Government Security
Network Security Resources

Jump to content

Photo

Nmap Help.


  • Please log in to reply
3 replies to this topic

#1 st1ng81

st1ng81

    Private

  • Members
  • 6 posts

Posted 23 November 2011 - 05:06 AM

I am new to metasploit. I wanted to scan open ports in a network..so i gave the command

nmap -v -sV 192.168.1.0/24

It scans all 256 hosts and displays

Nmap done: 256 IP addresses (0 hosts up) scanned in 206.64 seconds
Raw packets sent: 2048 (77.824KB) | Rcvd: 29 (1.652KB)


Every time i run this command it displays 0 hosts up.What might be the problem?

#2 Glyph

Glyph

    General of the Army

  • GSO Management
  • 1,599 posts

Posted 23 November 2011 - 09:33 AM

Try nmap -vvv -Pn -sV 192.168.1.0/24

#3 Xeo Hacker

Xeo Hacker

    Private

  • Members
  • 1 posts

Posted 29 November 2011 - 05:48 PM

These are some useful commands for LAN Hacking .... You can check ORIGINAL POST HERE

1) Ping
  • This command will allow you to know if the host you pinging is alive, which means if it is up at the time of executing the “ping” command.
CODE :
  • ping x.x.x.x (x is the IP address).
  • ping www.whatever.com (www.whatever.com is the website you want to ping, but you don’t know the IP)
NOTE : Keep in mind that if the host you pinging is blocking ICMP packets, then the result will be host down.
2) Nslookup
  • This command is mostly for resolving DNS into IP.
Lets say you know the website URL but you don’t know its IP(and you want to find out).
nslookup www.whatever.com (www.whatever.com is the website you want to find out the IP)
Now, another really nice function of nslookup is to find out IP of specific Mail Severs.

CODE :
  • nslookup (enter)
  • set type=mx (enter)
  • yahoo.com
This command will give you the mail server IP of yahoo.com. You can use whatever server you want and if it is listed on DNS, then you get the IP.
  • Now why would you want to have an IP of a mail server?
  • To send spoofed mail to your friends or even for SE.
  • In case you looking for “How to spoof email”, then look for my “How to spoof email tutorial” http://www.infowar.c...p;threadid=2360
3) Tracert

This command will give you the hops that a packet will travel to reach its final destination.
OBS: This command is good to know the route a packet takes before it goes to the target box.

CODE:
  • tracert x.x.x.x (x is the IP address)
  • tracert www.whatever.com (www.whatever.com is the website you don’t know the IP)
4) Arp

This command will show you the arp table. This is good to know if someone is doing arp poisoning in your LAN.

CODE :

arp -a
  • Route
This command will show you the routing table, gateway, interface and metric.

CODE :
  • route print
5) Ipconfig

This command will show tons of very helpful things.Your IP, gateway, dns in use.

CODE :
  • ipconfig
  • ipconfig /all
This command will give all that info but for all networks you might have it.Also, in case you have a dynamic IP and want to change it, then type.
  • ipconfig /release (this will release your IP)
  • ipconfig /renew (this will renew your iP)
NOTE : Keep in mind that those commands will change your IP, but the new IP will still be tighed up to you. So don’t do anything stupid.
6) Netstat

This command will show you connection to your box.

CODE :
  • netstat
  • netstat -a (this will show you all the listening ports and connection with DNS names)
  • netstat -n (this will show you all the open connection with IP addresses)
  • netstat -an (this will combined both of the above)
7) Nbtstat

This command will show you the netbios name of the target box.

CODE :
  • nbtstat -A x.x.x.x (x is the IP address)
  • nbtstat -a computername
  • net view x.x.x.x or computername (will list the available sharing folders on the target box)
  • net use \ipaddressipc$ “” /user:administrator (this command will allow you to connect to the target box as administrator)
  • Now if you want to connect to the target box and browse the entire C drive, then use this command: net use K: \computernameC$ (this will create a virtual drive on your “my computer” folder)
NOTE : Keep in mind that this will only works if the target box doesn’t have an administrator password set.
And least but not last, the “help” command.
  • whatevercommand /help
  • whatevercommand /?
This command will help you to understand what it does and all the switchs available for each command.
Very useful if you know the command, but forgot the right switch.

#4 D4rkC0d3

D4rkC0d3

    Private

  • Members
  • 3 posts

Posted 18 January 2012 - 01:07 PM

i am not a "master" on nmap or metasploit but when i want to search for open ports and port it to metasploit you must start the service of the postgresql script that metasploit has, then connect your metasploit prompt to that database, then my personal favorite "db_nmap -p 20,21,22,23,80,135,139,445 -vv --open -T 5 -Pn -n 192.168.1.1-254", i think that metasploit's autopwn are now erased from the main project but if you run "msfpro" instead "msfconsole" it will apear to you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users