在Python中进行Nmap扫描

本文最后更新于2017年12月8日,已超过 1 年没有更新,如果文章内容失效,还请反馈给我,谢谢!

=Start=

缘由:

简单记录一下,方便以后参考。

正文:

参考解答:
# pip install python-nmap
import sys
import nmap
try:
    nm = nmap.PortScanner()
except nmap.PortScannerError:
    print('Nmap not found', sys.exc_info()[0])
    sys.exit(0)
except:
    print('Unexpected error:', sys.exc_info()[0])
    sys.exit(0)
nm.scan('192.168.12.217''27017')
nm.scan(hosts='192.168.12.217', arguments='--open -p{0}'.format(27017))
nm.scan(hosts='192.168.12.94', arguments='--open -p{0}'.format(23))
nm.scan(hosts='192.168.11.28', arguments='--open -p{0}'.format(1723))
nm.scan('192.168.11.26''22')
nm.scan(hosts='192.168.11.26', arguments='--open -p{0}'.format(22))
nm['192.168.11.26']
nm['192.168.11.26']['tcp'][22]['name']
'''
In [11]: nm['192.168.11.26']['tcp']
Out[11]:
{22: {'conf''3',
  'cpe''',
  'extrainfo''',
  'name''ssh',
  'product''',
  'reason''syn-ack',
  'state''open',
  'version'''}}
In [12]: nm['192.168.11.26']['tcp']['22']
---------------------------------------------------------------------------
KeyError                                  Traceback (most recent call last)
<ipython-input-12-727f5b181d55> in <module>()
----> 1 nm['192.168.11.26']['tcp']['22']
KeyError: '22'
In [14]: type(nm['192.168.11.26']['tcp'])
Out[14]: dict
In [15]: for item in nm['192.168.11.26']['tcp']:
   ....:     print item, type(item)
   ....:
22 <type 'int'>
In [16]: nm['192.168.11.26']['tcp'][22]
Out[16]:
{'conf''3',
 'cpe''',
 'extrainfo''',
 'name''ssh',
 'product''',
 'reason''syn-ack',
 'state''open',
 'version'''}
In [17]: nm['192.168.11.26']['tcp'][22]['name']
Out[17]: 'ssh'
'''

&

nm_dict = nm.scan(hosts=ip, arguments='--open -p{0}'.format(port))
print ip, port, nm_dict.get('scan', {}).get(str(ip), {}).get('tcp', {}).get(port, {}).get('name''unknown')
参考链接:

=END=

声明: 除非注明,ixyzero.com文章均为原创,转载请以链接形式标明本文地址,谢谢!
https://ixyzero.com/blog/archives/3705.html

《在Python中进行Nmap扫描》上有6条评论

  1. 未授权访问漏洞的检测与利用
    https://thief.one/2017/12/08/1/

    漏洞描述
    漏洞检测
    漏洞利用
    漏洞修复

    1. redis未授权访问漏洞
    2. ZooKeeper未授权访问漏洞
    3. Elasticsearch未授权访问
    4. memcache未授权访问
    5. Docker未授权访问
    6. wordpress未授权访问漏洞
    7. 参考文章

  2. Osmedeus – 渗透测试中的自动侦察和扫描工具
    https://github.com/j3ssie/Osmedeus

    子域名扫描(Subdomain Scanning)
     amass
     subfinder
     massdns
    子域名接管扫描(Subdomain TakeOver Scanning)
     subjack
     SubOver
    端口扫描和目标截屏(Port Scanning and ScreenShot the target)
     aquaton
     EyeWitness
     masscan
    Git仓库扫描(Git repo scanning)
     truffleHog
     gitrob
    用Burp的状态文件做一些工作(Doing some stuff with Burp State file)
     sqlmap
     SleuthQL
     LinkFinder
    目录遍历/扫描(Directory search)
     dirhunt
     dirsearch
     gobuster
    暴力破解(Bruteforce services)
     brutespray
    单词列表(Wordlists)
     domain
     web-content

发表评论

电子邮件地址不会被公开。 必填项已用*标注