nmap -p445 --script=smb-security-mode 192.168.1.1
nmap -p445 --script=smb-os-discovery 192.168.1.1
nmap -p445 --script=smb-enum-shares 192.168.1.1
nmap -v -p445 --script=smb-enum-shares --script-args=smbuser=test,smbpass=test 192.168.1.1
nmap -v -p445 --script=smb-enum-users 192.168.1.1
nmap -v -p445 --script=smb-enum-sessions 192.168.1.1
nmap -p445 --script=smb-enum-processes --script-args=smbuser=test,smbpass=test ip
nmap -p445 --script=smb-system-info 192.168.1.1
nmap -p445 --script=smb-check-vulns 192.168.1.1
Scan 1: syn stealth, ping both, ports 1-65535
# nmap -sS -PB -p 1-65535 -T Insane 192.168.0.99
Scan 2: null scan, ping both, fast ports, os detect
# nmap -sN -PB -F -O -T Insane 192.168.0.99
Scan 3: xmas scan, ping both, ports 1-1024, os detect
# nmap -sX -PB -p 1-1024 -O -T Insane 192.168.0.99
Scan 4: connect scan, no ping, fast ports
# nmap -sT -P0 -F -O -T Insane 192.168.0.99
Scan 5: xmas scan, ping both, fast ports, insane timing, spoofed decoy IPs
# nmap -sX -PB -F -T Insane -D 192.168.0.1,192.168.0.254,192.168.0.199 192.168.0.99
or using the ME option:
# nmap -sX -PB -F -T Insane -D 192.168.0.1,192.168.0.254,ME,192.168.0.199 192.168.0.99
No comments:
Post a Comment