1.4. Perintah lainnya
1.4.1. [ -f ] menentukan fragment probes dalam paket sebesar 8 bytes
#nmap �f 192.168.1.34
1.4.2. [ -D ] menggunakan decoy
Syntax used: nmap -D [decoy1, decoy2, decoy3, etc| RND:Number]
[target's IP add]
#nmap �D 192.168.1.45 192.168.1.46 192.168.1.47 192.168.1.4
1.4.3. [ -sI ] Iddle Scann
Membuat nmap melakukan scann dalam mode background dan memakai ip address
tertentu , sehingga seakan-akan nmap melakukan scann dari host berbeda
[root@bt]# nmap �sI 192.168.1.1 192.168.1.4
1.4.4. [--spoof] Spoofing mac address
Membuat nmap melakukan scann dengan memalsukan mac address tertentu
Coba scann ke ip sendiri , nanti akan terlihat perbedaan dalam mac address
[root@bt]# nmap �sT �PN ��spoof�mac apple 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22 16:56 WIT
Spoofing MAC address 00:03:93:74:DC:88 (Apple Computer)
Nmap scan report for 192.168.1.4
Host is up (0.0015s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds
1.4.5. [--randomize-hosts]
melakukan scann host secara random
#nmap ��randomize�hosts 192.168.1.1�100
1.4.6. [--source-port]/[g]
nmap �source�port 53 192.168.1.36
nmap �g 53 192.168.1.36
[root@zee zee]# nmap ��source�port 21 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22
17:01 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15
seconds
1.5. Opsi Output
Menentukan hasil penyimpanan output
1.5.1. Menentukan output dalam bentuk txt
[ root@zee zee]# nmap �oN hasil.txt 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22 17:06 WIT
Note: Host seems down. If it is really up, but blocking our ping
probes, try �Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.45 seconds
[root@zee zee]# nmap �oN hasil.txt 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22 17:06 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
1.5.2. Menentukan output dalam bentuk xml
[root@zee zee]# nmap �oX scanme.xml 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22 17:10 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 2.72 seconds
1.5.3. Menentukan output dalam bentuk scriptkiddies
[ root@zee zee]# nmap �oS kiddiescan.txt 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 2012�01�22 17:13 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
1.6. Perintah � Perintah Advance
1.6.1. FIN scan (-sF)
Tidak mengirimkan bit (header flag TCP adalah 0)
1.6.2. Null scan (-sN)
Hanya menset bit FIN TCP.
1.6.3. Xmas scan (-sX)
Menset flag FIN, PSH, dan URG, menerangi paket seperti sebuah pohon Natal.
1.6.4. Scann Dengan menggunakan script khusus
syntax : nmap �script=broadcast �target IP�
Pilihan script dapet di temukan pada �/usr/local/share/nmap/scripts�
contoh:
nmap �script=smb�check�vulns �target IP�
nmap �script=sql�injection �target IP�
nmap �script=mongodb�databases �target IP�
nmap �script=mac�geolocation �target IP�
nmap �script=broadcast�netbios�master�browser �target IP�
Tambahan opsi perintah
[ - v ] menampilkan output verbose
[ -d ] menampilkan debugging
sekian dari ane gan :D
makasih udah mampir :D
Terimakasih juga kepada Indonesian Backtrack Team
SUMBER : E-BOOK ASWB(attacking side with backtrack) v.1 dan www.indonesianbacktrack.or.id
No comments:
Post a Comment