Jump to content

Search the Community

Showing results for tags 'nmap'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. I've got a device popping up on my wireless that I'm having a hard time identifying. I scanned it with NMAP and it identified itself as a Fortigate Device (see details below). I also tried to hit it with Nessus, but unfortunately whenever I attempt to scan the device for any period of time, it drops off the network. I've blocked it from any outbound traffic in my firewall an logging packets (so far none seen). I also created a static DHCP address for the MAC address so when it does come online, it always gets the same IP address. Trying to determine whether I have a wireless interloper or this
  2. Nmap Quickscan with Discord Integration (Cleaned & C2 Enabled) This is a cleaned up output version of the Original Nmap Scan that Hak5 introduces us to. The Payload waits for "Internet Connection" to be present. Once Internet Connection is found, It scans the local subnet for any online devices. - While also logging the Public IP of the Victim's Network (Very useful when you are scanning multiple networks in a short amount of time.) payload.sh #!/bin/bash # Title: Nmap Quickscan w/ Discord Integration (Cleaned & C2 Enabled) # Author: REDD of Private-Loc
  3. I am using latest Zenmap in case it means anything. Re-learning Nmap. I am trying to nail down the best option to locate where some IP's are by Nmap only. I understand there is always a chance of error. But what option with in Nmap will provide the best options only through Nmap. I have narrowed down so far to The below. nmap -sC -iL ip-list.txt -oA "C:\\\\Users\\\\Universe\\\\Desktop\\\\Logs\\\\ip-List-Results-b" --open --system-dns -Pn --script ip-geolocation-geoplugin --traceroute Am I close? What would you people do if you wanted to nail a location as close as yo
  4. Hi Im trying to use the nmap script http-default-accounts with this command : nmap -d2 -sV --script=http-default-accounts The default fingerprint lua file contains the default password admin and user admin for my cisco router. but the output does not say anything about it. The debug output shows that the default credentials do get checked, but then I get an ssl error on port 80. What am I doing wrong? Debug ouput: npcap service is already running. wpcap.dll present, library version: Npcap version 0.9986, based on libpcap version 1.9.1 Starting Nma
  5. I am trying to use NMap with Google Safe Browsing API to check if a host is malicious or not. I used VirusTotal API for the same purpose and it returned appropriate results but the Google API did not. I am using Kali Linux on VM Ware Player. The commands I have typed are:- 1)nmap -p80 --script http-google-malware <target> 2)nmap $nmap -p80 --script http-google-malware --script-args http-google-malware.api=<API> <target> To use VirusTotal API, I used the command - nmap -sV --script=http-malware-host <target> and it worked. I am expecting an outp
  6. I'm working through the Metasploitable 3 vulnerabilities. One of the frequent ones I see mentioned is Elasticsearch on port 9200. I can't get nmap to identify that port as Elasticsearch. Even when I do a -A -sV --version-all (and a bunch of other noisy scans) the best it can do is say it's the default wap-wsp port. So, I have 2 questions: Will Elasticsearch always be running on that port? Can anything be preventing nmap from identifying it on 9200? I'm running through virtualbox - I've heard it can drop some packets when looking at wireshark, but I haven't heard whether th
  7. Hey y'all, just wanted to share my slightly modified nmap scan payload. It scans a bunch of ports, saves the output with a date stamp and multiple output types, and then uploads the loot to the C2 server. #!/bin/bash # # Title: Custom Nmap Payload for Shark Jack # Author: Flatlinebb # Version: 1.02 # # Scans target subnet with Nmap using specified options. Saves each scan result # to loot storage folder. Uploads loot to your C2 server # # Red ...........Setup # Amber..........Scanning # Green..........Finished # # See nmap --help for options. Default "-sP" ping scans the address space
  8. Module: nmap Version: 1.4 Features: Manage dependencies Configure nmap options Live output Run History Change log: 1.4 Bug fixes
  9. I got a big problem with nmap .... all the ports of a target are filtered by the firewall ...I've tried many ways to scan the ports including the ways mentioned by Hak5 ...but I always get the same output which is that all the 1000 scanned ports are filtered by the firewall ... So if anyone could tell my how to solve this problem Plz HELP !!!!
  10. Hi. I have installed the nmap module, and its dependencies, but after that its shows nmap is not running... Can anyone help me?
  11. I installed the module and the dependencies. When I try to run it in the GUI nothing happens, and when I ry to run it from the command line I get "nmap: can't load library 'libpcap.so.1.3'." Is nmap broken or am I doing something wrong?
  12. Was wondering if it is possible to inject packets while the PS is in monitor mode? Or would this be pointless? if possible you could carry out an arp/nmap scan and it could be made to appear it’s coming from the host pc. Obviously I know one of the net modes allows the PS to present one IP on one interface and another IP on the other.
  13. Hello, I'am wondering if following setup would be possible 1x throwing star TAP 1x Packet squirrel Action: Connect both Ethernet cables for sniffing from throwing star to packet squirrel and capture network traffic for both interface to one pcap file Appreciate if anyone can confirm this :)
  14. Can you spoof or zombie an ip using smb-flood.nse in nmap.
  15. Hi all, im undergoing a project to determine which penetration testing tools are better suited for information gathering when using Kali to attack a Metapsloitable 2 machine and a Windows XP SP3 machine. All of this research and testing is focusing on users with limited knowledge who may be just starting out in terms of testing tools. The three tools that were chosen to compare were Nmap, Unicornscan and Dmitry and the returned results were as follows: Metasploitable 2 Windows XP Nmap 23 3
  16. I have done this before but it has been forever and I can't find how I used to do it. Using nmap, I have a list of ip addresses I want to scan on only port 21. My breakdown would be to tell nmap to check a txt file for the ip's and then scan each one for accessible ports on port 21 and return a list of those ports. In case there is a better way than I have stated here is more info on what I am doing. I used an old spider I wrote years ago to locate ftp's that are open (no user/pass) and it made me a txt file of the ones it found. Used to this list would mean I only had to ftp in and I was ok.
  17. Hi there, I recently have a project where we made a phyton script that uses nmap for network scanning. It will spawn threads for different type of scans (sS, sU, sF, and sN We set up a cloud that will run our script and scan around 60 hosts for 20k ports for each scans. These are different servers with different configuration (all of which will be legally scan). However, our scans is taking some time (2-3 days) to complete. I would just like to ask if this is normal. I am thinking it is taking a while because we are exhausting ports. In your experience, h
  18. So this is definitely me not knowing nearly enough about networking but when i scan a live host on my lab network with Nmap (Using Metasploitable as the OS as a VM) i get a list of services and the ports they run on as you would expect. However if i perform a scan using my ISP provided IPV6 IP address i simply get the port 111 and rpcbind. So all im trying to confirm is, i wont actually be able to get a list of services and ports for a particular host until im in the network, correct? Scanning the ISP IP is basically just scanning my router isn't it?
  19. Hey all, I've been learning nmap for the last week, scanning my own network for practice. I've managed to find open ports on other devices, however when I scan my Windows 10 machine, all ports are always filtered. I've tried; fragmenting the packets with -f spoofing my MAC to that of my internet Hub slowing down the scan with -T2 and --scan-delay turning off PING with -Pn But nmap always returns that all 1000 ports are filtered. The machine has Windows firewall turned on, but no other firewall software running. Any ideas? Thanks,
  20. Hello, Does anyone have used port scanners like nmap, or vulnerability scaners like nessus, openvas, etc. while providing internet via computer? I'm using the nano on Ubuntu 14.04 using wp6.sh. I've succesfully deauthed some clients (i'm still learning so it's not perfect) and bumped them to connect to the pineapple but when i try to use any scanner using the pineapple's ip, the results are as if i was scanning a host that's not connected. So, nmap shows "scanned X ips, 0 hosts where up", nessus and openvas finish the task with zero results and metasploit can't complete any exploits because
  21. Greetings, I'm attempting the practical portion of the CPT exam, and am trying to run an nmap scan to find the IP of a specific virtual machine. When the VM is in bridged mode, how does it then interact with the IP of the host machine? Any insight is appreciated!
  22. Hi all, I'm running the following script in NMAP... nmap -sS -T2 -P0 -V [IP Address] -D [Decoy IPs, separated by commas] ... and I get the following output... Nmap version 6.49BETA5 ( https:\\nmap.org ) Platform: arm-unknown-linux-gnueabihf Compiled with: liblua-5.2.3 openssl-1.0.1k libpcre-8.35 nmap-libpcap-1.7.3 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: epoll poll select (sana)USERNAME@localhost:~$ ...and that's it. No actually output from nmap is given. Why is this not giving me anything? What have I done incorrectly? Thank you.
  23. Hey guys - When I try to run the nmap scan, I'm not able to configure a log location. I select the "Log - Choose Log Location" from the turtle gui, but I don't go to another screen, it just flashes the same screen. I setup sshfs just fine so I don't clog up the internal storage on the device, so ideally I'd point the nmap to /sshfs. Any ideas? Known bug? Anyone else able to reproduce this? Thanks in advance telot
  24. Hi every one, I have a Windows XP system with ZoneAlarm firewall installed. I have 2 raspberry Pi computers with Nmap installed I have been attempting to use one RPI to scan the XP system but I am trying to fool ZoneAlarm into thinking the scan came from another address. So I have XP system on ZoneAlarm installed. RPI 1 on 192,168.0.13 - set as untrusted on ZoneAlarm RPI 2 on - set as trusted on ZoneAlarm I ran a decoy scan from RPI 1 to the XP system. I get the results from the scan but ZoneAlarm knows the scan came from and the IP shows up in th
  25. im looking to scan a wifi hotspot that has Client side isolation i've tried nmap --Pn (i think that the correct command from memory ) but nothing i can only see the firewall and the server. Thanks, Macy
  • Create New...