laitimes

仅需4步,轻松实战Nmap脚本引擎(NSE)

Nmap Script Engine (NSE) is a built-in script that can be used to scan for specific tasks. Through NSE, you can continuously expand the scanning strategy of Nmap and enhance the functions of Nmap.

The --script parameter is used in Nmap to specify the script to be invoked, for Windows scripts stored under the script folder under the Nmap installation path, and for Kali Linux under /usr/share/nmap/script/.

仅需4步,轻松实战Nmap脚本引擎(NSE)

环境准备:Metasploitable2靶场 IP:192.168.0.6

Metasploitable2 教程:搭Metasploitable2

NSE specific use

1. Use Nmap to detect the title information of the web service.

nmap --script http-headers 192.168.0.6

仅需4步,轻松实战Nmap脚本引擎(NSE)

2. Use Nmap to detect the http header of the http service

nmap --script http-headers 192.168.0.6

仅需4步,轻松实战Nmap脚本引擎(NSE)

3. NSE classification and use

Using multiple classification scripts to detect targets can help you find the target's information and weaknesses faster. Use the vulnerability classification script in Nmap to detect the target with the following command:

nmap -sV --script vuln 192.168.0.6

仅需4步,轻松实战Nmap脚本引擎(NSE)

4. Use the Nmap discovery and version information classification to detect, and use the following commands:

nmap -sV --script="version,discovery" 192.168.0.6

仅需4步,轻松实战Nmap脚本引擎(NSE)

Click on the link to learn synchronous video lessons!

"Links"

Read on