about summary refs log tree commit diff stats
path: root/tools/nmap.html
blob: 60f17646aa491789bc113d6e76f51c1adfe8e410 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 <!DOCTYPE html>
<html dir="ltr" lang="en">
    <head>
        <meta charset='utf-8'>
        <title>Nmap</title>
    </head>
    <body>
        <h1>Nmap</h1>

       <h2 id="nmap">Nmap</h2>

        <p>Discover other hosts on local lan, try -sn and -sP,
        not sure if both only disable port scan.</p>

        <pre>
        # nmap -sn 192.168.1.0/24
        </pre>

        <p>Check for vulnerabilities on host;</p>

        <pre>
        # nmap --script=vuln 127.0.1.1

        Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-20 22:07 UTC
        Nmap scan report for dev.box (127.0.1.1)
        Host is up (0.000028s latency).
        Not shown: 998 closed ports
        PORT   STATE SERVICE
        25/tcp open  smtp
        | smtp-vuln-cve2010-4344:
        |   Exim version: 4.85
        |   Exim heap overflow vulnerability (CVE-2010-4344):
        |     Exim (CVE-2010-4344): NOT VULNERABLE
        |   Exim privileges escalation vulnerability (CVE-2010-4345):
        |     Exim (CVE-2010-4345): NOT VULNERABLE
        |_  To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
        53/tcp open  domain

        Nmap done: 1 IP address (1 host up) scanned in 2.68 seconds
        #
        </pre>

    </body>
</html>