You see the profile name, the parameters used, the information collected from the scan results, and the scan time. In the following table I compare the results of three different scans. Compare and try to understand the scans results Also you can use command to print network inventory. With this information you can determine vulnerability of target hosts and use it for social engineering. The -O option turns on Nmap’s OS fingerprinting system.įor more information about OS fingerprinting you can read this article. Because from the version number we can find that a service has some vulnerabilities to exploit or not.Īt our scan result below, different from the result of regular or quick scan, we have the versions of services that runs on the detected open ports. This information is very important to determining an entry point for an attack. This parameter collects information about the specific service running on an open port, including the product name and version number. Now lets look at new parameters in this profile.
We`re going to analyze differences of the results in Step5. But if you look carefully you can see that, these extra informations cost extra time. But at the result there is also some extra important informations about target.
Nmap -sV -T4 -O -F -version-light 192.168.117.130 Zenmap Quick scan olusĪs you see there is some extra parameters. In this scan profile we use the command below. Scan Metasploitable2 with `Quick scan plus` For more information you can visit this page. paranoid( -T0) is very slow and insane( -T5) is very fast. In our example we used aggressive, namely -T4. The template names are paranoid (0), sneaky (1), polite (2), normal (3), aggressive (4), and insane (5). You can specify timing templates with the -T option and their number (0–5) or their name. Timing templates makes it easy to make faster scans. And it`s nearly impossible for beginners to use these controls. In fact there is some other powerful and effective timing controls, but some people find them confusing. Nmap offers six different timing templates. But in Quick scan, some open ports can not seen. This is naturally far faster than scanning all 65,535 ports.Ĭompared to regular scan, scan time is shorter than quick scan. With -F, this is reduced to 100 most common ports those are used. Normally Nmap scans the most common 1,000 ports. With -F parameter, Nmap scans fewer ports than the default. Here we have two parameters to reduce scan time. Therefore you have to find something as soon as possible that more useful for you to exploit. Generally you don`t have much time for a penetration test in real life. When you scan a big network with lots of devices, time`ll very important for you. Nmap -T4 -F 192.168.117.130 Zenmap Quick scanĪs you understand from the name, this is a quick scan and it reduce scan time. Scan Metasploitable2 with `Quick scan`ĭifferent from regular scan, quick scan has some extra parameters in command. Nmap 192.168.117.130 Zenmap Regular scan resultĪfter scan is finished, in ` Nmap Output` tab you see just open ports and the services running on those ports. For regular scan you see command shown below. You can see a command in the ` Command` field, that comes after you select the profile. You`re going to see a scan result as shown below. Open Zenmap and enter in the ` Target` field that IP address, for Profile select ` Regular scan` and click ` Scan`.
#NMAP ZENMAP GUI PASSWORD#
You can login Metasploitable2 with the credentials username and password as msfadmin, then learn IP address with the command ifconfig.įor my Metasploitable2 VM, IP address is 192.168.117.130. To scan Metasploitable2 with Zenmap, first it`s easier for you to learn its IP address. For that you may need your Network Administrators help. Note: If you are using a test environment at your work and VMs are at different networks, you have to make them reach each other.
#NMAP ZENMAP GUI INSTALL#
If you have not them, first read these articles and install Metasploitable2, Kali Linux and Zenmap. Start Kali and Metasploitable2 VMsįirst start your Metasploitable2 and Kali Linux virtual machines. These are the profile names that are preconfigured by default and there are also some others in Zenmap. ` Regular scan`, ` Quick scan`, ` Quick scan plus`. Compare and try to understand the scans resultsĪs you see in the steps, we`re going to make three different scans. Scan Metasploitable2 with “Quick scan plus” These are the main steps that we follow during the article.
I`m going to make three different scans and at the end of article, compare the scan results.
#NMAP ZENMAP GUI HOW TO#
In this article we`re going to learn how to use Zenmap for basic scans. These properties makes Nmap easy to use for beginners and offers something for advanced users. As mentioned in the previous article Zenmap is the GUI form of Nmap with some extra properties.
0 kommentar(er)
