I'm sure it's something simple but I can't figure it it. I have an nmap command like the following, because I want to test the tool with my website
nmap -p80 --system-dns --script http-wordpress-plugins.nse legault.cc
The output is the following
Starting Nmap 7.11 ( https://nmap.org ) at 2016-03-24 20:42 Eastern Daylight Time
Nmap scan report for legault.cc (192.254.232.221)
Host is up (0.092s latency).
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 6.71 seconds
It seems to me that the script should run, because the port is open, Wordpress is installed correclt and the login page is at /wp-login.php
Advice would be greatly appreciated!
The http-wordpress-plugins script was renamed to http-wordpress-enum in version 6.49. If you still have the old script, it may not work the same with the current version of Nmap. The new version works for me with that target. You can use the -d option to see debugging output from the script that may be helpful.
Related
Hello i am using nmap with snmp-info script and its coming back with wrong results. I have a cisco device that i am using to test with.
I only enabled snmpv3 on it, and ran the nmap scan like this against it
nmap -Pn -sU -sV -p161 --script=snmp-info 10.10.10.10
and it comes back with the results as so
Cisco SNMP Service; ciscoSystems SNMPv3 Server
I then configured the device to only use snmpv2 and i get the same results. I also tried enabling both snmpv2 and snmpv3 and i also get the same results. Is there something wrong with the script or the way i am scanning it?
I would like to know if I can obtain ssh version using nmap of my external vps.
nmap -p 22 sV <domainname>
result:
22/tcp filtered ssh
Is there another nmap syntax so I can obtain ssh service version?
Just want to obtain the ssh service version of my external vps.
I tried alot of nmap commands but probably there's a struggle in-between like a firewall, which causes a filtered state. My own network is behind a DrayTek Device. Maybe a possible cause?
Thanks in advance!
The nmap option --badsum is able to provide insight about the existence of a firewall. A non firewall device that runs a full network stack will silently drop a bad checksum. In the case that your scan reaches an end device, you would expect to see the same result as your -sV scan. A firewall may offer a different reply to the --badsum.
The answer to your question regarding version, is that -sV is ideal, however -A may run some scripts that return useful information. You can also run --script=sshv1 or another specific script that is ssh related. More script options are here nmap scripts.
I am trying to list a shared folder I have on the desktop of a virtual machine. with these commands:
nmap -sU -sS --script smb-enum-shares.nse -p U:137,T:139 10.10.10.115
nmap --script smb-enum-shares.nse -p445 10.10.10.115
The combined output is :
Nmap scan report for 10.10.10.115
Host is up (0.00s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
139/tcp open netbios-ssn
137/udp open netbios-ns
MAC Address: 08:00:27:31:DB:FC (Oracle VirtualBox virtual NIC)
This is not the output I am supposed to get referring to this : https://nmap.org/nsedoc/scripts/smb-enum-shares.html
Why is it not listing the shared folder on the desktop ? I have set maximum permission to everyone for the folder.
Thank you !
Guillaume
Seems like a bug in nmap https://github.com/nmap/nmap/issues/704
You can try -d flag to run nmap in debug mode. I see the "SMB: Login as \guest failed (NT_STATUS_ACCOUNT_DISABLED)" error. But other utilites (e.g. softperfect network scanner) works fine without specific permisions on remote machine.
See documentation: smb-enum-shares. Use function add_account in smbauth module
I just installed nmap (never used it before). I want to see which machine on the network is listening to port 1234. How can I do that using the GUI of nmap.
nmap -v -A -p 1234 192.168.1.1-255 This command will scan your entire subnet
The officially supported (and included!) GUI for Nmap is Zenmap. It uses Profiles to choose common options, but the command line is clearly editable, as well. To get started, choose the Regular Scan profile, which removes the extra timing and scan mode arguments. Then, enter your target in the Target box. To scan a local network, you can use CIDR notation (e.g. 10.10.0.0/16) or octet ranges (e.g. 10.10.0-255.0-255).
To scan just one port, use the -p option with the port number. It is usually helpful to specify verbose output, too, with -v. Altogether, your command line will look something like this:
nmap -p 1234 -v 10.10.10.0/24
Then click the Scan button to begin scanning.
This worked for me
nmap -p 1234 -A -v 10.10.*.*
How can I make OpenOffice 3.2.1 to listen a socket (Windows XP)?
I used
soffice "-accept=socket,host=localhost,port=12345;urp;"
or
soffice "-accept=socket,host=localhost,port=12345;urp;StarOffice.ServiceManager"
Have tryed different ports..
OOo starts, but netstat doesn't show any connection with such port number.
I thought it's because of some turned off win services on my machine
, so I tryed the same thing on another computer - no results
Searching google etc. it seems that I'm the only one with such a problem %) It looks strange..
You need to give netstat -a flag to see listening ports.