Anonymous123 Posted July 21, 2015 Share Posted July 21, 2015 I installed masscan by typing in these commands on my Pi 2B and they installed just fine but I can't seem to find masscan. I typed in cd masscan/bin but my pi told me that masscan/bin isn't a file or directory. Here is a link to the masscan github page https://github.com/robertdavidgraham/masscan and here are the commands I typed sudo apt-get install git gcc make libpcap-dev $ git clone https://github.com/robertdavidgraham/masscan $ cd masscan $ make Quote Link to comment Share on other sites More sharing options...
Anonymous123 Posted July 21, 2015 Author Share Posted July 21, 2015 (edited) I fixed that problem but I discovered I have a new problem with masscan. Masscan has it's own tcp/ip stack thank the machine it runs on. This interferes with my banner checking using masscan. So how do I give masscan a different ip address from my pi's ip? My pi is connected via ethernet. Edited July 21, 2015 by rpiswag Quote Link to comment Share on other sites More sharing options...
Anonymous123 Posted July 21, 2015 Author Share Posted July 21, 2015 I have two ways that I know of to fix this banner scanning problem. I can give masscan it's own ip address or I can set a ip tables rule like this iptables -A INPUT -p tcp --dport 60000 -j DROP. What does that iptables rule do and how can I run that command on boot? Quote Link to comment Share on other sites More sharing options...
cooper Posted July 21, 2015 Share Posted July 21, 2015 (edited) You need to clone your network device. Wherever it may be that you define your network settings, include a duplicate where the device name has ":1" tacked onto it. So if your actual device is eth0 you should set up an eth0:1 and it will do just that. You can operate this secondary device as you would any other ethernet device. Once it's got its unique IP you tell masscan about it and be on your merry way. Note that if your device talks to the internet via your router, this funky tcp/ip stack is going to mess up your router's stack instead of your own. In other words, only scan your own network, which is a bit of general advice that particularly applies here. Edited July 21, 2015 by Cooper Quote Link to comment Share on other sites More sharing options...
Anonymous123 Posted July 21, 2015 Author Share Posted July 21, 2015 (edited) Can you answer my questions about ip tables? Edited July 21, 2015 by rpiswag Quote Link to comment Share on other sites More sharing options...
cooper Posted July 21, 2015 Share Posted July 21, 2015 All incoming TCP traffic destined for port 60000 should be dropped. And how you start a program on boot is distro-specific, but check out what's in /etc/rc.* Quote Link to comment Share on other sites More sharing options...
fugu Posted July 21, 2015 Share Posted July 21, 2015 just a quick question, why masscan and not nmap? I'm pretty sure nmap should be able to most types of scans, i think anyway. And will most likely be maintained well for some time to come. Quote Link to comment Share on other sites More sharing options...
Anonymous123 Posted July 21, 2015 Author Share Posted July 21, 2015 masscan is great if you want to scan several hundred computers but nmap is great if you are scanning a small number of computers. Quote Link to comment Share on other sites More sharing options...
Anonymous123 Posted July 22, 2015 Author Share Posted July 22, 2015 Can you list the commands I need to type to give masscan it's own ip address. I do want to scan outside of my local network but on the masscan github page it states that it was works best when masscan has it's own ip? Quote Link to comment Share on other sites More sharing options...
cooper Posted July 22, 2015 Share Posted July 22, 2015 I can't give you the commands because I don't own a Pi nor do I run Debian anywhere. And really, if you're hacking with a device it really, REALLY helps to know these basic things. I've told you what you need to alter so all you have to do is figure out how you initially set up the networking bits and duplicate those bits for the additional network device. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.