1.4. Perintah lainnya
1.4.1. [ -f ] menentukan fragment probes dalam paket sebesar 8 bytes
#nmap f 192.168.1.34
1.4.2. [ -D ] menggunakan decoy
Syntax used: nmap -D [decoy1, decoy2, decoy3, etc| RND:Number]
[target's IP add]
#nmap D 192.168.1.45 192.168.1.46 192.168.1.47 192.168.1.4
1.4.3. [ -sI ] Iddle Scann
Membuat nmap melakukan scann dalam mode background dan memakai ip address
tertentu , sehingga seakan-akan nmap melakukan scann dari host berbeda
[root@bt]# nmap sI 192.168.1.1 192.168.1.4
1.4.4. [--spoof] Spoofing mac address
Membuat nmap melakukan scann dengan memalsukan mac address tertentu
Coba scann ke ip sendiri , nanti akan terlihat perbedaan dalam mac address
[root@bt]# nmap sT PN spoofmac apple 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:56 WIT
Spoofing MAC address 00:03:93:74:DC:88 (Apple Computer)
Nmap scan report for 192.168.1.4
Host is up (0.0015s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds
1.4.5. [--randomize-hosts]
melakukan scann host secara random
#nmap –randomizehosts 192.168.1.1100
1.4.6. [--source-port]/[g]
nmap –sourceport 53 192.168.1.36
nmap –g 53 192.168.1.36
[root@zee zee]# nmap sourceport 21 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
17:01 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15
seconds
1.5. Opsi Output
Menentukan hasil penyimpanan output
1.5.1. Menentukan output dalam bentuk txt
[ root@zee zee]# nmap oN hasil.txt 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 17:06 WIT
Note: Host seems down. If it is really up, but blocking our ping
probes, try Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.45 seconds
[root@zee zee]# nmap oN hasil.txt 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 17:06 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
1.5.2. Menentukan output dalam bentuk xml
[root@zee zee]# nmap oX scanme.xml 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 17:10 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 2.72 seconds
1.5.3. Menentukan output dalam bentuk scriptkiddies
[ root@zee zee]# nmap oS kiddiescan.txt 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 17:13 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
1.6. Perintah – Perintah Advance
1.6.1. FIN scan (-sF)
Tidak mengirimkan bit (header flag TCP adalah 0)
1.6.2. Null scan (-sN)
Hanya menset bit FIN TCP.
1.6.3. Xmas scan (-sX)
Menset flag FIN, PSH, dan URG, menerangi paket seperti sebuah pohon Natal.
1.6.4. Scann Dengan menggunakan script khusus
syntax : nmap –script=broadcast “target IP”
Pilihan script dapet di temukan pada “/usr/local/share/nmap/scripts”
contoh:
nmap –script=smbcheckvulns ”target IP”
nmap –script=sqlinjection ”target IP”
nmap –script=mongodbdatabases ”target IP”
nmap –script=macgeolocation ”target IP”
nmap –script=broadcastnetbiosmasterbrowser ”target IP”
Tambahan opsi perintah
[ - v ] menampilkan output verbose
[ -d ] menampilkan debugging
sekian dari ane gan :D
makasih udah mampir :D
Terimakasih juga kepada Indonesian Backtrack Team
SUMBER : E-BOOK ASWB(attacking side with backtrack) v.1 dan www.indonesianbacktrack.or.id