zoukankan      html  css  js  c++  java
  • nmap使用记录

    扫描目标主机使用的操作系统。

    root@bt:~# nmap -sT -O -A 192.168.1.133
    
    Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-08-31 02:28 EDT
    Nmap scan report for 192.168.1.133
    Host is up (0.090s latency).
    Not shown: 986 closed ports
    PORT     STATE    SERVICE         VERSION
    80/tcp   open     http            Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
    |_http-methods: No Allow or Public header in OPTIONS response (status code 404)
    |_http-title: Not Found
    135/tcp  open     msrpc           Microsoft Windows RPC
    139/tcp  open     netbios-ssn
    445/tcp  open     netbios-ssn
    514/tcp  filtered shell
    902/tcp  open     ssl/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP)
    912/tcp  open     vmware-auth     VMware Authentication Daemon 1.0 (Uses VNC, SOAP)
    1025/tcp open     msrpc           Microsoft Windows RPC
    1026/tcp open     msrpc           Microsoft Windows RPC
    1027/tcp open     msrpc           Microsoft Windows RPC
    1029/tcp open     msrpc           Microsoft Windows RPC
    1030/tcp open     msrpc           Microsoft Windows RPC
    1433/tcp open     ms-sql-s        Microsoft SQL Server 2008 R2 10.50.1600.00; Pre-RTM
    2383/tcp open     ms-olap4?
    Device type: general purpose
    Running: Microsoft Windows 7(这里是目标使用的操作系统)
    OS CPE: cpe:/o:microsoft:windows_7:::enterprise
    OS details: Microsoft Windows 7 Enterprise(操作系统的版本)
    Network Distance: 2 hops
    Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
    
    Host script results:
    |_nbstat: NetBIOS name: TKE-PC(这里是计算机名称), NetBIOS user: <unknown>, NetBIOS MAC: 70:71:bc:79:fa:54 (Pegatron)   (网卡mac地址)
    | smb-security-mode: 
    |   Account that was used for smb scripts: guest
    |   User-level authentication
    |   SMB Security: Challenge/response passwords supported
    |_  Message signing disabled (dangerous, but default)
    |_smbv2-enabled: Server supports SMBv2 protocol
    | smb-os-discovery: 
    |   OS: Windows 7 Ultimate 7600 (Windows 7 Ultimate 6.1)
    |   NetBIOS computer name: TKE-PC
    |   Workgroup: WORKGROUP
    |_  System time: 2012-08-31 02:31:37 UTC+8
    | ms-sql-info: 
    |   [192.168.1.133:1433]
    |     Version: Microsoft SQL Server 2008 R2 Pre-RTM
    |       Version number: 10.50.1600.00
    |       Product: Microsoft SQL Server 2008 R2
    |       Service pack level: Pre-RTM
    |_    TCP port: 1433
    
    TRACEROUTE (using proto 1/icmp)
    HOP RTT     ADDRESS
    1   0.13 ms 192.168.129.2
    2   0.75 ms 192.168.1.133
    
    OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 188.80 seconds
    

     这样,就探测出了主机系统为win7,同时还可以看出使用的数据库时SQL server 2008 R2。

    不过扫描使用的时间就稍微长了一点,188秒,也就是3分钟左右。

    通过QQ的IP探测,我找了一个IP来进行测试,结果发现是这样的

    root@bt:~# nmap -sT -O -A 223.67.165.180
    
    Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-08-31 02:47 EDT
    Nmap scan report for 223.67.165.180
    Host is up (0.00051s latency).
    All 1000 scanned ports on 223.67.165.180 are filtered
    Too many fingerprints match this host to give specific OS details
    
    TRACEROUTE (using proto 1/icmp)
    HOP RTT    ADDRESS
    1   ... 30
    
    OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 33.84 seconds

    原来是对方使用了路由器,扫描变成了对路由器的扫描了。

  • 相关阅读:
    4.18下午
    4.18上午
    2017.5.10-afternoon
    2017.5.9-afternoon
    2017.5.10-morning
    2017.5.9-morning
    2017.5.8-afternoon
    2017.5.8-morning
    2017.5.5-afternoon
    2017.5.5-morning
  • 原文地址:https://www.cnblogs.com/tk091/p/2665375.html
Copyright © 2011-2022 走看看