Wenn ich renne db_nmap
(oder fast jeder Scanner: ipidseq
, syn
, arp_swepp
usw.) aus msfconsole
Ich bekomme das:
msf > db_nmap -sS -A -v 192.168.0.13
[*] Nmap: Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2013-01-18 01:45 COT
[*] Nmap: NSE: Loaded 91 scripts for scanning.
[*] Nmap: NSE: Script Pre-scanning.
[*] Nmap: Initiating ARP Ping Scan at 01:45
[*] Nmap: Scanning 192.168.0.13 [1 port]
[*] Nmap: Completed ARP Ping Scan at 01:45, 0.44s elapsed (1 total hosts)
[*] Nmap: Nmap scan report for 192.168.0.13 [host down]
[*] Nmap: NSE: Script Post-scanning.
[*] Nmap: Read data files from: /opt/metasploit-4.5.0/common/share/nmap
[*] Nmap: Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
[*] Nmap: Nmap done: 1 IP address (0 hosts up) scanned in 2.28 seconds
[*] Nmap: Raw packets sent: 2 (56B) | Rcvd: 0 (0B)
Aber dann betreibe ich meine Standalone nmap
Bewerbung bekomme ich dazu
$> nmap -sS -A -v 192.168.0.13
Starting Nmap 6.00 ( http://nmap.org ) at 2013-01-18 01:54 COT
NSE: Loaded 93 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 01:54
Scanning 192.168.0.13 [1 port]
Completed ARP Ping Scan at 01:54, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 01:54
Completed Parallel DNS resolution of 1 host. at 01:54, 0.04s elapsed
Initiating SYN Stealth Scan at 01:54
Scanning 192.168.0.13 [1000 ports]
Discovered open port 80/tcp on 192.168.0.13
Discovered open port 445/tcp on 192.168.0.13
...snip...
Completed SYN Stealth Scan at 01:54, 2.48s elapsed (1000 total ports)
Initiating Service scan at 01:54
Scanning 14 services on 192.168.0.13
Service scan Timing: About 57.14% done; ETC: 01:56 (0:00:36 remaining)
Completed Service scan at 01:56, 86.08s elapsed (14 services on 1 host)
Initiating OS detection (try #1) against 192.168.0.13
NSE: Script scanning 192.168.0.13.
Initiating NSE at 01:56
Completed NSE at 01:58, 144.42s elapsed
Nmap scan report for 192.168.0.13
Host is up (0.00086s latency).
Not shown: 986 closed ports
PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 8.0
| http-methods: OPTIONS TRACE GET HEAD POST
| Potentially risky methods: TRACE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Microsoft Internet Information Services 8
135/tcp open msrpc Microsoft Windows RPC
...snip...
MAC Address: 08:00:27:84:4C:73 (Cadmus Computer Systems)
Device type: general purpose
Running: Microsoft Windows 7|2008
OS CPE: cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2008::sp1
OS details: Microsoft Windows 7 or Windows Server 2008 SP1
Uptime guess: 0.023 days (since Fri Jan 18 01:24:51 2013)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: Incremental
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
|_smbv2-enabled: Server supports SMBv2 protocol
| smb-security-mode:
| Account that was used for smb scripts: guest
| User-level authentication
| SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
| nbstat:
| NetBIOS name: VM1, NetBIOS user: <unknown>, NetBIOS MAC: 08:00:27:84:4c:73 (Cadmus Computer Systems)
| Names
| VM1<00> Flags: <unique><active>
| VM1<20> Flags: <unique><active>
| WORKGROUP<00> Flags: <group><active>
|_ WORKGROUP<1e> Flags: <group><active>
| smb-os-discovery:
| OS: Windows 8 Pro 9200 (Windows 8 Pro 6.2)
| NetBIOS computer name: VM1
| Workgroup: WORKGROUP
|_ System time: 2013-01-18 01:56:18 UTC-8
TRACEROUTE
HOP RTT ADDRESS
1 0.86 ms 192.168.0.13
NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at ttp://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 235.45 seconds
Raw packets sent: 1158 (51.650KB) | Rcvd: 1023 (41.838KB)
Ich bin mir fast sicher, dass dies ein Benutzerproblem ist.
Der GUEST-Computer läuft auf VirtualBox und ist über Bridge Adapter auf meiner eth0-Schnittstelle, Windows 8 Pro, verbunden
HOST-Maschine ist Ubuntu 12.10 x64
Und ich habe gerade auf Version 4.5.1 aktualisiert
ubuntu
windows-8
virtualbox
nmap
andresperezl
quelle
quelle
Wird dieses Problem weiterhin angezeigt, wenn Sie No-Ping (-Pn) angeben? Unter Linux benötigen Sie erhöhte Rechte für das Arping, und ich frage mich, ob Sie sie im Kontext Ihres Aufrufs von nmap über die Befehlszeile haben, aber nicht im Kontext Ihrer msfconsole-Sitzung.
yomimono