From the course: Complete Guide to Penetration Testing
Join today to access over 24,700 courses taught by industry experts.
Using Nmap scripts
From the course: Complete Guide to Penetration Testing
Using Nmap scripts
- [Instructor] A useful option to be familiar with is -p0, which will skip the ping check of the host. This is particularly useful when we want to scan a live system, which doesn't respond to an ICMP ping. We're running a Windows server on address 10.0.2.38 but Nmap didn't find it. Let's scan it using -p0. nmap -PS -p0 10.0.2.38 Okay, we now find that the host is in fact up and we have some services available. Let's now check for UDP ports. We can do this using the -su option and this will check the most common 1000 UDP ports. This requires root privileges, so we'll run with sudo. sudo nmap -sU 10.0.2.32, and we'll scan our metasploitable server. This will take a while, so we'll come back when it's finished. We finished the UDP scan now and we see a number of these ports open. Let's use Nmap to drill down into an individual service to get more details about what it's running. By using the -SV option, Nmap will try to identify the version of software being used for a service. I can…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
A Kali refresher3m 21s
-
(Locked)
Scanning networks with Nmap2m 1s
-
(Locked)
Using Nmap scripts4m 39s
-
(Locked)
Open source information from Shodan4m 30s
-
(Locked)
A netcat refresher3m 10s
-
(Locked)
Relaying between network zones3m 25s
-
(Locked)
Capturing packets with tcpdump9m 32s
-
(Locked)
Working with netstat, nbtstat, and arp2m 28s
-
(Locked)
Generating shells with msfvenom9m 30s
-
(Locked)
Using PowerHub6m 24s
-
-
-
-
-
-
-
-
-
-
-
-