行健网络

?找回密码
?立即注册
查看: 2797|回复: 1
打印 上一主题 下一主题

nmap教程之命令格式及选项概要

[复制链接]
跳转到指定楼层
楼主
发表于 2014-10-4 17:22:25 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式

nmap的全称是Network Mapper(网络映射器),是一款开放源码的网络探测和安全审核工具。可以用于主机发现(Host Discovery)、端口扫描(Port Scanning)、版本侦测(Version Detection)与操作系统探测(Operating System Detection)等功能。其功能架构图如下:


best365官方四项功能之间存在大致依赖的关系,通常情况下,首先要进行主机发现,随后要确定端口,然后确定端口上运行的具体程序与版本信息,最后可进行操作系统的探测。而在四项基本功能的基础上,Nmap提供防火墙与IDS(IntrusionDetection System,入侵检测系统)的规避技巧,可以综合应用到四个基本功能的各个阶段;另外Nmap提供强大的NSE(Nmap Scripting Language)脚本引擎功能,脚本可以对基本功能进行补充和扩展。


一、命令格式

nmap [Scan Type(s)] [Options] {target specification}

nmap [ <扫描类型> ...] [ <选项> ] { <扫描目标说明> }

说明:在只有扫描目标不加任何参数的情况下,Nmap只对该主机或IP进行主机发现与端口扫描。该方式执行迅速,可以用于确定主机端口的开放状况。


二、选项概要

TARGET SPECIFICATION(目标说明):

Can pass hostnames, IP addresses, networks, etc.

Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254

-iL : Input from list of hosts/networks

-iR : Choose random targets

--exclude : Exclude hosts/networks

--excludefile : Exclude list from file

HOST DISCOVERY(主机发现):

-sL: List Scan - simply list targets to scan

-sn: Ping Scan - disable port scan

-Pn: Treat all hosts as online -- skip host discovery

-PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports

-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes

-PO[protocol list]: IP Protocol Ping

-n/-R: Never do DNS resolution/Always resolve [default: sometimes]

--dns-servers : Specify custom DNS servers

--system-dns: Use OS's DNS resolver

--traceroute: Trace hop path to each host

SCAN TECHNIQUES(端口扫描技术):

-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans

-sU: UDP Scan

-sN/sF/sX: TCP Null, FIN, and Xmas scans

--scanflags : Customize TCP scan flags

-sI : Idle scan

-sY/sZ: SCTP INIT/COOKIE-ECHO scans

-sO: IP protocol scan

-b : FTP bounce scan

PORT SPECIFICATION AND SCAN ORDER(端口说明和扫描顺序):

-p : Only scan specified ports

Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9

-F: Fast mode - Scan fewer ports than the default scan

-r: Scan ports consecutively - don't randomize

--top-ports : Scan most common ports

--port-ratio : Scan ports more common than

SERVICE/VERSION DETECTION(服务和版本探测):

-sV: Probe open ports to determine service/version info

--version-intensity : Set from 0 (light) to 9 (try all probes)

--version-light: Limit to most likely probes (intensity 2)

--version-all: Try every single probe (intensity 9)

--version-trace: Show detailed version scan activity (for debugging)

SCRIPT SCAN(脚本扫描):

-sC: equivalent to --script=default

--script=: is a comma separated list of

? ?? ?? ???directories, script-files or script-categories

--script-args=: provide arguments to scripts

--script-trace: Show all data sent and received

--script-updatedb: Update the script database.

OS DETECTION(操作系统探测):

-O: Enable OS detection

--osscan-limit: Limit OS detection to promising targets

--osscan-guess: Guess OS more aggressively

TIMING AND PERFORMANCE(时间和性能):

Options which take

's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).

-T<0-5>: Set timing template (higher is faster)

--min-hostgroup/max-hostgroup : Parallel host scan group sizes

--min-parallelism/max-parallelism : Probe parallelization

--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout

--max-retries : Caps number of port scan probe retransmissions.

--host-timeout

--scan-delay/--max-scan-delay

--min-rate : Send packets no slower than per second

--max-rate : Send packets no faster than per second

FIREWALL/IDS EVASION AND SPOOFING(防火墙/IDS躲避和哄骗):

-f; --mtu : fragment packets (optionally w/given MTU)

-D : Cloak a scan with decoys

-S : Spoof source address

-e : Use specified interface

-g/--source-port : Use given port number

--data-length : Append random data to sent packets

--ip-options : Send packets with specified ip options

--ttl : Set IP time-to-live field

--spoof-mac : Spoof your MAC address

--badsum: Send packets with a bogus TCP/UDP/SCTP checksum

OUTPUT(输出):

-oN/-oX/-oS/-oG : Output scan in normal, XML, s|

and Grepable format, respectively, to the given filename.

-oA : Output in the three major formats at once

-v: Increase verbosity level (use -vv or more for greater effect)

-d: Increase debugging level (use -dd or more for greater effect)

--reason: Display the reason a port is in a particular state

--open: Only show open (or possibly open) ports

--packet-trace: Show all packets sent and received

--iflist: Print host interfaces and routes (for debugging)

--log-errors: Log errors/warnings to the normal-format output file

--append-output: Append to rather than clobber specified output files

--resume : Resume an aborted scan

--stylesheet : XSL stylesheet to transform XML output to HTML

--webxml: Reference stylesheet from Nmap.Org for more portable XML

--no-stylesheet: Prevent associating of XSL stylesheet w/XML output

MISC(杂项):

-6: Enable IPv6 scanning

-A: Enable OS detection, version detection, script scanning, and traceroute

--datadir : Specify custom Nmap data file location

--send-eth/--send-ip: Send using raw ethernet frames or IP packets

--privileged: Assume that the user is fully privileged

--unprivileged: Assume the user lacks raw socket privileges

-V: Print version number

-h: Print this help summary page.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
沙发
发表于 2018-7-24 21:36:08 | 只看该作者
1、活动期限:2018年7月18日零时至2018年10月18日24时;
2、此活动参加对象为活动期间在微信注册的新用户;
3、凡是在微信彩票平台上注册完成且成功设置账户的用户,都能收到系统自动赠送的80元彩金。包括三类用户:
A)
在微信平台上手动注册完成且设置账户的用户;
B)
微信一键注册成功的用户;
C)通过微信扫码功能注册成功的用户。
4、赠送的80元彩金为冻结状态。置于我的账户-“冻结金额”子栏目中;
5、赠送彩金使用条件为,用户微信成功注册设置账户后(不限彩种),即可解冻80元)解冻金额进入用户现金账户,可用于购彩或提现。冻结彩金有效期截止到10月18日24时,如到期仍有剩余未解冻的活动赠送彩金,则此部分彩金自动失效;
6、本活动最终解释权归中国福利彩票发行管理中心所有,如有问题联系V信客服。
V信扫码领取:

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|小黑屋|网站地图|行健网络

GMT+8, 2019-10-16 11:14 , Processed in 0.132145 second(s), 18 queries .

Powered by Discuz! X3.2

? 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表