least one Open and one Closed port on system is required to detect OS.
nmap also provides us with a scanning target that is scanme.nmap.org
You can scan it but make sure you don't exploit the open ports!
So, let's run the scan on scanme.nmap.org
I won't use that verbose parameter (because I personally don't like it unless I need it).
Here's result of nmap -A scanme.nmap.org :
It found too much information for us!
It mentioned the OS running on server, that is Ubuntu, It mentioned that Port 22 is open (it's usefulness is mentioned later) , it also mentioned the Server that is Apache , now it can help a lot to select perfect Exploit or, determine the vulnerability in system!
Selecting Exploit and determining vulnerability will be discussed later!
let's use Nmap on other sites!
I scanned hackthissite.org and got following results:
One parameter I used -sS is used for stealth scan, as Nmap is very noisy means that server will recognize that someone is scanning them!
now it showed three open ports that are:
Port 22 (SSH Service) - Used for Remote Login and other tasks on system, that is open.
Port 80(http Service) - The website shown to you
Port 443(https Service) - the Secure version of website shown to you!
Other 997 filtered ports are not shown means , they are protected by firewalls, so nmap can't determine if those ports are open or closed.
Open port means , it's available to communicate and closed ports won't communicate!
Question arises how this scan can help us , as you saw that port 22 (SSH) is open so , we can specifically go for SSH exploits , or you can BruteForce the SSH, so it will narrow down your testing!
Let's scan another site, this time I'll scan google, don't panic , it's legal, unless you harm the system and we won't do it!
Using these information for testing will be mentioned in upcoming articles.
If you want me to add more info in this, tell in comments, If you have any suggestions that I should write about, tell in comments!
SHARE THIS POST WITH YOUR FRIENDS,
THANKS FOR READING THE POST!
I'll BE SOON BACK WITH MORE ARTICLES
TILL THEN, FOLLOW MY INSTAGRAM ACCOUNT!
YOU'LL FIND SOME FUNNY CODING/HACKING MEMES!
The series continues , here is part 2 of Information Gathering , if you have not read the Part-1 , see to it!
This article will describe Nmap also called NetMapper , and it's use!
In my opinion, Nmap is must-use tool for all Pen-testers/Hackers!
It's over 20 years old tool!
It have so many awesome utilities!
FOLLOWING INFORMATION IS JUST FOR EDUCATIONAL PURPOSE,
I'M NOT RESPONSIBLE FOR READER's ACTIONS AFTER READING THIS!
Nmap uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.
It helps a lot to determine vulnerability and exploit that could be used against them as every application, every OS and every port have their particular vulnerability!
It's free, it have huge community that makes it even better!
So now, you can install Nmap on Linux by running following command:
sudo apt-get install nmap
And for further Platforms, download it from nmap.org
To run NMAP Software, just type nmap in Command Prompt or Terminal for Windows and Linux, respectively!
Now it will get you a hundred of lines, where it will have it's intro and all of it's parameters that can be used in NMAP.
Something like this!
Same response will be there when you run nmap --help
So , we are going to test out it's commands with some of it's parameters,
because there are too many, and if we will test all of them, it will take too long!
First of all I think we should scan a server using command given in example of nmap help!
nmap -v -A scanme.nmap.org
DESCRIPTION OF THESE PARAMETERS:::
-v : used to get verbose output, means every step will be shown in text, NOTHING WILL BE HIDDEN
-A : it will detect the OS version of server
But at least one Open and one Closed port on system is required to detect OS.
nmap also provides us with a scanning target that is scanme.nmap.org
You can scan it but make sure you don't exploit the open ports!
So, let's run the scan on scanme.nmap.org
I won't use that verbose parameter (because I personally don't like it unless I need it).
Here's result of nmap -A scanme.nmap.org :
It found too much information for us!
It mentioned the OS running on server, that is Ubuntu, It mentioned that Port 22 is open (it's usefulness is mentioned later) , it also mentioned the Server that is Apache , now it can help a lot to select perfect Exploit or, determine the vulnerability in system!
Selecting Exploit and determining vulnerability will be discussed later!
let's use Nmap on other sites!
I scanned hackthissite.org and got following results:
One parameter I used -sS is used for stealth scan, as Nmap is very noisy means that server will recognize that someone is scanning them!
now it showed three open ports that are:
Port 22 (SSH Service) - Used for Remote Login and other tasks on system, that is open.
Port 80(http Service) - The website shown to you
Port 443(https Service) - the Secure version of website shown to you!
Other 997 filtered ports are not shown means , they are protected by firewalls, so nmap can't determine if those ports are open or closed.
Open port means , it's available to communicate and closed ports won't communicate!
Question arises how this scan can help us , as you saw that port 22 (SSH) is open so , we can specifically go for SSH exploits , or you can BruteForce the SSH, so it will narrow down your testing!
Let's scan another site, this time I'll scan google, don't panic , it's legal, unless you harm the system and we won't do it!
Using these information for testing will be mentioned in upcoming articles.
If you want me to add more info in this, tell in comments, If you have any suggestions that I should write about, tell in comments!
SHARE THIS POST WITH YOUR FRIENDS,
THANKS FOR READING THE POST!
I'll BE SOON BACK WITH MORE ARTICLES
TILL THEN, FOLLOW MY INSTAGRAM ACCOUNT!
YOU'LL FIND SOME FUNNY CODING/HACKING MEMES!
Comments
Post a Comment