Jump to content

Recommended Posts

Posted

Hello

i did a nmap scan on my friends external ip address with permission, but i couldn't get inside his pc, instead the scan result showed his ISP Details,server's & what system they are running ,but not his, anybody please suggest me how to do a perfect scan?

regards

Posted

Best, externally your only gonna get to his router/firewall. (Or if the apartment handles NAT then theirs) you would have to be internal to actually nmap his specific machines. (Or they would have to be internet facing)

Posted

You could try:

nmap -PN --traceroute --script firewalk --script-args firewalk.max-probed-ports=-1 x.x.x.x

Where x.x.x is the IP address of your target, but no guarantee you will get anything depending on the end device in question.

Posted (edited)

hmmm yes i agree with mr-protocall just try some different things in different combinations, you know explore! i find -sN and -f useful tho

Could you find any open ports on his router? If there are any opened ports, you could get more information about the service running behind it, by doing some banner grabbing with Nmap.

Edit: But first make sure you got the right IP address!

Edited by Infiltrator
Posted

Could you find any open ports on his router? If there are any opened ports, you could get more information about the service running behind it, by doing some banner grabbing with Nmap.

Edit: But first make sure you got the right IP address!

Hello bro ...this is what i got on nmap scan,the ISP.in is the web url of internet service provider,this were i got confused,when i type his external ip(xxx.xxx.xx.) it shows details of his ISP.

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-03-17 09:25 GST

NSE: Loaded 63 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 09:25

Scanning xxx.xxx.xx.x [4 ports]

Completed Ping Scan at 09:25, 0.06s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 09:25

Completed Parallel DNS resolution of 1 host. at 09:25, 0.11s elapsed

Initiating SYN Stealth Scan at 09:25

Scanning ABTS-KK-Static-009.15.xxx.xxx.ISP.in(xxx.xxx.xx.x) [1000 ports]

Discovered open port 80/tcp on xxx.xxx.xx.x

Completed SYN Stealth Scan at 09:25, 4.05s elapsed (1000 total ports)

Initiating Service scan at 09:25

Scanning 1 service on ABTS-KK-Static-xxx.xx.xxx.xxx.ISP.in (xxx.xx.xxx.x)

Completed Service scan at 09:26, 5.01s elapsed (1 service on 1 host)

Initiating OS detection (try #1) against ABTS-KK-Static-009.xx.xxx.xxx.ISP.in (xxx.xxx.xx)

Retrying OS detection (try #2) against ABTS-KK-Static-009.15.166.122.ISP.in )xx.xxx.xxx

Initiating Traceroute at 09:26

Completed Traceroute at 09:26, 9.09s elapsed

NSE: Script scanning xxx.xxx.xx.x.

Initiating NSE at 09:26

Completed NSE at 09:26, 12.96s elapsed

Nmap scan report for ABTS-KK-Static-009.xx.xxx.xxx.isp.in (xxx.xxx.xx.x)

Host is up (0.0078s latency).

Not shown: 999 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http?

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

OS fingerprint not ideal because: Missing a closed TCP port so results incomplete

No OS matches for host

TRACEROUTE (using port 80/tcp)

HOP RTT ADDRESS

1 ... 30

NSE: Script Post-scanning.

Read data files from: /usr/local/bin/../share/nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 38.44 seconds

Raw packets sent: 2244 (102.196KB) | Rcvd: 535 (21.420KB)

Posted

Sounds to me like you scanned the correct address, and it just showed you the resolved DNS name. You can verify this, by asking him to go to ipchicken.com and tell you both the IP and "Name Address:" it says. Port 80 being found, most likely is his router, assuming the IP is correct and he has a router/gateway between his PC and modem/internet connection. That means his router is listening on the internet for its admin interface, and that should be disabled for the web side and only accessible over the lan so no one can

  • 2 weeks later...
Posted

Hello bro ...this is what i got on nmap scan,the ISP.in is the web url of internet service provider,this were i got confused,when i type his external ip(xxx.xxx.xx.) it shows details of his ISP.

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-03-17 09:25 GST

NSE: Loaded 63 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 09:25

Scanning xxx.xxx.xx.x [4 ports]

Completed Ping Scan at 09:25, 0.06s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 09:25

Completed Parallel DNS resolution of 1 host. at 09:25, 0.11s elapsed

Initiating SYN Stealth Scan at 09:25

Scanning ABTS-KK-Static-009.15.xxx.xxx.ISP.in(xxx.xxx.xx.x) [1000 ports]

Discovered open port 80/tcp on xxx.xxx.xx.x

Completed SYN Stealth Scan at 09:25, 4.05s elapsed (1000 total ports)

Initiating Service scan at 09:25

Scanning 1 service on ABTS-KK-Static-xxx.xx.xxx.xxx.ISP.in (xxx.xx.xxx.x)

Completed Service scan at 09:26, 5.01s elapsed (1 service on 1 host)

Initiating OS detection (try #1) against ABTS-KK-Static-009.xx.xxx.xxx.ISP.in (xxx.xxx.xx)

Retrying OS detection (try #2) against ABTS-KK-Static-009.15.166.122.ISP.in )xx.xxx.xxx

Initiating Traceroute at 09:26

Completed Traceroute at 09:26, 9.09s elapsed

NSE: Script scanning xxx.xxx.xx.x.

Initiating NSE at 09:26

Completed NSE at 09:26, 12.96s elapsed

Nmap scan report for ABTS-KK-Static-009.xx.xxx.xxx.isp.in (xxx.xxx.xx.x)

Host is up (0.0078s latency).

Not shown: 999 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http?

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

OS fingerprint not ideal because: Missing a closed TCP port so results incomplete

No OS matches for host

TRACEROUTE (using port 80/tcp)

HOP RTT ADDRESS

1 ... 30

NSE: Script Post-scanning.

Read data files from: /usr/local/bin/../share/nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 38.44 seconds

Raw packets sent: 2244 (102.196KB) | Rcvd: 535 (21.420KB)

btw you should update your nmap version!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...