MarcusGER Posted October 20, 2019 Share Posted October 20, 2019 Hi there, I look for a injection to scan the whole Network, IPs, Ports, etc. like netdiscover. Can someone help me, to make, cause my programming knowings are not so good... For EX: I want to stick the Shark into a Switch, it discovers the whole Network and save it into a txt file. Quote Link to comment Share on other sites More sharing options...
Didier Stevens Posted October 21, 2019 Share Posted October 21, 2019 You don't need programming skills to achieve this. Open payload.sh, and search for this line at the beginning: NMAP_OPTIONS="-sP" Customize it with the nmap options you want. Quote Link to comment Share on other sites More sharing options...
Flatlinebb Posted November 14, 2019 Share Posted November 14, 2019 (edited) I would like to share the nmap options that I found useful to run from the Shark Jack, without causing the scan to take so long that that battery dies. It outputs useful info for a quick scan, that will tell you about potential targets or vulnerabilities. I'm not going to explain every port listed, some should be very familiar to most IT people. Feel free to omit the ports you don't care about. NMAP_OPTIONS="-p 21,22,23,53,69,80,123,139,443,445,554,1812,3389,5220,2022,4242,4343,5000,5650,5655,5670,5800,5900,8080,8333,8222,8765,8008,8009,8181,8282,8383,8484,8888,8443,9000,10000,32400,32401,32402,49153 --open" (This is literally the line from the Shark Jack sample nmap scan payload. So if you try to run that manually in the shell, it will not work, obviously.) For example, port 10000 is used by Webmin by default. Webmin had a vulnerability where it would allow getting the root password or root access. So this scan would tell me that some machine is using it, and I can follow up with further scans to see what version of Webmin it is and if it has been patched. Port 139 is used by NETBIOS, so it quickly identifies Windows computers, especially if they are running an older OS. And so forth. EDIT: Here is an example of the output for one network object. See if you can guess what it is 😉 Nmap scan report for 192.168.0.24 Host is up (0.00065s latency). Not shown: 35 closed ports PORT STATE SERVICE 22/tcp open ssh 139/tcp open netbios-ssn 445/tcp open microsoft-ds 8080/tcp open http-proxy 9000/tcp open cslistener 32400/tcp open plex MAC Address: F0:1F:AF:40:3D:F2 (Dell) Edited November 14, 2019 by Flatlinebb Added example output Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.