Kail学习笔记-kali信息搜集工具之DNMAP
一、简介
dnmap是一款基于nmap的分布式扫描工具,它能够用一个集群来对另外一个机群进行扫描。
dnmap根据一个基于nmap命令行来构造的文件来确定扫描的方向。
dnmap采用的是C/S架构,服务端主要是用来分发任务和汇总扫描状态,客户端主要用来执行扫描任务和记录自身的扫描状态。
该工具主要用于你想扫描一个机群时,你自己拥有一个机群(肉鸡)的资源或者你的小伙伴想帮你的情况。
二、项目中包含的工具
- dnmap_client: 客户端软件
root@kali:~# dnmap_client -h
+----------------------------------------------------------------------+
| dnmap Client Version 0.6 |
| This program is free software; you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation; either version 2 of the License, or |
| (at your option) any later version. |
| |
| Author: Garcia Sebastian, eldraco@gmail.com |
| www.mateslab.com.ar |
+----------------------------------------------------------------------+
usage: /usr/bin/dnmap_client <options>
options:
-s, --server-ip IP address of dnmap server.
-p, --server-port Port of dnmap server. Dnmap port defaults to 46001
-a, --alias Your name alias so we can give credit to you for your help. Optional
-d, --debug Debuging.
-m, --max-rate Force nmaps commands to use at most this rate. Useful to slow nmap down. Adds the --max-rate parameter.
- dnmap_server: 服务端软件
root@kali:~# dnmap_server -h
+----------------------------------------------------------------------+
| dnmap_server Version 0.6 |
| This program is free software; you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation; either version 2 of the License, or |
| (at your option) any later version. |
| |
| Author: Garcia Sebastian, eldraco@gmail.com |
| www.mateslab.com.ar |
+----------------------------------------------------------------------+
usage: /usr/bin/dnmap_server <options>
options:
-f, --nmap-commands Nmap commands file
-p, --port TCP port where we listen for connections.
-L, --log-file Log file. Defaults to /var/log/dnmap_server.conf.
-l, --log-level Log level. Defaults to info.
-v, --verbose_level Verbose level. Give a number between 1 and 5. Defaults to 1. Level 0 means be quiet.
-t, --client-timeout How many time should we wait before marking a client Offline. We still remember its values just in case it cames back.
-s, --sort Field to sort the statical value. You can choose from: Alias, #Commands, UpTime, RunCmdXMin, AvrCmdXMin, Status
-P, --pem-file pem file to use for TLS connection. By default we use the server.pem file provided with the server in the current directory.
dnmap_server uses a '<nmap-commands-file-name>.dnmaptrace' file to know where it must continue reading the nmap commands file. If you want to start over again,
just delete the '<nmap-commands-file-name>.dnmaptrace' file
三、使用示例
- 创建一个nmap命令行文件,并把它导入服务端。
root@kali:~# echo "nmap -F 192.168.1.0/24 -v -n -oA sub1" >> dnmap.txt
root@kali:~# echo "nmap -F 192.168.0.0/24 -v -n -oA sub0" >> dnmap.txt
root@kali:~# dnmap_server -f dnmap.txt
+----------------------------------------------------------------------+
| dnmap_server Version 0.6 |
| This program is free software; you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation; either version 2 of the License, or |
| (at your option) any later version. |
| |
| Author: Garcia Sebastian, eldraco@gmail.com |
| www.mateslab.com.ar |
+----------------------------------------------------------------------+
=| MET:0:00:00.000544 | Amount of Online clients: 0 |=
- 用客户端(别名dnmap-client1)来连接服务端(192.168.1.15)
root@kali:~# dnmap_client -s 192.168.1.15 -a dnmap-client1
+----------------------------------------------------------------------+
| dnmap Client Version 0.6 |
| This program is free software; you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation; either version 2 of the License, or |
| (at your option) any later version. |
| |
| Author: Garcia Sebastian, eldraco@gmail.com |
| www.mateslab.com.ar |
+----------------------------------------------------------------------+
Client Started...
Nmap output files stored in 'nmap_output' directory...
Starting connection...
Client connected succesfully...
Waiting for more commands....
Command Executed: nmap -F 192.168.1.0/24 -v -n -oA sub1