Nmap: teknik menggunakan script

From OnnoWiki
Jump to navigation Jump to search

https://www.cyberpratibha.com/blog/nmap-scripting-engine-scanning-in-kali-linux/


Apakah Nmap Script atau NSE?

Nmap Scripting Engine (NSE) adalah salah satu fitur Nmap yang paling berpengaruh dan dapat dengan mudah diadaptasi. NSE memungkinkan klien untuk menulis (dan menjalankan) skrip langsung untuk mengotomatisasi berbagai tugas jaringan sistem. Script Nmap tersebut kemudian dijalankan secara paralel dengan cepat dan memaksimalkan produktivitas Nmap. Pengguna mengandalkan seperangkat script yang telah tersedia, atau menulis sendiri.

Lokasi script

Lokasi script dapat diketahui dengan mudah menggunakan perintah

locate .nse

di Kali Linux ada di

/usr/share/nmap/nselib/data


Help

Untuk menampilkan help akan script

--script-help

Shows help about nmap scripts. For each one script matching the given detail, Nmap prints the script name, its classifications, and its categories. The determinations are the same as those acknowledged by -script; so for instance on the off chance that you need help about the afp- and discovery, you would run following command

nmap –script-help “afp-* and discovery”.
--script-help in nmap
--script-trace

This alternative works at the requisition level instead of the parcel by the bundle. In the event that this alternative is pointed out, all approaching and friendly correspondence performed by scripts is printed. The showed data incorporates the correspondence convention, source and target locations, and the transmitted information. In the event that more than 5% of transmitted information is unprintable, hex dumps are given.

--script-trace in nmap

–script-updatedb

It is just important to upgrade the database in the event that you have included or expelled NSE scripts from the default scripts catalog or in the event that you have changed the classifications of any script. This choice is utilized independently from anyone else without contentions:

  1. nmap -script-updatedb.
--script-updatedb in nmap

A simple script scan by using default set of nmap scripts

  1. nmap –sC {Target_IP}

nmap -sC

A script scan a target machine without port discovery. This scan only identify host is running or down.

  1. nmap -sn –sC {Target_IP}
  1. nmap –Pn -sn –sC {Target_IP}

nmap -sn -sC

This scan is used to scan network without port scanning and without host discovery.

Pnetration tester can execute a specific script with script tracing.

  1. nmap –script smb-os-discovery –script-trace {target_IP_Address}

nmap –script smb-os-discovery –script-trace

Run a particular script that takes a script argument

    I hope you like this articles, but i want to know how much do you like this article? please give your valuable time and write a comment in following box.

Cheers!


Referensi