nmap常用参数详解

                          nmap常用参数详解

                                                  作者:尹正杰

版权声明:原创作品,谢绝转载!否则将追究法律责任。

 

   借用英雄联盟的一个英雄赵信的一句话:“即使敌众我寡,末将亦能万军丛中取敌将首级!”。三国关羽,万军丛中斩了颜良,枭首而还。我打一个比方啊,如果攻击一台服务器,做为一名优秀的黑客是拿着菜刀去把服务器的电源线切断就叫攻击服务器吗?很显然并不是。先说明,黑一个商业站点不是一两个软件就可以保证成功的,也不是一天两天的“黑客”技术学习就可以做到的。如果以上两点都不成,不要讲“黑”了。有钱的话请人来黑吧。

  告诉你三点入侵前要做到的事情。如果你都可以完成,再谈具体的吧:

      1>.取得对方IP,获取对方OS类型,所打过的安全补丁,以及运行的服务程序;
      2>.针对上面的情况,扫描其漏洞;
      3>.分析所得到的情报,找出可以利用的漏洞,再进行入侵;
  总之,想黑人家的服务器,得具有比对方的网管更加利害的网络技术及应对复杂情况的能力。否则,是黑不到人的哟~
  今天我要给大家推荐一款很牛逼的软件,即Nmap。我推荐这个软件的目的是为了工作的方便,而不是为了让你去一些坏事情。所谓道高一尺魔高一丈,你如果能够战胜自己的心魔就会做一些正义的事情!所以,我们不能怪一些软件功能太逆天了,而是取决于使用该软件的人。
 
一.什么是Nmap
  Nmap是一款网络扫描和主机检测的非常有用的工具。Nmap是不局限于仅仅收集信息和枚举,同时可以用来作为一个漏洞探测器或安全扫描器。它可以适用于winodws,linux,mac等操作系统。本篇博客针对linux操作系统进行解说。
 
二.安装Nmap
[root@yinzhengjie ~]# yum -y install nmap
 
三.Nmap的常用姿势
1.扫描单一的一个主机
 1 #!/bin/bash
 2 #@author :yinzhengjie
 3 #Blog:http://www.cnblogs.com/yinzhengjie
 4 #EMAIL:y1053419035@qq.com
 5 
 6 [root@yinzhengjie ~]# nmap 172.16.96.133
 7 
 8 Starting Nmap 5.51 ( http://nmap.org ) at 2017-08-11 12:16 CST
 9 Nmap scan report for bogon (172.16.96.133)
10 Host is up (0.00060s latency).
11 Not shown: 997 closed ports
12 PORT     STATE SERVICE
13 22/tcp   open  ssh
14 80/tcp   open  http
15 3306/tcp open  mysql
16 
17 Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds
18 [root@yinzhengjie ~]#

 

2.扫描整个子网
  1 [root@yinzhengjie ~]# nmap 172.16.96.1/24
  2 
  3 Starting Nmap 5.51 ( http://nmap.org ) at 2017-08-11 13:12 CST
  4 Nmap scan report for bogon (172.16.96.1)
  5 Host is up (0.00073s latency).
  6 Not shown: 997 closed ports
  7 PORT     STATE SERVICE
  8 22/tcp   open  ssh
  9 53/tcp   open  domain
 10 3306/tcp open  mysql
 11 
 12 Nmap scan report for bogon (172.16.96.40)
 13 Host is up (0.0014s latency).
 14 Not shown: 999 filtered ports
 15 PORT   STATE SERVICE
 16 22/tcp open  ssh
 17 
 18 Nmap scan report for bogon (172.16.96.53)
 19 Host is up (0.00085s latency).
 20 Not shown: 964 filtered ports, 32 closed ports
 21 PORT     STATE SERVICE
 22 21/tcp   open  ftp
 23 80/tcp   open  http
 24 888/tcp  open  accessbuilder
 25 8888/tcp open  sun-answerbook
 26 
 27 Nmap scan report for bogon (172.16.96.60)
 28 Host is up (0.00092s latency).
 29 Not shown: 988 closed ports
 30 PORT      STATE SERVICE
 31 135/tcp   open  msrpc
 32 139/tcp   open  netbios-ssn
 33 445/tcp   open  microsoft-ds
 34 1521/tcp  open  oracle
 35 3389/tcp  open  ms-term-serv
 36 49152/tcp open  unknown
 37 49153/tcp open  unknown
 38 49154/tcp open  unknown
 39 49156/tcp open  unknown
 40 49158/tcp open  unknown
 41 49160/tcp open  unknown
 42 49161/tcp open  unknown
 43 
 44 Nmap scan report for bogon (172.16.96.61)
 45 Host is up (0.00079s latency).
 46 Not shown: 988 closed ports
 47 PORT      STATE SERVICE
 48 135/tcp   open  msrpc
 49 139/tcp   open  netbios-ssn
 50 445/tcp   open  microsoft-ds
 51 3389/tcp  open  ms-term-serv
 52 8009/tcp  open  ajp13
 53 8080/tcp  open  http-proxy
 54 49152/tcp open  unknown
 55 49153/tcp open  unknown
 56 49154/tcp open  unknown
 57 49155/tcp open  unknown
 58 49156/tcp open  unknown
 59 49159/tcp open  unknown
 60 
 61 Nmap scan report for bogon (172.16.96.80)
 62 Host is up (0.0012s latency).
 63 Not shown: 999 filtered ports
 64 PORT   STATE SERVICE
 65 22/tcp open  ssh
 66 
 67 Nmap scan report for bogon (172.16.96.90)
 68 Host is up (0.0013s latency).
 69 Not shown: 994 filtered ports
 70 PORT     STATE  SERVICE
 71 22/tcp   open   ssh
 72 80/tcp   open   http
 73 1720/tcp closed H.323/Q.931
 74 8080/tcp closed http-proxy
 75 9943/tcp open   unknown
 76 9944/tcp open   unknown
 77 
 78 Nmap scan report for bogon (172.16.96.91)
 79 Host is up (0.00095s latency).
 80 Not shown: 997 filtered ports
 81 PORT     STATE  SERVICE
 82 22/tcp   open   ssh
 83 80/tcp   open   http
 84 8080/tcp closed http-proxy
 85 
 86 Nmap scan report for bogon (172.16.96.100)
 87 Host is up (0.0016s latency).
 88 Not shown: 995 filtered ports
 89 PORT     STATE SERVICE
 90 22/tcp   open  ssh
 91 80/tcp   open  http
 92 443/tcp  open  https
 93 5988/tcp open  wbem-http
 94 5989/tcp open  wbem-https
 95 
 96 Nmap scan report for bogon (172.16.96.116)
 97 Host is up (0.0012s latency).
 98 Not shown: 985 closed ports
 99 PORT      STATE SERVICE
100 80/tcp    open  http
101 135/tcp   open  msrpc
102 139/tcp   open  netbios-ssn
103 443/tcp   open  https
104 445/tcp   open  microsoft-ds
105 593/tcp   open  http-rpc-epmap
106 3389/tcp  open  ms-term-serv
107 49152/tcp open  unknown
108 49153/tcp open  unknown
109 49154/tcp open  unknown
110 49155/tcp open  unknown
111 49156/tcp open  unknown
112 49157/tcp open  unknown
113 49159/tcp open  unknown
114 49160/tcp open  unknown
115 
116 Nmap scan report for bogon (172.16.96.117)
117 Host is up (0.00097s latency).
118 Not shown: 984 closed ports
119 PORT      STATE SERVICE
120 80/tcp    open  http
121 135/tcp   open  msrpc
122 139/tcp   open  netbios-ssn
123 443/tcp   open  https
124 445/tcp   open  microsoft-ds
125 1433/tcp  open  ms-sql-s
126 3389/tcp  open  ms-term-serv
127 49152/tcp open  unknown
128 49153/tcp open  unknown
129 49154/tcp open  unknown
130 49155/tcp open  unknown
131 49156/tcp open  unknown
132 49157/tcp open  unknown
133 49999/tcp open  unknown
134 50000/tcp open  ibm-db2
135 50002/tcp open  iiimsf
136 
137 Nmap scan report for bogon (172.16.96.119)
138 Host is up (0.00070s latency).
139 Not shown: 991 closed ports
140 PORT     STATE SERVICE
141 22/tcp   open  ssh
142 80/tcp   open  http
143 111/tcp  open  rpcbind
144 389/tcp  open  ldap
145 443/tcp  open  https
146 636/tcp  open  ldapssl
147 3306/tcp open  mysql
148 8009/tcp open  ajp13
149 8080/tcp open  http-proxy
150 
151 Nmap scan report for bogon (172.16.96.121)
152 Host is up (0.00099s latency).
153 Not shown: 995 closed ports
154 PORT     STATE SERVICE
155 21/tcp   open  ftp
156 135/tcp  open  msrpc
157 139/tcp  open  netbios-ssn
158 1025/tcp open  NFS-or-IIS
159 1433/tcp open  ms-sql-s
160 
161 Nmap scan report for bogon (172.16.96.124)
162 Host is up (0.0017s latency).
163 Not shown: 996 closed ports
164 PORT     STATE SERVICE
165 22/tcp   open  ssh
166 111/tcp  open  rpcbind
167 8009/tcp open  ajp13
168 8080/tcp open  http-proxy
169 
170 Nmap scan report for bogon (172.16.96.125)
171 Host is up (0.00084s latency).
172 Not shown: 996 closed ports
173 PORT     STATE SERVICE
174 22/tcp   open  ssh
175 111/tcp  open  rpcbind
176 8009/tcp open  ajp13
177 8080/tcp open  http-proxy
178 
179 Nmap scan report for bogon (172.16.96.126)
180 Host is up (0.0014s latency).
181 Not shown: 998 closed ports
182 PORT    STATE SERVICE
183 22/tcp  open  ssh
184 111/tcp open  rpcbind
185 
186 Nmap scan report for bogon (172.16.96.127)
187 Host is up (0.0011s latency).
188 Not shown: 995 closed ports
189 PORT     STATE SERVICE
190 22/tcp   open  ssh
191 80/tcp   open  http
192 111/tcp  open  rpcbind
193 8009/tcp open  ajp13
194 8080/tcp open  http-proxy
195 
196 Nmap scan report for bogon (172.16.96.128)
197 Host is up (0.00092s latency).
198 Not shown: 998 closed ports
199 PORT    STATE SERVICE
200 22/tcp  open  ssh
201 111/tcp open  rpcbind
202 
203 Nmap scan report for bogon (172.16.96.129)
204 Host is up (0.00092s latency).
205 Not shown: 996 closed ports
206 PORT     STATE SERVICE
207 22/tcp   open  ssh
208 111/tcp  open  rpcbind
209 8009/tcp open  ajp13
210 8080/tcp open  http-proxy
211 
212 Nmap scan report for bogon (172.16.96.130)
213 Host is up (0.0016s latency).
214 Not shown: 993 closed ports
215 PORT     STATE SERVICE
216 135/tcp  open  msrpc
217 139/tcp  open  netbios-ssn
218 445/tcp  open  microsoft-ds
219 912/tcp  open  apex-mesh
220 1026/tcp open  LSA-or-nterm
221 1044/tcp open  dcutility
222 3389/tcp open  ms-term-serv
223 
224 Nmap scan report for bogon (172.16.96.131)
225 Host is up (0.0013s latency).
226 Not shown: 995 closed ports
227 PORT     STATE SERVICE
228 22/tcp   open  ssh
229 111/tcp  open  rpcbind
230 8009/tcp open  ajp13
231 8080/tcp open  http-proxy
232 8180/tcp open  unknown
233 
234 Nmap scan report for bogon (172.16.96.133)
235 Host is up (0.0011s latency).
236 Not shown: 997 closed ports
237 PORT     STATE SERVICE
238 22/tcp   open  ssh
239 80/tcp   open  http
240 3306/tcp open  mysql
241 
242 Nmap scan report for bogon (172.16.96.135)
243 Host is up (0.00082s latency).
244 Not shown: 997 closed ports
245 PORT    STATE SERVICE
246 22/tcp  open  ssh
247 80/tcp  open  http
248 111/tcp open  rpcbind
249 
250 Nmap scan report for bogon (172.16.96.136)
251 Host is up (0.00090s latency).
252 Not shown: 995 closed ports
253 PORT     STATE SERVICE
254 22/tcp   open  ssh
255 80/tcp   open  http
256 111/tcp  open  rpcbind
257 8009/tcp open  ajp13
258 8080/tcp open  http-proxy
259 
260 Nmap scan report for bogon (172.16.96.137)
261 Host is up (0.00093s latency).
262 Not shown: 995 closed ports
263 PORT     STATE SERVICE
264 22/tcp   open  ssh
265 111/tcp  open  rpcbind
266 8009/tcp open  ajp13
267 8080/tcp open  http-proxy
268 9200/tcp open  wap-wsp
269 
270 Nmap scan report for bogon (172.16.96.138)
271 Host is up (0.00090s latency).
272 Not shown: 997 closed ports
273 PORT    STATE SERVICE
274 22/tcp  open  ssh
275 80/tcp  open  http
276 111/tcp open  rpcbind
277 
278 Nmap scan report for bogon (172.16.96.139)
279 Host is up (0.00096s latency).
280 Not shown: 998 closed ports
281 PORT   STATE SERVICE
282 22/tcp open  ssh
283 80/tcp open  http
284 
285 Nmap scan report for bogon (172.16.96.140)
286 Host is up (0.00095s latency).
287 Not shown: 998 closed ports
288 PORT     STATE SERVICE
289 22/tcp   open  ssh
290 8080/tcp open  http-proxy
291 
292 Nmap scan report for bogon (172.16.96.141)
293 Host is up (0.00091s latency).
294 Not shown: 998 closed ports
295 PORT     STATE SERVICE
296 22/tcp   open  ssh
297 3306/tcp open  mysql
298 
299 Nmap scan report for bogon (172.16.96.143)
300 Host is up (0.0012s latency).
301 Not shown: 996 filtered ports
302 PORT     STATE  SERVICE
303 22/tcp   open   ssh
304 80/tcp   open   http
305 443/tcp  closed https
306 3306/tcp open   mysql
307 
308 Nmap scan report for bogon (172.16.96.188)
309 Host is up (0.00058s latency).
310 Not shown: 991 closed ports
311 PORT      STATE SERVICE
312 22/tcp    open  ssh
313 80/tcp    open  http
314 111/tcp   open  rpcbind
315 1234/tcp  open  hotline
316 1521/tcp  open  oracle
317 2809/tcp  open  corbaloc
318 9100/tcp  open  jetdirect
319 32768/tcp open  filenet-tms
320 32776/tcp open  sometimes-rpc15
321 
322 Nmap scan report for bogon (172.16.96.200)
323 Host is up (0.00089s latency).
324 Not shown: 984 closed ports
325 PORT      STATE SERVICE
326 80/tcp    open  http
327 81/tcp    open  hosts2-ns
328 135/tcp   open  msrpc
329 139/tcp   open  netbios-ssn
330 445/tcp   open  microsoft-ds
331 1521/tcp  open  oracle
332 1688/tcp  open  nsjtp-data
333 3389/tcp  open  ms-term-serv
334 4000/tcp  open  remoteanything
335 4001/tcp  open  newoak
336 8011/tcp  open  unknown
337 49152/tcp open  unknown
338 49153/tcp open  unknown
339 49154/tcp open  unknown
340 49155/tcp open  unknown
341 49158/tcp open  unknown
342 
343 Nmap scan report for bogon (172.16.96.205)
344 Host is up (0.00089s latency).
345 Not shown: 998 closed ports
346 PORT    STATE SERVICE
347 22/tcp  open  ssh
348 111/tcp open  rpcbind
349 
350 Nmap scan report for bogon (172.16.96.222)
351 Host is up (0.00085s latency).
352 Not shown: 997 closed ports
353 PORT     STATE SERVICE
354 22/tcp   open  ssh
355 80/tcp   open  http
356 3306/tcp open  mysql
357 
358 Nmap scan report for bogon (172.16.96.235)
359 Host is up (0.00096s latency).
360 Not shown: 987 closed ports
361 PORT     STATE SERVICE
362 80/tcp   open  http
363 135/tcp  open  msrpc
364 139/tcp  open  netbios-ssn
365 445/tcp  open  microsoft-ds
366 1025/tcp open  NFS-or-IIS
367 1026/tcp open  LSA-or-nterm
368 1027/tcp open  IIS
369 1074/tcp open  warmspotMgmt
370 1433/tcp open  ms-sql-s
371 2382/tcp open  ms-olap3
372 3372/tcp open  msdtc
373 5120/tcp open  unknown
374 9001/tcp open  tor-orport
375 
376 Nmap scan report for bogon (172.16.96.236)
377 Host is up (0.00076s latency).
378 Not shown: 994 filtered ports
379 PORT      STATE SERVICE
380 21/tcp    open  ftp
381 80/tcp    open  http
382 443/tcp   open  https
383 8080/tcp  open  http-proxy
384 8088/tcp  open  radan-http
385 49154/tcp open  unknown
386 
387 Nmap scan report for bogon (172.16.96.250)
388 Host is up (0.00079s latency).
389 Not shown: 994 filtered ports
390 PORT      STATE SERVICE
391 80/tcp    open  http
392 135/tcp   open  msrpc
393 139/tcp   open  netbios-ssn
394 5120/tcp  open  unknown
395 49153/tcp open  unknown
396 49154/tcp open  unknown
397 
398 Nmap scan report for bogon (172.16.96.254)
399 Host is up (0.0016s latency).
400 Not shown: 989 closed ports
401 PORT      STATE    SERVICE
402 23/tcp    open     telnet
403 50300/tcp filtered unknown
404 50389/tcp filtered unknown
405 50500/tcp filtered unknown
406 50636/tcp filtered unknown
407 50800/tcp filtered unknown
408 51493/tcp filtered unknown
409 52673/tcp filtered unknown
410 52822/tcp filtered unknown
411 52848/tcp filtered unknown
412 52869/tcp filtered unknown
413 
414 Nmap done: 256 IP addresses (38 hosts up) scanned in 18.86 seconds
415 [root@yinzhengjie ~]#
[root@yinzhengjie ~]# nmap 172.16.96.1/24

相关文章:

  • 2021-08-10
  • 2021-09-29
  • 2022-12-23
  • 2021-08-31
  • 2022-12-23
  • 2021-06-08
  • 2021-06-24
猜你喜欢
  • 2021-12-22
  • 2021-12-16
  • 2021-11-18
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode