Quinnifer Posted May 23, 2017 Share Posted May 23, 2017 I have done this before but it has been forever and I can't find how I used to do it. Using nmap, I have a list of ip addresses I want to scan on only port 21. My breakdown would be to tell nmap to check a txt file for the ip's and then scan each one for accessible ports on port 21 and return a list of those ports. In case there is a better way than I have stated here is more info on what I am doing. I used an old spider I wrote years ago to locate ftp's that are open (no user/pass) and it made me a txt file of the ones it found. Used to this list would mean I only had to ftp in and I was ok. But now for some reason the list it returned of ip's will only let me ftp into maybe 1 out of every 4 or 5. This spider I wrote back in 99 or 2000 so things have changed somewhere. I have not needed to do this for that long so it has been sitting. Now I have a need to locate open/unsecured ftps and have spent the day trying to find a better way between taking calls so I am finally asking for help! Thanks Quote Link to comment Share on other sites More sharing options...
digininja Posted May 23, 2017 Share Posted May 23, 2017 what are you looking for these services for? Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 23, 2017 Author Share Posted May 23, 2017 Brushing up on my auditing skills because in a couple of months I start a new job where my main responsibility will be auditing large blocks of ftp for an isp. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 23, 2017 Share Posted May 23, 2017 This should work nmap -iL <list of IPs> -p 21 -oA ftp_test --script ftp-anon Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 23, 2017 Author Share Posted May 23, 2017 My eyes are buggin here. Correct me if I am wrong which I may be, but this cannot be modified to can more ip's can it. To do more IP's would require a .cvs file or something? I also didn't realize there was a script for this. I knew I needed some brushing up on nmap but I may need more than I thought. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 23, 2017 Share Posted May 23, 2017 -iL takes a file full of IPs, subnets or anything else that resolves to a host you want to give it. It can be as long as you want. Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 23, 2017 Author Share Posted May 23, 2017 I made a mistake with that question. I meant ports. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 23, 2017 Share Posted May 23, 2017 To specify other ports add them to -p -p 21,2121,1234 Quote Link to comment Share on other sites More sharing options...
digip Posted May 23, 2017 Share Posted May 23, 2017 Off topic, just wondering if your first name is Quinn? Just curious, as that is my oldest daughters name, and also one of her nicknames is Quinnifer. Quote Link to comment Share on other sites More sharing options...
0phoi5 Posted May 24, 2017 Share Posted May 24, 2017 11 hours ago, digip said: Off topic, just wondering if your first name is Quinn? Just curious, as that is my oldest daughters name, and also one of her nicknames is Quinnifer. Potential long-lost father/daughter hacker team? I feel a movie coming on. Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 24, 2017 Author Share Posted May 24, 2017 Since I only get 4 posts per day right now I am gonna use this to cram a good bit in. digip, I am the opposite of your daughter my birth name is Quinnifer but I am called Quinn. Quinn in my mothers maiden name and she is related to Anthony Quinn. My mothers first name is Jennifer so she carried her maiden name over with her name thus I am named Quinnifer. digininja, using your nmap -iL <list of IPs> -p 21 -oA ftp_test --script ftp-anon I couldn't get to work. I played around a bit though and found that this worked nmap -p21 --script ftp-anon -iL c:\<ip's>.txt If I may add to the original question. Using my nmap -p21 --script ftp-anon -iL c:\<ip's>.txt can I change it some and have nmap scan a range of ip's and then I can do away with my program I wrote years ago and use nmap for the whole thing. Right now I am using my old program to scan a range of ip's then exporting a list to a .txt file and then having nmap scan that list of IP's for open ftp's. The process is lengthy. When I start my new job I will be working from home but nmap proficiency is required, so I am trying to cram in more to what I know and hate wasted steps. I also want to thank you for your assistance thus far. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 24, 2017 Share Posted May 24, 2017 As the difference is the -oA, it probably failed trying to write the log file out if you were in a directory you didn't have write access to. Which bit is nmap not doing for you? You give it a list or range of IPs and it will scan them for the open ports and then test for anonymous access on any it finds. What additional work is your own script doing? Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 24, 2017 Author Share Posted May 24, 2017 So your saying using the .txt with the range like (example 24.235.100.000/200.000 or like this 24.235.100.000- 24.235.200.000) and it will scan through. I am using a program I wrote years ago to perform the search for open ports between ranges and then exporting to a file for nmap to scan to see which ones are able to be logged into. Way back when I wrote the program there wasn't anything around that did what I wanted it to do. So if I can use nmap to perform everything then that is what I would like to do. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 24, 2017 Share Posted May 24, 2017 They have a whole range of ways to specify the ranges https://nmap.org/book/man-target-specification.html When did you last do this as nmap has been out since early 1999 Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 24, 2017 Author Share Posted May 24, 2017 On 5/23/2017 at 1:54 PM, Quinnifer said: This spider I wrote back in 99 or 2000 so things have changed somewhere. I have used nmap off and on but was moving in a different direction so I only played with it. Till now anyways. This may be my last posting allowed so I was wondering how long the limit lasts. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 24, 2017 Share Posted May 24, 2017 Not sure what the limit is, @Digi-p will know though. Quote Link to comment Share on other sites More sharing options...
digip Posted May 25, 2017 Share Posted May 25, 2017 What I miss? limit for what now? Quote Link to comment Share on other sites More sharing options...
digininja Posted May 25, 2017 Share Posted May 25, 2017 New members have a limit on the number of posts they can do in a day or something like that. Just wondering when it clears. Quote Link to comment Share on other sites More sharing options...
digip Posted May 25, 2017 Share Posted May 25, 2017 I didn't know there was a daily limit for new users. I knew they put limits on show many posts before you can edit and post links generally, but I see a lot of that has changed over the years. I'm not a forum admin, so I don't see any of that side of things, but mrprotocol or seb would probably know. Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 26, 2017 Author Share Posted May 26, 2017 Yes, if I post 4 times then on the 5th I do not have the "Reply To This Post" and it includes private messages also. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 26, 2017 Share Posted May 26, 2017 Back on topic, is your port scanning problem answered now? Quote Link to comment Share on other sites More sharing options...
Quinnifer Posted May 26, 2017 Author Share Posted May 26, 2017 Yes and I thank you all very much. This thread I suppose is done. I have been playing with nmap like crazy and I am picking it up pretty well although I am sure I will have more questions but maybe now I can browse more and be of some help to some others. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.