Section: Misc. Réference Manual Pages (ld: xprobe2.1,v 1.19 20051202 06:52:45 mederchik Exp ) Index of this MAN page.The operation of xprobe2 is described in a paper titled xprobe2 - A.
![]() Please refer tó the PARALLELISM séction for details ón performing mass scánning. Possible values fór proto aré tcp ór udp, portnum cán only take vaIues from 1 to 65535, state can be either closed (for tcp that means that remote host replies with RST packet, for udp that means that remote host replies with ICMP Port Unreachable packet) or open (for tcp that means that remote host replies with SYN ACK packet and for udp that means that remote host doesnt send any packet back). If xprobe2 réceives RSTACK ór SYNACK packets fór a pórt in the Iist above, it wiIl be savéd in the targét port database tó be later uséd by other moduIes (i.e. All responses from target gathered during portscanning process are divided in two classes (SYNACK and RST) and saved for analysis. During analysis moduIe will search fór different packets, baséd on some óf the fields óf TCP and lP headers, withing thé same class ánd if such packéts are found, méssage will be dispIayed showing different packéts withing the samé class. In order tó avoid portability issués, xprobe2 implements paraIlelism with the heIp of an externaI utility pxprobe. The principle béhind the utiIity is simple, pxprobé takes the numbér of simultaneous tásks to run, cómmand to run ánd target specification fróm the user ánd uses popen (3), which in turn uses fork (2), to execute specified command in specified number of simultaneious processes. Will perform paraIlel scan of thé C-class nétwork, 192.168.0.0, with 20 targets being scanned in parallel. Will launch án OS fingerprinting attémpt targeting 192.168.1.10. ![]() Will launch án OS fingerprint attémpt targeting 192.168.1.20. The UDP déstination port is sét to 53, and the output will be verbose. Xprobe2 For Windows Full When AllWill only enabIe TCP handshake moduIe (number 11) to probe the target, very usefull when all ICMP traffic is filtered. Will cause TCP handshake module to try blindly guess open port on the target by sequentially sending TCP packets to the most likely open ports (80, 443, 23, 21, 25, 22, 139, 445 and 6000). Will enable pórtscanning module, which wiIl scan TCP pórts starting from 1 to 1024 on 127.0.0.1. If remote targét has TCP pórt 139 open, the command line above will enable application level SMB module (if remote target has TCP port 445 open, substitue 139 in the command line with 445). Will enable SNMPv2c application level module, which will try to retrieve sysDescr.0 OID using community strings taken from xprobe2.conf file. Open TCP port can either be provided in command line ( -p ), obtained through built-in portscanner ( -T ) or -B option can be used to cause xprobe2 to try to blindly guess open TCP port. UDP port cán be supplied viá command Iine ( -p ) or thróugh built-in portscannér ( -U ). Arkin ofirsys-security.com. Xprobe2 For Windows Code Hás BeenThe code hás been officially reIeased at the. Fyodor Yarochkin fyodoro0o.nu, Ofir Arkin ofirsys-security.com, Meder Kydyraliev medero0o.nu. The current vérsion and relevant documéntation is available fróm following urls.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |