Linux下如何使用Evilscan扫描网络
导读:本文共3090.5字符,通常情况下阅读需要10分钟。同时您也可以点击右侧朗读,来听本文内容。按键盘←(左) →(右) 方向键可以翻页。
摘要: Evilscan 是一个网络扫描器,它运行在 NodeJS 环境中。有许多种选项,允许用户扫描单个 IP 地址或一个范围的IP。它还允许用户选择扫描单个端口或一组端口。环境Centos8npm(Node包管理器)安装从github中克隆该仓库,如果系统没有安装git和npm需要提前安装:[root@localhost~]#yum-yinstallgitnpm[r... ...
目录
(为您整理了一些要点),点击可以直达。Evilscan 是一个网络扫描器,它运行在 NodeJS 环境中。有许多种选项,允许用户扫描单个 IP 地址或一个范围的IP。它还允许用户选择扫描单个端口或一组端口。
环境
Centos8
npm(Node包管理器)
安装
从github中克隆该仓库,如果系统没有安装git和npm需要提前安装:
[root@localhost~]#yum-yinstallgitnpm[root@localhost~]#gitclonehttps://github.com/eviltik/evilscan.gitCloninginto'evilscan'...remote:Enumeratingobjects:901,done.remote:Countingobjects:100%(178/178),done.remote:Compressingobjects:100%(124/124),done.remote:Total901(delta88),reused114(delta46),pack-reused723Receivingobjects:100%(901/901),12.97MiB|5.66MiB/s,done.Resolvingdeltas:100%(545/545),done.
进入evilscan
工作目录并安装:
[root@localhost~]#cdevilscan/[root@localhostevilscan]#npminstall-gevilscan/usr/local/bin/evilscan->/usr/local/lib/node_modules/evilscan/bin/evilscan.js+evilscan@1.8.0added4packagesfrom4contributorsin6.476s
使用方式
使用下面命令可以查看evilscan的帮助信息:
[root@localhost~]#evilscan--helpUsage:evilscan[options]Example:evilscan--target=192.168.0.0/24--port=21-23,80Options:--portport(s)youwanttoscan,examples:--port=80--port=21,22--port=21,22,23,5900-5900--reversedisplayDNSreverselookup--reversevalidonlydisplayresultshavingavalidreversedns,exceptifportsspecified--geodisplaygeoip(freemaxmind)--bannerdisplaygrabbedbannerwhenavailable--bannerrawdisplayrawbanner(asaJSONBuffer)--bannerlengrabbedbannerlengthinbytesdefault512--progressdisplayprogressindicatoreachseconds--statusportsstatuswantedinresults(example--status=OT)T(timeout)R(refused)O(open,default)U(unreachable)--scanscanmethodtcpconnect(fullconnect,default)tcpsyn(halfopened,notyetimplemented)udp(notyetimplemented)--concurrencymaxnumberofsimultaneoussocketopeneddefault500--timeoutmaximumnumberofmillisecondsbeforeclosingtheconnectiondefault2000--hugescanallownumberofip/portcombinaisongreaterthan16580355(i.ea/24networkwithportrange0-65535)--displaydisplayresultformat(json,xml,console)defaultconsole--outfiledumpresultinafile--jsonshortcutfor--display=json--xmlshortcutfor--display=xml--consoleshortcutfor--display=console--helpdisplayhelp--aboutdisplayabout--versiondisplayversionnumber
使用实例
语法:
evilscan[options]
扫描网络中的一台主机上的0-4000端口,抓取banner并仅显示open的端口:
[root@localhost~]#evilscan192.168.0.10--port=0-4000--banner192.168.0.10|139||open192.168.0.10|135||open192.168.0.10|110||open192.168.0.10|25||open192.168.0.10|445||open192.168.0.10|2381||open192.168.0.10|2301||open192.168.0.10|3389||open
扫描网络中的一台主机上的0-100端口,抓取banner,仅显示打开的端口,使用json格式输出,每秒显示进度状态:
[root@localhost~]#evilscan192.168.0.13--port=0-100--banner--isopen--istimeout--progress--json{"_timeStart":"N/A","_timeElapsed":"N/A","_jobsTotal":100,"_jobsRunning":0,"_jobsDone":0,"_progress":0,"_concurrency":500,"_status":"Starting","_message":"Starting"}{"_timeStart":1628685339594,"_timeElapsed":999,"_jobsTotal":100,"_jobsRunning":100,"_jobsDone":0,"_progress":0,"_concurrency":500,"_status":"Running","_message":"Scanning192.168.0.13:100"}{"_timeStart":1628685339594,"_timeElapsed":2003,"_jobsTotal":100,"_jobsRunning":100,"_jobsDone":0,"_progress":0,"_concurrency":500,"_status":"Running","_message":"Scanning192.168.0.13:100"}{"ip":"192.168.0.13","port":25,"status":"open"}{"ip":"192.168.0.13","port":22,"banner":"SSH-2.0-OpenSSH_7.9-hpn14v15\\r\\n","status":"open"}{"ip":"192.168.0.13","port":80,"status":"open"}{"_timeStart":1628685339594,"_timeElapsed":2019,"_jobsTotal":100,"_jobsRunning":0,"_jobsDone":100,"_progress":100,"_concurrency":500,"_status":"Finished","_message":"Scanned192.168.0.13:80"}
提示:并发数默认为100
。如果想扫描大量的 ip/端口范围,可以使用 --concurrency
选项(例如 1000)。
如果要突破 1024
个打开套接字的限制,使用下面命令更新限制参数:
ulimit-uunlimited
</div> <div class="zixun-tj-product adv-bottom"></div> </div> </div> <div class="prve-next-news">
Linux下如何使用Evilscan扫描网络的详细内容,希望对您有所帮助,信息来源于网络。