nmap cheatsheet

oneslide

已于 2022-05-19 11:30:10 修改

阅读量173

点赞数

CC 4.0 BY-SA版权

分类专栏：安全文章标签： linux

于 2022-05-19 11:21:49 首次发布

本文链接：https://blog.csdn.net/qq_33745102/article/details/124859333

安全专栏收录该内容

1 篇文章

订阅专栏

该文介绍了如何利用Nmap工具进行网络扫描，包括检查端口是否开放、扫描目标IP的所有端口、识别目标主机服务以及扫描同网段IP。通过示例展示了Nmap命令的用法，如`nmap -p`、`nmap -A -T4`和`nmap -sP`等，揭示了网络环境中主机和服务的状态。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

文章目录

扫描端口

1. 判断端口是否打开

$ nmap 192.168.10.11 -p 80

# 未打开状态
Nmap scan report for 192.168.10.11
Host is up (0.00036s latency).
PORT   STATE  SERVICE
80/tcp closed http
MAC Address: 00:0C:29:92:54:F9 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds

$ nmap 192.168.10.11 -p 22
# 打开状态
Nmap scan report for 192.168.10.11
Host is up (0.00047s latency).
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:0C:29:92:54:F9 (VMware)

2. 扫描目标IP所有端口

nmap -A -T4 192.168.10.11

输出分析：

# 22开放了ssh, 80端口开放http
Starting Nmap 6.40 ( http://nmap.org ) at 2022-05-19 11:05 CST
Nmap scan report for 192.168.10.11
Host is up (0.00035s latency).
Not shown: 998 filtered ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 2048 8f:34:e9:6c:06:5c:3d:32:97:a4:7a:c8:07:8e:17:7c (RSA)
|_256 1a:15:32:27:75:e7:39:17:80:a2:11:6e:13:8e:e9:bd (ECDSA)
80/tcp open  http    nginx 1.20.1
|_http-methods: No Allow or Public header in OPTIONS response (status code 405)
|_http-title: Welcome to CentOS
MAC Address: 00:0C:29:92:54:F9 (VMware)

TRACEROUTE
HOP RTT     ADDRESS
1   0.35 ms 192.168.10.11

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 15.63 seconds

3. 扫描目标主机服务

$ nmap -T4 -sV 192.168.10.11

Starting Nmap 6.40 ( http://nmap.org ) at 2022-05-19 11:23 CST
Nmap scan report for 192.168.10.11
Host is up (0.00034s latency).
Not shown: 998 filtered ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
80/tcp open  http    nginx 1.20.1
MAC Address: 00:0C:29:92:54:F9 (VMware)

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 23.41 seconds

扫描同网段IP

$ nmap -sP 192.168.10.0/24

Starting Nmap 6.40 ( http://nmap.org ) at 2022-05-19 11:28 CST
Nmap scan report for 192.168.10.1
Host is up (-0.10s latency).
MAC Address: 00:50:56:C0:00:08 (VMware)
Nmap scan report for 192.168.10.2
Host is up (0.00016s latency).
MAC Address: 00:50:56:F4:89:6C (VMware)
Nmap scan report for 192.168.10.11
Host is up (0.00022s latency).
MAC Address: 00:0C:29:92:54:F9 (VMware)
Nmap scan report for 192.168.10.254
Host is up (-0.10s latency).
MAC Address: 00:50:56:EB:13:C7 (VMware)
Nmap scan report for 192.168.10.8
Host is up.
Nmap scan report for 192.168.10.64
Host is up.
Nmap done: 256 IP addresses (6 hosts up) scanned in 3.16 seconds