Ngemuva cishe konyaka nohhafu kusukela kwethulwa kokugcina, I-Nmap 7.80 Network Security Scanner ikhishwe, yakhelwe ukuhlola inethiwekhi futhi ikhombe amasevisi wenethiwekhi asebenzayo. Uhlaka lufaka imibhalo emisha ye-11 ye-NSE yokuhlinzeka ngokuzenzakalela kwezenzo ezahlukahlukene ngeNmap. Imininingwane yolwazi lwesiginesha ibuyekeziwe ukuze ichaze izinhlelo zokusebenza zenethiwekhi nezinhlelo zokusebenza.
Kulabo abangajwayele iNmap, kufanele wazi ukuthi lokhu kuyinsiza yomthombo ovulekile esetshenziselwa ukwenza ukuskena kwetheku. Yenzelwe i-Linux ekuqaleni yize okwamanje iyi-cross-platform. Isetshenziselwa ukuhlola ukuphepha kwezinhlelo zamakhompyuthaKanye nokuthola izinsizakalo noma amaseva kunethiwekhi yekhompyutha, kule Nmap ithumela amaphakethe achaziwe kwamanye amakhompyutha futhi ihlaziya izimpendulo zayo.
Le software inemisebenzi eyahlukahlukene yokuphenya amanethiwekhi ekhompyutha, kufaka phakathi ukutholakala kwemishini, izinsizakalo nezinhlelo zokusebenza. Le misebenzi iyandiswa ngokusebenzisa imibhalo ukuhlinzeka ngezinsizakalo zokuthola ezithuthukile, ukutholakala kobungozi kanye nezinye izinhlelo zokusebenza. Ngaphezu kwalokho, ngesikhathi sokuskena, iyakwazi ukuzivumelanisa nezimo zenethiwekhi kufaka phakathi ukuminyana kwenethiwekhi nokuxinana.
Phakathi kwezici zayo eziyinhloko kungagqanyiswa okulandelayo:
- Ukutholakala kweseva: Khomba amakhompyutha kunethiwekhi, ngokwesibonelo ngokufaka kuhlu lawo aphendula i-ping
- Khomba amachweba avulekile kukhompyutha eqondisiwe.
- Thola ukuthi yiziphi izinsizakalo ezisebenzayo.
- Thola ukuthi iyiphi uhlelo olusebenzisayo kanye nohlobo olusetshenziswa yikhompyutha, (le ndlela yaziwa nangokuthi ukuthathwa kweminwe).
- Thola ezinye izici zehardware yenethiwekhi yomshini ngaphansi kokuhlolwa.
Izici ezintsha eziyinhloko zeNmap 7.80
Njengoba kushiwo ekuqaleni, kusanda kukhishwa inguqulo entsha yeNmap, lapho umsebenzi omkhulu ugxile ekwenzeni ngcono nasekuqiniseni umtapo wezincwadi weNpcap, eyenzelwe ipulatifomu yeWindows njengokungena esikhundleni kweWinPcap nokusebenzisa iWindows API yesimanje ukuhlela ukuthwebula kwepakethe.
Futhi kuningi ukuthuthuka okuncane okwenziwe kuNmap Scripting Engine (NSE) nemitapo yolwazi ehambisana nayo. UNsock noNcat bangeze ukusekelwa kwezisekelo ezine-AF_VSOCK ekhuluma, esebenza nge-virtio futhi esetshenziselwa ukuxhumana phakathi kwemishini ebonakalayo ne-hypervisor.
Incazelo yesevisi ye-adb yenziwe (I-Android Debug Bridge), enikwe amandla ngokuzenzakalela kumadivayisi amaningi weselula.
Olunye ushintsho oluqhamuka kuNmap 7.80 ukwengeza imiyalo emisha ye-NSE:
broadcast-hid-discoveryd- Inquma ubukhona kunethiwekhi yendawo yamadivayisi we-HID (i-Human Interface Device) ngokuthumela izicelo zokusakaza.broadcast-jenkins-discover- Ichaza amaseva kaJenkins kunethiwekhi yendawo ngokuthumela izicelo zokusakaza.http-hp-ilo-info- Idonsa imininingwane evela kumaseva we-HP ngokusekelwa kobuchwepheshe be-iLO yesilawuli kude.http-sap-netweaver-leak- Inquma ukutholakala kwe-SAP Netweaver portal ne-Knowledge Management Unit evunyelwe, evumela ukufinyelela okungaziwa.https-redirect- Ikhomba amaseva we-HTTP aqondisa kabusha izicelo ku-HTTPS ngaphandle kokushintsha inombolo ye-port.lu-enum- iterates over the logical blocks (LUs, logical drives) yamaseva we-TN3270E.rdp-ntlm-info- Ikhipha imininingwane yesizinda se-Windows kusuka kumasevisi we-RDP.smb-vuln-webexec- Ihlola ukufakwa kwensiza yeWebExService (Cisco WebEx Imihlangano) nokuba khona kwengozi engavumela ukwenziwa kwekhodi.smb-webexec-exploit- Kusizakala ukuba sengozini kuWebExService ukusebenzisa ikhodi ngamalungelo we-SYSTEM.ubiquiti-discovery- Ikhipha imininingwane kusuka kwisevisi ye-Ubiquiti Discovery futhi isiza ekutholeni inombolo yenguqulo.vulners- Thumela izicelo kusizindalwazi se-Vulners ukuhlola ubungozi obususelwa kusevisi nasenguqulweni yohlelo lokusebenza echazwe lapho uqala iNmap.
Ungayifaka kanjani i-Nmap 7.80 ku-Linux?
Kulabo abanentshisekelo yokukwazi ukufaka iNmap namanye amathuluzi wayo kusistimu yabo, Bangakwenza ngokulandela izinyathelo esabelana ngazo ngezansi.
Noma singaphendukela ekuhlanganiseni ikhodi yomthombo yohlelo ohlelweni lwethu. Ikhodi ingalandwa futhi ihlanganiswe ngokwenza okulandelayo:
wget https://nmap.org/dist/nmap-7.80.tar.bz2 bzip2 -cd nmap-7.80.tar.bz2 | tar xvf - cd nmap-7.80 ./configure make su root make install
Endabeni yokwabiwa ngokusekelwa kwamaphakeji e-RPM, bangafaka iphakethe le-Nmap 7.80 ngokuvula i-terminal bese benza imiyalo elandelayo:
sudo rpm -vhU https://nmap.org/dist/nmap-7.80-1.x86_64.rpm sudo rpm -vhU https://nmap.org/dist/zenmap-7.80-1.noarch.rpm sudo rpm -vhU https://nmap.org/dist/ncat-7.80-1.x86_64.rpm sudo rpm -vhU https://nmap.org/dist/nping-0.7.80-1.x86_64.rpm