Jump to content

Recommended Posts

Posted

Simple Nmap 4.85BETA5 command to scan for Downadup/Conficker.

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]

But what does it all mean?

-PN means to treat all hosts as online, and skip host discovery, which basically means don\'t try to ping ths hosts. This is useful because lots of hosts/firewalls drop icmp traffic.

-T4 is used to speed up the scan

-p139,445 tells it to scan those ports, which are related to samba windows file sharing

-n says don\'t try dns resolution

-v means make it spit out more information(aka verbose)

--script=smb-check-vulns runs the lua script smb-check-vulns, which appears to check for a few different vulnerablities. This script gets passed the safe=1 option which according to the web page tells the script to only do checks which are presumably safe for the system you are scanning against; the page warns that unsafe checks on a compromised system may cause it to crash.

Also more info on the approaching doom :rolleyes:

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...