A tool that has been present for centuries, that helps you gather information on a certain system. The open ports, the database information, OS information, among others. A tool everyone use, for its portability, flexibility and power. For system downtime monitoring, for data information gathering, for blackhats, for whitehats, for security analyst, for application developers. NMAP does it!
What is up guys!In this blog, I'll show you the use on one of the well known tool when we talk about reconnaisance. I'll be showing you a program I created with the aid of nmap and its features.
I have decided to integrate NMAP on my project for it does what it does best, and as of this moment I believe that this tool could help us achieve the goal. The goal of a deeper information gathering that could aid us to further evaluate our target and execute the
How AutoNMAPer Works?
>User will input arguments to be executed to the given IP or domain.
>Program will read and loop through the domains and IPs based on the input file.
>Program will execute NMAP functionality to the input depending on the user's input command arguments
>Program will output NMAP results
Basically Python has its own library of NMAP, so integration of this tool has become alot easier. A little a challenge that I had faced is the output manipulation of the mentioned library,python-nmap. You can install this library on your own python environment by the usual;
pip install python-nmap
So let's run a test! On a usual NMAP execution we have this below on our commandline.
On python, below is the equivalent on how we can execute port scan on a certain application.
Output in python is in a dictionary form, so I would need to convert the output to a more readable format. In such way, we need to apply the Pythonic approach to convert the generic output.
>run autonmaper
I have decided to gather IPs of all the hosts that I want to target. These hosts are written on an input file, and are referred to below.
198.148.81.139
45.33.49.119
38.64.132.157
These 3 IPs are my targets, and I want to know the services available that would help me with my exploitation.
Running the tool, I have the result below:
Conclusion:
This tool would help pentesters and investigators to know what ports are opened on their targeted applications. The users can apply any nmap commands as I have set it to dynamic variation that would be flexible from the user side of things. Manual input can be a little tasky and time consuming especially when a user is up to alot of IPs to check on.
krontek>halt
Kommentare