Difference between revisions of "NetMan - nmap"

From The TinkerNet Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
<span style="background-color: rgb(153, 204, 0); color: rgb(0, 0, 255);" data-mce-style="background-color: #99cc00; color: #0000ff;">'''<big>Now on Wiki.NerdMage.Ca</big>'''</span>
 +
 
*[https://nmap.org/book/man.html Nmap Reference Guide]
 
*[https://nmap.org/book/man.html Nmap Reference Guide]
  
== Some useful nmap scans ==
+
==Some useful nmap scans==
 +
 
 +
===Using nmap to inventory a network===
 
The following command with ''nmap'' with ''root'' privilegies (or using ''sudo''):
 
The following command with ''nmap'' with ''root'' privilegies (or using ''sudo''):
  
 +
*<code>sudo nmap -n -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $2;printf " ---> ";printf $1;printf "\n";}'</code>
  
<code>sudo nmap -sP 192.168.0.0/24 | awk '/Nmap scan report for/{printf $5;}/MAC Address:/{print " => "$3;}' | sort</code>
+
results in:
  
 +
00:10:18:5D:B0:10 ---> 192.168.0.1
 +
28:C6:8E:F9:B8:BF ---> 192.168.0.2
 +
28:C6:8E:29:9D:30 ---> 192.168.0.3
 +
...
 +
(Good luck typing that in by hand...)
 +
 +
Want DNS?:
 +
 +
*<code>sudo nmap -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $3;printf " ---> ";printf $1;printf "\n";}'</code>
  
 
results in:
 
results in:
  
  192.168.0.80 => 00:50:56:AF:56:FB
+
  00:10:18:5D:B0:10 ---> zathras.tinkernow.net
  192.168.0.97 => 00:26:73:78:51:42
+
  28:C6:8E:F9:B8:BF ---> switcha.tinkernow.net
  server1.company.internal.local => 3C:D9:2B:70:BC:99
+
  28:C6:8E:29:9D:30 ---> wap1.tinkernow.net
 
  ...
 
  ...
 +
 +
or both name & address?:
 +
 +
*<code>sudo nmap -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $3;printf " ---> ";printf $2;printf "\t";printf $1;printf "\n";}'</code>
 +
 +
results in:
 +
 +
00:10:18:5D:B0:10 ---> (192.168.0.1) zathras.tinkernow.net
 +
28:C6:8E:F9:B8:BF ---> (192.168.0.2) switcha.tinkernow.net
 +
28:C6:8E:29:9D:30 ---> (192.168.0.3) wap1.tinkernow.net
 +
...
 +
 +
But, for some reason, lack of a name causes odd formatting. And, nmap seems to fail to give the mac address of the machine doing the scan.

Latest revision as of 17:30, 27 December 2021

Now on Wiki.NerdMage.Ca

Some useful nmap scans

Using nmap to inventory a network

The following command with nmap with root privilegies (or using sudo):

  • sudo nmap -n -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $2;printf " ---> ";printf $1;printf "\n";}'

results in:

00:10:18:5D:B0:10 ---> 192.168.0.1
28:C6:8E:F9:B8:BF ---> 192.168.0.2
28:C6:8E:29:9D:30 ---> 192.168.0.3
...

(Good luck typing that in by hand...)

Want DNS?:

  • sudo nmap -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $3;printf " ---> ";printf $1;printf "\n";}'

results in:

00:10:18:5D:B0:10 ---> zathras.tinkernow.net
28:C6:8E:F9:B8:BF ---> switcha.tinkernow.net
28:C6:8E:29:9D:30 ---> wap1.tinkernow.net
...

or both name & address?:

  • sudo nmap -sP 192.168.0.0/24 | awk '/Nmap scan report/{printf $5;printf "\t";printf $6;printf "\t";getline;getline;print $3;}' | awk '{printf $3;printf " ---> ";printf $2;printf "\t";printf $1;printf "\n";}'

results in:

00:10:18:5D:B0:10 ---> (192.168.0.1)	zathras.tinkernow.net
28:C6:8E:F9:B8:BF ---> (192.168.0.2)	switcha.tinkernow.net
28:C6:8E:29:9D:30 ---> (192.168.0.3)	wap1.tinkernow.net
...

But, for some reason, lack of a name causes odd formatting. And, nmap seems to fail to give the mac address of the machine doing the scan.