Masscan入门手册
相关文章
https://www.cnblogs.com/huim/p/12116004.html
https://4hou.win/wordpress/?cat=3080 Nmap vs Masscan
https://blog.csdn.net/nex1less/article/details/108195321 参数说明
https://blog.csdn.net/qq_28719743/article/details/82715978
https://www.cnblogs.com/guixia621/p/8820204.html
centos7 安装 masscan
$ yum install git gcc make libpcap-devel
$ git clone https://github.com/robertdavidgraham/masscan
$ cd masscan
$ make
自我测试
当安装完成是可以测试一下是否安装成功:
[root@centos7 masscan]# make regress
which: no clang in (/opt/masscan/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
bin/masscan --selftest
regression test: success! # 成功显示
添加环境变量
vim /etc/profile
添入下面的代码
masscan=/opt/masscan
PATH=$masscan/bin:$PATH
export masscan PATH
保存退出
[root@centos7 ~]# source /etc/profile
[root@centos7 ~]# masscan -Version #查看版本
Masscan version 1.0.6 ( https://github.com/robertdavidgraham/masscan )
Compiled on: Nov 17 2020 17:13:16
Compiler: gcc 4.8.5 20150623 (Red Hat 4.8.5-44)
OS: Linux
CPU: unknown (64 bits)
GIT version: 1.0.5-88-g8189d51
[root@centos7 ~]# masscan --help # 帮助命令
[root@centos7 ~]# masscan --ping 8.8.8.0/24 #尝试描述
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 09:31:45 GMT
-- forced options: -sn -n --randomize-hosts -v --send-eth
Initiating ICMP Echo Scan
使用
简单使用
[root@centos7 ~]# masscan 10.10.10.0/16 -p443
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 10:03:43 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 65536 hosts [1 port/host]
Discovered open port 443/tcp on 10.10.11.112
Discovered open port 443/tcp on 10.10.10.250
单ip多端口
扫描10.10.10.141 ip 1-20000的端口
[root@centos7 ~]# masscan 10.10.10.141 -p1-20000
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 10:51:07 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 1 hosts [20000 ports/host]
扫描10.10.10.141 ip 21和80端口
[root@centos7 masscan]# masscan 10.10.10.141 -p21,80
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 10:58:34 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 1 hosts [2 ports/host]
多ip单端口
扫描10.10.10.0-10.10.255 ip 80端口
[root@centos7 masscan]# masscan 10.10.10.1-10.10.10.255 -p80
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 11:01:31 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [1 port/host]
Discovered open port 80/tcp on 10.10.10.101
Discovered open port 80/tcp on 10.10.10.85
快速扫描
默认情况下,Masscan扫描速度为每秒100个数据包,这是相当慢的。为了增加这一点,只需提供该-rate选项并指定一个值。
每秒10000个数据包:
[root@centos7 masscan]# masscan 10.10.10.1-10.10.10.255 -p80 --rate 10000
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 11:05:44 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [1 port/host]
Discovered open port 80/tcp on 10.10.10.191
Discovered open port 80/tcp on 10.10.10.244
Discovered open port 80/tcp on 10.10.10.246
结果保存到txt里
[root@centos7 masscan]# masscan 10.10.10.1-10.10.10.255 -p80 --rate 10000 > 115.txt
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 11:08:28 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [1 port/host]
[root@centos7 masscan]# ll
total 60
-rw-r--r--. 1 root root 1360 Nov 17 19:08 115.txt
drwxr-xr-x. 2 root root 58 Nov 17 17:57 bin
drwxr-xr-x. 2 root root 69 Nov 17 17:07 data
drwxr-xr-x. 3 root root 235 Nov 17 17:07 debian
drwxr-xr-x. 2 root root 105 Nov 17 17:07 doc
-rw-r--r--. 1 root root 545 Nov 17 17:07 LICENSE
-rw-r--r--. 1 root root 2948 Nov 17 17:07 Makefile
-rw-r--r--. 1 root root 195 Nov 17 17:14 paused.conf
-rw-r--r--. 1 root root 21164 Nov 17 17:07 README.md
drwxr-xr-x. 2 root root 8192 Nov 17 17:07 src
drwxr-xr-x. 2 root root 4096 Nov 17 17:13 tmp
drwxr-xr-x. 2 root root 97 Nov 17 17:07 vs10
-rw-r--r--. 1 root root 2150 Nov 17 17:07 VULNINFO.md
drwxr-xr-x. 3 root root 49 Nov 17 17:07 xcode4
[root@centos7 masscan]# cat 115.txt
Discovered open port 80/tcp on 10.10.10.249
Discovered open port 80/tcp on 10.10.10.243
Discovered open port 80/tcp on 10.10.10.236
Discovered open port 80/tcp on 10.10.10.155
Discovered open port 80/tcp on 10.10.10.244
Discovered open port 80/tcp on 10.10.10.232
Discovered open port 80/tcp on 10.10.10.246
Discovered open port 80/tcp on 10.10.10.80
Discovered open port 80/tcp on 10.10.10.228
Discovered open port 80/tcp on 10.10.10.85
Discovered open port 80/tcp on 10.10.10.150
Discovered open port 80/tcp on 10.10.10.84
Discovered open port 80/tcp on 10.10.10.191
Discovered open port 80/tcp on 10.10.10.196
Discovered open port 80/tcp on 10.10.10.242
Discovered open port 80/tcp on 10.10.10.5
Discovered open port 80/tcp on 10.10.10.183
[root@centos7 masscan]#
除此之外,您还具有以下输出选项:
-oX filename:输出到filename的XML。
-oG filename:输出到filename在的grepable格式。
-oJ filename:输出到filename在JSON格式。
例:
[root@centos7 ~]# masscan 10.10.10.1-10.10.10.255 -p80 --rate 10000 -oJ result.json
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 11:43:03 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [1 port/host]
[root@centos7 ~]# ll
total 16
-rw-------. 1 root root 1964 Nov 10 09:54 anaconda-ks.cfg
-rw-r--r--. 1 root root 1995 Nov 10 10:03 initial-setup-ks.cfg
-rw-r--r--. 1 root root 166 Nov 17 18:33 paused.conf
-rw-r--r--. 1 root root 1959 Nov 17 19:43 result.json
[root@centos7 ~]# cat result.json
[
{ "ip": "10.10.10.5", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.191", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 63} ] }
,
{ "ip": "10.10.10.232", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.228", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.249", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.196", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.80", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.236", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.11", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.183", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.85", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.84", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
,
{ "ip": "10.10.10.246", "timestamp": "1605613383", "ports": [ {"port": 80, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 64} ] }
]
[root@centos7 ~]#
结果保存至redis 这里存入的是set类型
masscan 10.10.10.0-10.10.10.255 -p80 --rate 10000 --output-format redis -oR 127.0.0.1:6379
[root@centos7 ~]# masscan 10.10.10.0-10.10.10.255 -p80 --rate 10000 --output-format redis -oR 127.0.0.1.:6379
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 12:04:28 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 256 hosts [1 port/host]
redis: unexpected response from redis server: :1found=16
查看一下redis
[root@centos7 conf]# docker exec -it myredis redis-cli
127.0.0.1:6379> keys *
1) "10.10.10.150"
2) "10.10.10.243"
3) "10.10.10.80"
4) "10.10.10.236"
5) "10.10.10.243:80/tcp"
6) "10.10.10.80:80/tcp"
7) "10.10.10.244:80/tcp"
8) "10.10.10.244"
9) "10.10.10.183"
10) "10.10.10.84:80/tcp"
11) "10.10.10.246:80/tcp"
12) "10.10.10.249"
13) "10.10.10.85"
14) "10.10.10.150:80/tcp"
15) "10.10.10.242:80/tcp"
16) "10.10.10.249:80/tcp"
17) "10.10.10.85:80/tcp"
18) "host"
19) "10.10.10.236:80/tcp"
20) "10.10.10.196:80/tcp"
21) "10.10.10.160"
22) "10.10.10.228"
23) "10.10.10.160:80/tcp"
24) "10.10.10.84"
25) "10.10.10.196"
26) "10.10.10.246"
27) "10.10.10.191:80/tcp"
28) "10.10.10.228:80/tcp"
29) "10.10.10.183:80/tcp"
30) "abc"
31) "10.10.10.232:80/tcp"
32) "10.10.10.232"
33) "10.10.10.242"
34) "10.10.10.191"
配置文件
存储至redis
[root@centos7 masscan]# cd /root
[root@centos7 masscan]# vim msconfig-redis.conf
写入下面的配置
rate = 5000.00
output-format redis
redis = 127.0.0.1:6379
ports = 80,6379
range = 10.10.10.1-10.10.10.100,10.10.10.101-10.10.10.255
执行
[root@centos7 masscan]# masscan -c msconfig-redis.conf
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 12:25:16 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [2 ports/host]
查看redis里
127.0.0.1:6379> keys *
1) "10.10.10.98:80/tcp"
2) "10.10.10.236"
3) "10.10.10.199"
4) "10.10.10.91:6379/tcp"
5) "10.10.10.80:80/tcp"
6) "10.10.10.244:80/tcp"
7) "10.10.10.249:6379/tcp"
8) "10.10.10.102"
9) "10.10.10.91:80/tcp"
10) "10.10.10.183"
11) "10.10.10.84:80/tcp"
12) "10.10.10.246:80/tcp"
13) "10.10.10.227:80/tcp"
14) "10.10.10.249"
15) "10.10.10.190"
16) "10.10.10.197"
17) "10.10.10.242:80/tcp"
18) "10.10.10.236:80/tcp"
19) "10.10.10.101:80/tcp"
20) "10.10.10.227"
21) "10.10.10.101"
22) "10.10.10.160"
23) "10.10.10.228"
24) "10.10.10.5:80/tcp"
25) "10.10.10.186:80/tcp"
26) "10.10.10.160:80/tcp"
27) "10.10.10.246"
28) "10.10.10.17:6379/tcp"
29) "10.10.10.191:6379/tcp"
30) "10.10.10.191:80/tcp"
31) "10.10.10.228:80/tcp"
32) "10.10.10.98"
33) "10.10.10.183:80/tcp"
34) "10.10.10.192"
35) "10.10.10.235"
36) "10.10.10.250:80/tcp"
37) "10.10.10.154"
38) "10.10.10.232"
39) "10.10.10.242"
40) "10.10.10.191"
41) "10.10.10.243"
42) "10.10.10.150"
43) "10.10.10.235:80/tcp"
44) "10.10.10.80"
45) "10.10.10.91"
46) "10.10.10.243:80/tcp"
47) "10.10.10.197:6379/tcp"
48) "10.10.10.64"
49) "10.10.10.190:80/tcp"
50) "10.10.10.154:80/tcp"
51) "10.10.10.244"
52) "10.10.10.155"
53) "10.10.10.184:80/tcp"
54) "10.10.10.189:80/tcp"
55) "10.10.10.82:6379/tcp"
56) "10.10.10.199:6379/tcp"
57) "10.10.10.85"
58) "10.10.10.188:80/tcp"
59) "10.10.10.150:80/tcp"
60) "10.10.10.249:80/tcp"
61) "10.10.10.250"
62) "10.10.10.85:80/tcp"
63) "host"
64) "10.10.10.188"
65) "10.10.10.102:80/tcp"
66) "10.10.10.196:80/tcp"
67) "10.10.10.108:6379/tcp"
68) "10.10.10.64:80/tcp"
69) "10.10.10.184"
70) "10.10.10.155:80/tcp"
71) "10.10.10.5"
72) "10.10.10.11:80/tcp"
73) "10.10.10.150:6379/tcp"
74) "10.10.10.196"
75) "10.10.10.84"
76) "10.10.10.17"
77) "10.10.10.186"
78) "10.10.10.108"
79) "10.10.10.232:80/tcp"
80) "10.10.10.82"
81) "10.10.10.189"
82) "10.10.10.192:80/tcp"
83) "10.10.10.11"
127.0.0.1:6379>
配置存储为xml格式
[root@centos7 masscan]# cd /root
[root@centos7 masscan]# vim msconfig-xml.conf
写入下面的配置
rate = 10000
output-format = xml
output-filename = masscan.xml
ports = 80,6379
range = 10.10.10.1-10.10.10.100,10.10.10.101-10.10.10.255
执行查看结果
[root@centos7 masscan]# masscan -c msconfig-xml.conf
Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2020-11-17 12:33:52 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 255 hosts [2 ports/host]
[root@centos7 masscan]# ll
total 16
-rw-r--r--. 1 root root 7025 Nov 17 20:34 masscan.xml
-rw-r--r--. 1 root root 133 Nov 17 20:24 msconfig-redis.conf
-rw-r--r--. 1 root root 138 Nov 17 20:33 msconfig-xml.conf
[root@centos7 masscan]# cat masscan.xml
<?xml version="1.0"?>
<!-- masscan v1.0 scan -->
<nmaprun scanner="masscan" start="1605616432" version="1.0-BETA" xmloutputversion="1.03">
<scaninfo type="syn" protocol="tcp" />
<host endtime="1605616432"><address addr="10.10.10.183" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.243" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.232" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.191" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.249" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.228" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.17" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.80" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.242" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.236" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.191" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="63"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.150" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.85" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.235" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.150" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.196" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.160" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.190" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.84" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.199" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616432"><address addr="10.10.10.11" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.98" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.5" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.246" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.249" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.227" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.82" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.184" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.197" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.102" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.189" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.154" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.101" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.244" addrtype="ipv4"/><ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<host endtime="1605616433"><address addr="10.10.10.91" addrtype="ipv4"/><ports><port protocol="tcp" portid="6379"><state state="open" reason="syn-ack" reason_ttl="64"/></port></ports></host>
<runstats>
<finished time="1605616444" timestr="2020-11-17 20:34:04" elapsed="12" />
<hosts up="35" down="0" total="35" />
</runstats>
</nmaprun>
[root@centos7 masscan]#
配置扫描的ip段文件
./masscan -p0-65535 -iL ip.txt --max-rate 100000 --banners -oJ f.json
-iL 扫描文件中的ip地址
[root@centos7 masscan]# cat ip.txt
172.16.127.0/24
172.16.124.0/24
详细参数
<ip/range> IP地址范围,有三种有效格式,1、单独的IPv4地址 2、类似"10.0.0.1-10.0.0.233"的范围地址 3、CIDR地址 类似于"0.0.0.0/0",多个目标可以用都好隔开
-p <ports,--ports <ports>> 指定端口进行扫描
--banners 获取banner信息,支持少量的协议
--rate <packets-per-second> 指定发包的速率
--max-rate 每秒发的包数量,根据机器和网络情况自行选择 例:--max-rate 100000
-c <filename>, --conf <filename> 读取配置文件进行扫描
-iL 扫描文件中的ip地址 例:-iL ip.txt
--echo 将当前的配置重定向到一个配置文件中
-e <ifname> , --adapter <ifname> 指定用来发包的网卡接口名称
--adapter-ip <ip-address> 指定发包的IP地址
--adapter-port <port> 指定发包的源端口
--adapter-mac <mac-address> 指定发包的源MAC地址
--router-mac <mac address> 指定网关的MAC地址
--exclude <ip/range> IP地址范围黑名单,防止masscan扫描
--excludefile <filename> 指定IP地址范围黑名单文件
--includefile,-iL <filename> 读取一个范围列表进行扫描
--ping 扫描应该包含ICMP回应请求
--append-output 以附加的形式输出到文件
--iflist 列出可用的网络接口,然后退出
--retries 发送重试的次数,以1秒为间隔
--nmap 打印与nmap兼容的相关信息
--http-user-agent <user-agent> 设置user-agent字段的值
--show [open,close] 告诉要显示的端口状态,默认是显示开放端口
--noshow [open,close] 禁用端口状态显示
--pcap <filename> 将接收到的数据包以libpcap格式存储
--regress 运行回归测试,测试扫描器是否正常运行
--ttl <num> 指定传出数据包的TTL值,默认为255
--wait <seconds> 指定发送完包之后的等待时间,默认为10秒
--offline 没有实际的发包,主要用来测试开销
-sL 不执行扫描,主要是生成一个随机地址列表
--readscan <binary-files> 读取从-oB生成的二进制文件,可以转化为XML或者JSON格式.
--connection-timeout <secs> 抓取banners时指定保持TCP连接的最大秒数,默认是30秒。
Masscan入门手册的更多相关文章
- [转帖]Masscan教程和入门手册
Masscan教程和入门手册 https://www.4hou.com/tools/8251.html 愣娃 安全工具 2017年11月1日发布 收藏 导语:masscan是为了尽可能快地扫描整个互联 ...
- Github快速入门手册
最近在试用Github,开源的思想也让人觉得把一些经验分享出来是非常好的事情.附件是doc文件,如有需要请注意查收.希望能对你有帮助. GITHUB基于互联网的版本控制快速入门手册 如有不妥,欢迎指正 ...
- Node.js 入门手册:那些最流行的 Web 开发框架
这篇文章与大家分享最流行的 Node.js Web 开发框架.Node 是一个服务器端 JavaScript 解释器,它将改变服务器应该如何工作的概念.它的目标是帮助程序员构建高度可伸缩的应用程序,编 ...
- DPDK2.1 linux上开发入门手册
1引言 本文档主要包含INTEL DPDK安装和配置说明.目的是让用户快速的开发和运行程序.文档描述了如何在不深入细节的情况下在linux应用开发环境上编译和运行一个DPDK应用程序. 1.1文档总览 ...
- Mybatis-Plus3.0入门手册
Mybatis-Plus3.0入门手册 ref: https://blog.csdn.net/moshowgame/article/details/81008485 Mybatis-Plus简介 ...
- 电子书下载:Delphi XE 5 移动开发入门手册(完整版)
更多电子书请到: http://maxwoods.400gb.com 下载:Delphi XE5移动开发入门手册(完整版)
- MyBean 框架入门手册<感谢[青铜]整理的如此细致和系统>
MyBean 框架入门手册 2014/9/15 by lighttop 目 录 MyBean 框架学习笔记............................................... ...
- hadoop入门手册5:Hadoop【2.7.1】初级入门之命令:文件系统shell2
问题导读 1.改变hdfs文件的权限,需要修改哪个配置文件?2.获取一个文件的或则目录的权限,哪个命令可以实现?3.哪个命令可以实现设置访问控制列表(ACL)的文件和目录? 接上篇:Hadoop[2. ...
- hadoop入门手册4:Hadoop【2.7.1】初级入门之命令:文件系统shell1
问题导读1.Hadoop文件系统shell与Linux shell有哪些相似之处?2.如何改变文件所属组?3.如何改变hdfs的文件权限?4.如何查找hdfs文件,并且不区分大小写? 概述文件系统 ( ...
- hadoop入门手册3:Hadoop【2.7.1】初级入门之命令指南
问题导读1.hadoop daemonlog管理员命令的作用是什么?2.hadoop如何运行一个类,如何运行一个jar包?3.hadoop archive的作用是什么? 概述 hadoop命令被bin ...
随机推荐
- KingabseES 构造常量数据表的方式 union, values, array
背景 通用报表系统中,如果过滤条件是多选数据项,需要动态构造虚拟数据表,这里也会成为查询性能的痛点. 构造方式与执行计划 构造1000行数据的虚拟表. SQL UNION 组合多个查询的结果,需要解析 ...
- 【已解决】Exception in thread "main" java.lang.RuntimeException: java.net.ConnectException
没有启动hadoop集群
- Ubuntu20.04 LTS国内源安装指定版本Docker/docker-compose
1.卸载旧版本Docker #卸载旧版本docker sudo apt-get remove docker docker-engine docker-ce docker.io #清空旧版docker占 ...
- #二分,spfa#洛谷 1948 [USACO08JAN] Telephone Lines S
题目 分析 二分答案,设高于答案的边权为1,否则为0 然后如果最短路答案\(\leq k\)那么这个答案符合要求 代码 #include <cstdio> #include <cct ...
- SQL CREATE INDEX 语句- 提高数据库检索效率的关键步骤
SQL CREATE INDEX 语句 SQL CREATE INDEX 语句用于在表中创建索引. 索引用于比其他方式更快地从数据库中检索数据.用户无法看到索引,它们只是用于加速搜索/查询. 注意: ...
- SQL 通配符:用于模糊搜索和匹配的 SQL 关键技巧
SQL通配符字符 通配符字符用于替代字符串中的一个或多个字符.通配符字符与LIKE运算符一起使用.LIKE运算符用于在WHERE子句中搜索列中的指定模式. 示例 返回所有以字母 'a' 开头的客户: ...
- Maven——阿里云镜像
<mirror> <id>nexus-aliyun</id> <mirrorOf>*,!jeecg,!jeecg-snapshots</mirro ...
- C语言 03 原码 反码 补码
原码 计算机中所有的数字都是使用 0 和 1 这样的二进制数来进行表示的. 这时如果要存储一个数据,比如十进制的 3,那么就需要使用 2 个二进制位来保存,二进制格式为 11,占用两个位置,称为 2 ...
- scala json解析到case类
有时候,需要将从json文件读取程序配置设置,并同步到定义好的一些case类中,这个时候可以使用 io.circe解析json文件,并同步文件字段到定义好的case类 case class Confi ...
- Caused by: org.gradle.api.internal.plugins.PluginApplicationException: Failed to apply plugin[id:xxx.xxx.xxx]
前言 看下这个完整的bug: Caused by: org.gradle.api.internal.plugins.PluginApplicationException: Failed to appl ...