Nmap

From Ever changing code
Jump to navigation Jump to search

Install nmap

sudo apt install nmap

Install nmap-vulners script

Clone NSE script using some well-known service to provide info on vulnerabilities. The script depends on having software versions at hand, so it only works with -sV flag

# Default scripts location
cd /usr/share/nmap/scripts
git clone https://github.com/vulnersCom/nmap-vulners.git 

nmap --script nmap-vulners -sV 192.168.1.111 > 192.168.1.111.log
# -s discover service
# V  discover service version

Starting Nmap 7.01 ( https://nmap.org ) at 2019-08-12 15:40 PDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000028s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE VERSION
22/tcp  open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)
631/tcp open  ipp     CUPS 2.1
|_http-server-header: CUPS/2.1 IPP/2.1
| vulners: 
|   cpe:/a:apple:cups:2.1: 
|     	CVE-2017-18190	5	https://vulners.com/cve/CVE-2017-18190
|     	CVE-2018-4300	4.3	https://vulners.com/cve/CVE-2018-4300
|_    	CVE-2017-18248	3.5	https://vulners.com/cve/CVE-2017-18248
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 10.65 seconds


Anything with score more than 7 should be act upon.