Ethical Experts
Ethical Experts

A Community Dedicated to Helping and Learning . Here You Will Get Hacking Tutorials and Monetizing Methods . We Hope You Have a Pleasant Stay
HomeHome  SearchSearch  FAQFAQ  RegisterRegister  Log in  
Still Currently working on the forum design, until I find a perfect design that can sit there for the whole life :p .. Please Bare with us if you see the design change while / after you refresh a page or return ! Sorry for the Inconvenience ~!

Display results as :
Rechercher Advanced Search
Latest topics
» Hack Pack : Largest Hacking Tools Collection
Network Scanner : Nmap EmptyTue Apr 28, 2015 9:35 am by THE-OUTSIDER

» Hi everyone!
Network Scanner : Nmap EmptyFri Nov 07, 2014 11:24 pm by zekrum

» Hacking Email ID's
Network Scanner : Nmap EmptyThu Sep 25, 2014 7:22 pm by NAVEEN KUMAR . S

» entering in a computer binary
Network Scanner : Nmap EmptySat Sep 20, 2014 1:29 pm by erosh23

» hi hackers
Network Scanner : Nmap EmptySat Sep 20, 2014 1:26 pm by erosh23

» Introduce Yourself !
Network Scanner : Nmap EmptySat Sep 20, 2014 1:23 pm by erosh23

» Hello guys
Network Scanner : Nmap EmptyWed Jul 30, 2014 10:52 pm by RZero67

» need botnet like zues Betabot or any good botnet files please admin help me
Network Scanner : Nmap EmptyFri Jul 25, 2014 9:44 pm by sire_roktiv

» Extension Spoofer v0.1 [Beta Release]
Network Scanner : Nmap EmptyFri Jul 11, 2014 9:33 am by The Joker

Most Viewed Topics
Hack Pack : Largest Hacking Tools Collection
Hack Your BroadBand !! RISK FREE !!
How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial
Hacking With Keyloggers Prorat
How to Get Unlimited time in an Internet Cafe ... :D
How to Hack Websites & Servers - Tutorial
Cracking a WPA/WPA-2 Password.. ;)
Backtrack and Facebook
Credit Card Generating Sequence
LARGEST netcat wifi hack
Facebook Like
Similar topics


     Network Scanner : Nmap

    Go down 
    The Joker
    The Joker

    Posts : 182
    Join date : 2012-06-11
    Age : 28

    Network Scanner : Nmap Empty
    PostSubject: Network Scanner : Nmap   Network Scanner : Nmap EmptySat Oct 06, 2012 3:09 am

    Nmap best known as hacker’s best friend may it be ethical or criminal is one of the best known network scanners available today. Today nearly each and every hacker uses nmap as network scanning tool and even pen-testing tools are bundled with Nmap as basic port scanning tool. Nmap can scan network, ports, services and also garb OS. This tutorial is written keeping this in mind that everyone should be able to grasp all commands and switches given in this tutorial in single reading. Do you think it’s impossible so why not give a try.

    First we divide switches into four types,
    1.Synchronous Scans
    2.Ping Scans
    3.Time Scans
    4.Output Type

    Synchronous Scan:All synchronous scans start with “-s”(without quotes), note that the ‘s’ denoting synchronous is not capital. Now a basic synchronous scan command is written as follows,

    nmap -s[synchronous scan type] ip_address
    -sT Synchronous TCP scan
    -sS Synchronous Stealth scan(This type of scan most of the time goes undetected by remote system)

    -sF Synchronous FIN Scan(Sends FIN packets with RST flag)
    -sX XMAS tree scan(A packet is known as XMAS when its all flag are set)
    -sU UDP scan
    -sN NULL Scan
    -sP Ping Scan
    -sO Protocol Scan
    -sA ACK Scan
    -sW Windows Scan
    -sR Remote Procedure Call
    -sL List DNS
    -sI IDLE scan(A scan done with spoofed IP Address)

    How to remember all synchronous scans: After reading above switch list you must have noted all types of scans appears to start with first letter capital of its own spelling placed next to “-s” except protocol scan which uses O. So practically you don’t need to remember anything other than which type of scan you want to perform then post fix “-s” with its capital letter. Isn’t that easy, now consider you want to scan aaa.bbb.ccc.ddd for its open ports and DNS entries. Note what you want,
    -List DNS that means L

    so this will be your command,
    nmap aaa.bbb.ccc.ddd -sL

    If you want to scan UDP protocol then type,
    nmap aaa.bbb.ccc.ddd -sO UDP

    Note: No two Synchronous Scans can be combined together.
    nmap -sS -sU aaa.bbb.ccc.ddd is illegal.

    Ping Scan: All Ping scans start with “-P”, note that P is capital and denotes ping. Now basic ping scan command is written as,

    nmap -P[ping scan type] ip_address
    -Pn No Ping
    -PT TCP Ping
    -PA ACK Ping
    -PU UDP Ping
    -PO Protocol Scan
    -PS Synchronous Ping
    -PI ICMP Ping Echo
    -PB UDP ICMP timestamp
    -PM ICMP Net Mask or Masked Scan

    Now note the next option appearing after P is first letter capital of word’s own spelling except protocol ping and timestamp ping. As shown earlier everytime p from protocol will be replaced by O in scan type. To remember timestamp switch remember last letter p in timestamp appears like B.

    Network Scanner : Nmap Nmap-401-demoscan-798x774

    Time Scans: Time switches are denoted by capital T.

    -T Paranoid 300 seconds between scans
    -T Sneaky 15 seconds between scans
    -T Polite 4 seconds between scans
    -T Normal Runs parallel scans
    -T Aggressive 1.25 sec/probe
    -T Insane 0.3 sec/probe

    To remember time scans first we arrange times in descending order.
    300 15 4 - 1.25 0.3

    My friend is Paranoid who Sneaks around networks,
    300 15
    He appears Polite Normally but is Aggressive to the level of Insanity.
    4 - 1.25 0.3

    I think that will do. All time switches are appended at last of nmap command
    nmap aaa.bbb.ccc -sS -T Polite

    Output Type: It just formates output as you want. Always starts with “-o”

    -oN Normal Output
    -oX XML Output
    -oG Grapple Output
    -oA All Output

    I don’t think now to explain how to remember them.

    Other Important Switches:
    --traceroute works similar as any other trace route program
    -R Resolve DNS along with port scan
    -v Scan in verbose mode
    -O OS Scan
    So here’s an example to create scan:
    1.Create a Stealth Synchronous scan with normal output with 15 seconds between each scan. Resolve DNS and use verbose mode?
    -Scan Type Synchronous means “-s”
    -Subtype stealth “-sS”
    -Use verbose “-sS -v”
    -Resolve DNS “-sS -v -R”
    -Normal Output “-sS -v -R -oN”
    -15 seconds between scans “-sS -v -R -oN -T Sneaky”

    So the answer is,
    nmap aaa.bbb.ccc -sS -v -R -oN -T Sneaky

    Following are for you try yourself,
    2.Create a Ping protocol scan with 0.3 seconds scan difference between ports.
    3.Create a Synchronous UDP scan with xml output use verbose mode.

    Do NOT PM me until you are DONATING or Your Upgrade  hasn't been completed even after you have purchased it .
    If is one of the above, you can either choose to PM or mail me ..
    Back to top Go down
    View user profile
    Network Scanner : Nmap
    Back to top 
    Page 1 of 1
     Similar topics
    » News: PS4 and Xbox One online together?

    Permissions in this forum:You cannot reply to topics in this forum
    Ethical Experts :: Hacking Section :: Hacking Tutorials-
    Jump to: