Giant Penetration Testing Cheat Sheet for Linux Commands -III

Well, readers, welcome back to the third installment of the Linux commands. Previously, we have ended our discussion on the NMAP syntax which is required to learn by everyone. And, today we will take our Linux command series ahead and will study the NMAP common command reference required to scan networks and hosts. So, let’s get started.

Host and Subnet Target Syntax:

  • nmap [host] (i.e. nmap 10.10.10.1) – Tells the NMAP To target the single IP address at one time.
  • nmap [domain] (i.e. nmap www.myserver.com) – This command indicates NMAP to target the special host, however, the host needs to be involved with the DNS.
  • nmap [range] (i.e. nmap 10.10.10.1-5) – To provide the specific range to the NMAP to target IP address.
  • nmap [subnet] (i.e. nmap 10.10.10.0/24) – This command surges NMAP to scan subnet with the variable length subnet mask.
  • nmap -iL [import_host_list.txt] (i.e. nmap -iL myhostlist.txt) – This will help you in importing the entire list of the host from the other source.

Port Scanning Target Syntax:

  • nmap -p 80 10.10.10.1 – To scan the host that whether it’s accepting connections from the other host this is used. In this case, 80 is another host.
  • nmap -F 10.10.10.1 – The -F here stands for the fast. So, by this, you can scan the most hundred used hosts on the connection.
  • nmap -p- 10.10.10.1 – This command will scan all the hosts on the port, but relatively very low.

Port Scanning Options Syntax:

  • nmap -sT 10.10.10.1 – Using this you can initiate scan using the TCP connection.
  • nmap -sU 10.10.10.1 – To start the scan using the UDP connection.
  • nmap -Pn 10.10.10.1 – To began the port scan using the selected scans and ignoring the current process.
  • nmap -sS 10.10.10.1 – To initiates a TCP SYN scan.

Verbosity

We would like to here talk about the verbose little also that can be inserted into any of the above mentioned NMAP commands. The NMAP scans have one shortcoming that they take forever to scan and the terminals won’t let you see what’s going on behind the scenes. This makes the waiting process very unbearable.

But, you can here totally tell NMAP to print the completion rate of each terminal. Verbosity helps you in determining the progress of your scan but also helps you in seeing how different hosts and targets react to your scan. With the verbosity, you will be able to see the error message to the probes, which helps you understand why the host isn’t responding.

The verbose option in NMAP syntax is simply -v. You can add the -v flag to almost any NMAP scan. For example, if you want to scan the progress of your local network, then you can scan with the following command.

nmap -v -Pn 10.10.10.0/24

This command will run through a host and port scan for all 254 IP addresses on the 10.10.10.0/24 subnet. Further, it will print the information regarding which address is currently probing and how much time will it take to complete the whole scan and which terminals reacting in, which way. All this will be disclosed by this Linux command.

Well, folks, we have to cut our third installment of Linux command series and for the more information don’t forget to read our next installment.

Send a Message