nmap 扫描常见漏洞
生活随笔
收集整理的這篇文章主要介紹了
nmap 扫描常见漏洞
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
加上 --script=vuln 參數就可以了
nmap -T4 -A -v 192.168.1.133 --script=vuln掃描結果,發現了兩個可用的漏洞
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-09 22:51 CST NSE: Loaded 149 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 22:51 Completed NSE at 22:51, 10.01s elapsed Initiating NSE at 22:51 Completed NSE at 22:51, 0.00s elapsed Initiating ARP Ping Scan at 22:51 Scanning 192.168.1.133 [1 port] Completed ARP Ping Scan at 22:51, 0.00s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 22:51 Completed Parallel DNS resolution of 1 host. at 22:51, 0.00s elapsed Initiating SYN Stealth Scan at 22:51 Scanning sb-abae96df44ac.lan (192.168.1.133) [1000 ports] Discovered open port 135/tcp on 192.168.1.133 Discovered open port 139/tcp on 192.168.1.133 Discovered open port 1025/tcp on 192.168.1.133 Discovered open port 445/tcp on 192.168.1.133 Discovered open port 23/tcp on 192.168.1.133 Completed SYN Stealth Scan at 22:51, 1.25s elapsed (1000 total ports) Initiating Service scan at 22:51 Scanning 5 services on sb-abae96df44ac.lan (192.168.1.133) Completed Service scan at 22:51, 6.01s elapsed (5 services on 1 host) Initiating OS detection (try #1) against sb-abae96df44ac.lan (192.168.1.133) NSE: Script scanning 192.168.1.133. Initiating NSE at 22:51 Completed NSE at 22:51, 10.68s elapsed Initiating NSE at 22:51 Completed NSE at 22:51, 0.10s elapsed Nmap scan report for sb-abae96df44ac.lan (192.168.1.133) Host is up (0.00035s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 23/tcp open telnet Microsoft Windows XP telnetd |_clamav-exec: ERROR: Script execution failed (use -d to debug) 135/tcp open msrpc Microsoft Windows RPC |_clamav-exec: ERROR: Script execution failed (use -d to debug) 139/tcp open netbios-ssn Microsoft Windows netbios-ssn |_clamav-exec: ERROR: Script execution failed (use -d to debug) 445/tcp open microsoft-ds Microsoft Windows 2003 or 2008 microsoft-ds |_clamav-exec: ERROR: Script execution failed (use -d to debug) 1025/tcp open msrpc Microsoft Windows RPC |_clamav-exec: ERROR: Script execution failed (use -d to debug) MAC Address: 08:00:27:63:28:BF (Oracle VirtualBox virtual NIC) Device type: general purpose Running: Microsoft Windows 2003 OS CPE: cpe:/o:microsoft:windows_server_2003::sp1 cpe:/o:microsoft:windows_server_2003::sp2 OS details: Microsoft Windows Server 2003 SP1 or SP2 Network Distance: 1 hop TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OSs: Windows XP, Windows; CPE: cpe:/o:microsoft:windows_xp, cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_server_2003Host script results: | smb-vuln-ms08-067: | VULNERABLE: | Microsoft Windows system vulnerable to remote code execution (MS08-067) | State: VULNERABLE | IDs: CVE:CVE-2008-4250 | The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, | Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary | code via a crafted RPC request that triggers the overflow during path canonicalization. | | Disclosure date: 2008-10-23 | References: | https://technet.microsoft.com/en-us/library/security/ms08-067.aspx |_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250 |_smb-vuln-ms10-054: false |_smb-vuln-ms10-061: NT_STATUS_OBJECT_NAME_NOT_FOUND | smb-vuln-ms17-010: | VULNERABLE: | Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010) | State: VULNERABLE | IDs: CVE:CVE-2017-0143 | Risk factor: HIGH | A critical remote code execution vulnerability exists in Microsoft SMBv1 | servers (ms17-010). | | Disclosure date: 2017-03-14 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143 | https://technet.microsoft.com/en-us/library/security/ms17-010.aspx |_ https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/TRACEROUTE HOP RTT ADDRESS 1 0.35 ms sb-abae96df44ac.lan (192.168.1.133)NSE: Script Post-scanning. Initiating NSE at 22:51 Completed NSE at 22:51, 0.00s elapsed Initiating NSE at 22:51 Completed NSE at 22:51, 0.00s elapsed Read data files from: /usr/bin/../share/nmap OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 31.46 secondsRaw packets sent: 1109 (49.494KB) | Rcvd: 1017 (41.242KB)總結
以上是生活随笔為你收集整理的nmap 扫描常见漏洞的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 使用 python 一键搭建文件服务器
- 下一篇: 用数组存储二进制数据