Xscan Remote?

GovernmentSecurity.org > System Security > Beginners Section

Nightdemon

Apr 21 2004, 01:32 PM

is there a way to use xscan for remote scanning? I wanna use it remote, without xscan suddenly appearing on the monitor of the person I'm scanning on

thnx in advance!

Antil

Apr 21 2004, 01:33 PM

i think you should use some sort of hideapp
and the doss commands

Joc00

Apr 21 2004, 02:00 PM

sure try xscan.exe not x-scan_gui
and hidden.exe if u want to hide it somewhere i guess 2

Usage: xscan -host <startIP>[-<endIP>] <module> [option]
xscan -file <host_list_file> <module> [option]

<module> means:
-tracert : trace route
-port : check the status of standard service port
-snmp : check SNMP information
-ssl : check SSL vulnerability
-rpc : check RPC vulnerability
-sql : check SQL-Server weak password
-ftp : check FTP-Server weak password
-ntpass : check NT-Server weak password
-netbios : check Netbios information
-smtp : check SMTP-Server vulnerability
-pop3 : check POP3-Server weak password
-cgi : check HTTP vulnerability
-iis : check IIS vulnerability
-bind : check BIND service vulnerability
-finger : check Finger service vulnerability
-sygate : check Sygate vulnerability
-all : check all vulnerability

[option] means:
-v: display verbose information
-p: skip host when failed to ping
-o: skip host when no opened port be found
-t <thread_count[,host_count]>: specify the maximal thread count and host cou
nt, default is 100,10

Example: xscan -host 192.168.1.1 -all
xscan -host 192.168.1.1-192.168.254.254 -port -ntpass -p -t 100
xscan -file host.lst -port -cgi -t 100,5 -v -o

should do the trick

PL3X59

Apr 21 2004, 02:41 PM

nice topic

Thx

pl3x

The Doom Master

Apr 21 2004, 03:10 PM

mate u can use hidden32.exe

download it here on this forum

http://www.governmentsecurity.org/forum/in...t=0&#entry10463

usage is : hidden32.exe program.exe

the program hide the GUI visual..

Nova

Apr 21 2004, 03:16 PM

if you setup a telnet server on the remote, you can access the commandline scan Xscan.exe this from my use of it will only be in the telnet window and run silently logging results

eg:

Xscan.exe -host 198.162.0.1 198.162.255.254 -iis -p -t 100,10

hope that helps

willywutz

Apr 21 2004, 04:58 PM

Hint: If you use the MS Telnet Server and start Xscan you must stay connected
If you logout Xscan will end.

Merchantp

Apr 22 2004, 04:24 AM

QUOTE

Hint: If you use the MS Telnet Server and start Xscan you must stay connected
If you logout Xscan will end.

you sure awhile ago I had scan500 on a couple radmins that i started in telnet and they continued to scan and add results in the text file for a full week......

NiteWorM

Apr 23 2004, 11:56 AM

is there a fast scanner than xscan, or angry ip scanner, they both are good scannerz but they are awfully laggy ?

rush

Apr 23 2004, 12:53 PM

anyone know what the cui cmd is for commandline scanning the msiis_ssl_check.nasl?
I tried

CODE

xscan -host 127.0.0.1 -p -nasl -log test.txt

but that aint working. I only got that .nasl file in the scripts dir...

Nessuno

May 3 2004, 08:39 AM

an other scanner similar to xscan is hscan (home page). don't warry about chinese font, the program is in english

like xscan it is a dos program but has got also a win gui, and like xscan it has many modules and i think u can build ur own and load into it.
it works better 4 me and it is faster than xscan (maybe it is only my impression)

good work

8XyuVmUB

May 4 2004, 02:48 PM

nmap is always a good one

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.