Penetration Testing – NMAP Scripting Engine
Hello everyone now let us talk about an web scripting engine so nmf scripting engine is actually a part of an nmap and it’s one of the most powerful feature of the nmap so through animal scripting engine we can write our own scripts which we can use in performing different networking tasks so we can also use pre-written scripts of various security researchers present already in animal scripting engine so one of the most powerful of feature of this tool is that we can use this tool for standing our target and once we scan the target we can exploit our target so this tool is also comes in the category of V apt tool that is vulnerability assessment and penetration testing tool so here you can see the NSE script categories so in NSE under scripting engine the scripts are divided into different categories as follows so the first one is auth so the scripts which are present inside the earth categories are actually used for finding the authentication pages or for authentication purposes then the scripts which are present inside the Brut categories is actually used for brute-forcing the target like for performing different good force attack dictionary attacks to FTP logins astir DP logins and so on so the script present in discovery categories is actually used for finding the target or used for scanning the target then there are other categories like dos exploit further used for fuzzing the target and malware so if you want to know more about NSE scripts categories then you can visit their official website here is the link given below so now let’s see that how we can use animal scripting engine in order to exploit our target now let’s see that how we can use and map scripting engine so in the last video I showed you that how we can use and map and we all know that an maps scripting engine is a part of an map so NSE contains a different different scripts divided into different categories like script for authentication script for host discovery script for reckonings and so on so forth so let’s start and map first so right now I’m inside my Kali Linux instance and here is the terminal cally terminal you can see so in order to use any script any of the nmap scripting engine script inside our and map search what we have to do is we first have to write an map then we have to give an additional parameter called a script – – script followed by the script name so in this first search I am using a simple script called as banner so what this script will do the script will make an connection with an any open port on a server if that open port sent anything to our script or anything to our request then that script will print out that data here in the result so I’m using the script and map – – script script name is banner followed by the website name okay so here you can see that it has printed out the banner of port 22 and banner detail is ssh version and same like port 3306 it’s printing its banner and same for the port five nine double zero so this was the simple script which just print the banner and some any random data sent by the particular port now let’s use some another scripts of NS e so n map – – script now I’m using one script called as HTTP headers so first of all what is HTTP headers HTTP headers are nothing but just our HTTP request and response means how our request and response looks like so there is one script in an web scripting engine called as HTTP headers so I am using this script so nmap – – script HTTP headers followed by the website name okay now let’s analyze the result so as we all know that the port number for HTTP is 80 and here you can see the list of HTTP header so now what our HTTP request contains or what’s inside the HTTP header so here is the list so it also it contains date the server information to whom it requesting or receiving the request response then access control X power then connection close connection type text HTML now let’s scroll down and let’s read the HTTP header it’s same and the request type is head so this was all about HTTP headers now let use one script which will enumerate all the important directories on a remote server owner or on a remote website so their script name is HTTP ennum so let me just write down and map – – script followed by the script name that is HTTP ennum and followed by the website name okay now let’s analyze the result so at port number 80 it has an M rated sum of files and some of its directories here you can see and same for the port 443 slash icon slash images slash help so now if you remember our last video about scanning the target in which I showed you that how we can scan the different different subdomains of a particular website by using nach PI scan so there is one script in nmap called as DNS brute which will perform same tasks as nope I do so now let’s use that script to enumerate the sub domain so the script name is DNS root now let’s check the subdomains for google.com hit enter okay so here you can see that it has listed out all the subdomains of google.com along with its IP address so you can see a long list of detail of a domain names of Qualcomm so this was a quick short introduction about nmap scripting engine so thanks for watching this video …
We acknowledge that this video belongs to the author and thank them for it’s use.
Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education and research. Fair use is a use permitted by copyright statute that might otherwise be infringing..
As found on Youtube