31 C
Jaipur
Friday, October 30, 2020

Kali Linux Nmap Guide – Linux Hint

Must read

How to Сo-edit Documents Without Uploading Them In The Cloud

Cloud solutions achieved a powerful boost in 2020 because of the COVID-19 pandemic. Sure, if you work remotely, there are no better tools than...

Xiaomi Trumps Apple to Become the Third Best Smartphone Maker Globally

The third quarter saw the smartphone market recover after taking massive hits due to the COVID-19 pandemic earlier this year. Samsung again came out...

Call Of Duty Warzone Mobile Might Become A Reality, Confirms Activision

A while back, Activision put out a job listing with its description saying “WZM,” which clearly meant Warzone Mobile. Ever since then, Call of...

SmartThings Find Locates Your Lost or Misplaced Galaxy Devices

Samsung has launched SmartThings Find, a new service in SmartThings app to help locate your misplaced or stolen Galaxy devices. The app uses Bluetooth...

Nmap (“Network Mapper”) tool is used in active reconnaissance in order to not only determine live systems but also determine the holes in systems. This versatile tool is one of the best tools in the hacking community and is well supported. Nmap is available in all operating systems and is also available in a GUI. It is used to find network vulnerabilities. It is a network penetration testing tool used by most of the pentesters while doing pentesting. The Nmap team created Zenmap. It provides a graphical user interface representation of Nmap. It is an additional way of using Nmap, so if you don’t like the command-line interface and how the information is displayed, you can use zenmap.

Kali Linux working with Nmap:

On the Kali Linux screen, the installer will appear the user for a ‘root’ user password, which you will need to log in. The Enlightenment Desktop Environment can be started by using startx command after logging into the Kali Linux machine. The desktop environment is not required to run by Nmap.

You will have to open the terminal window once you have logged into enlightenment. The menu will appear by clicking the desktop background. To navigate to the terminal can be done as follows :

Applications –> System –> “Root Terminal”.

All shell programs work for purposes of the Nmap. After the successful launching of the terminal, Nmap fun can begin.

Finding live hosts on your network:

The IP address of the kali machine is 10.0.2.15, and the IP address of the target machine is ‘192.168.56.102’.

What is live on a particular network can be determined by a quick Nmap scan. It is a ‘Simple List’ scan.

$ nmap -sL 192.168.56.0/24

Unfortunately, no live hosts were returned by using this initial scan.

Find and Ping All Live Hosts on My Network:

Fortunately, you do not have to worry, because using some tricks enabled by Nmap, we can find these machines. Trick mentioned will tell Nmap to ping all addresses in the 192.168.56.0/24 network.

$ nmap -sn 192.168.56.0/24

So, Nmap has returned some potential hosts for scanning.

Find open ports via Nmap:

Let nmap perform a port scan to find particular targets and see the results.

$ nmap 192.168.56.1,100102

Some listening service on this specific machine is indicated by these ports. An IP address is assigned to metasploitable vulnerable machines; this is why there are open ports on this host. A lot of ports opened on most machines is abnormal. It would be wise to investigate the machine closely. The physical machine on the network can be tracked down by administrators.

Find Services Listening on Ports on host Kali machine:

It is a service scan performed via Nmap, and its purpose is to check which services might be listening on a specific port. Nmap will investigate all open ports and will collect information from services running on each port.

$ nmap -sV 192.168.56.102

It works to obtain information about the hostname and the current operating system running on the target system. The “vsftpd” version 2.3.4 is running on this machine, which is a pretty old version of VSftpd, which is alarming for the administrator. For this particular version (ExploitDB ID – 17491), a serious vulnerability was found back in 2011.

Find Anonymous FTP Logins on Hosts:

To gather more information, let Nmap have a closer look.

$ nmap -sC 192.168.56.102 -p 21

The above command has found out that anonymous FTP sign-in is allowed on this specific server.

Check for Vulnerabilities on Hosts:

As the mentioned earlier version of VSftd is old and vulnerable, so it is quite concerning. Let us see if Nmap can check for the vulnerability of vsftpd.

It is notable that for the VSftpd backdoor problem, Nmap has NSE script, (Nmap Scripting Engine) is one of Nmap’s most useful and adaptable features. It allows users to write simple scripts to mechanize a broad range of networking tasks. Before running this script against the host, we should know how to use it.

$ nmap –script-help=ftp-vsftd-backdoor.nse

It can be used to check if the machine is vulnerable or not.

Run the following script:

$ nmap –script=ftp-vsftpd-backdoor.nse 192.168.56.102 -p 21

Nmap has the quality to be quite and selective. In this manner, to scan a personally owned network can be tedious. A more aggressive scan can be done by using Nmap. It will give somewhat the same information, but the difference that lies is we can do it by using one command instead of using loads of them. Use the following command for aggressive scan:

It is evident that using only one command, Nmap can return loads of information. Much of this information can be used to check what software may be on the network and to determine how to protect this machine.

Conclusion:

Nmap is a versatile tool to be used in the hacking community. This article provides you with a brief description of Nmap and its function.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to Сo-edit Documents Without Uploading Them In The Cloud

Cloud solutions achieved a powerful boost in 2020 because of the COVID-19 pandemic. Sure, if you work remotely, there are no better tools than...

Xiaomi Trumps Apple to Become the Third Best Smartphone Maker Globally

The third quarter saw the smartphone market recover after taking massive hits due to the COVID-19 pandemic earlier this year. Samsung again came out...

Call Of Duty Warzone Mobile Might Become A Reality, Confirms Activision

A while back, Activision put out a job listing with its description saying “WZM,” which clearly meant Warzone Mobile. Ever since then, Call of...

SmartThings Find Locates Your Lost or Misplaced Galaxy Devices

Samsung has launched SmartThings Find, a new service in SmartThings app to help locate your misplaced or stolen Galaxy devices. The app uses Bluetooth...

10 Best Apple Mail Alternatives for Mac and iPhone in 2020

Unlike other stock apps like Safari and Notes, Apple Mail for macOS hasn’t got major improvements for a long time. The email app not...