Commands matching nmap (86)


  • 0
    sudo nmap -sU -p 53 8.8.8.8
    aysadk · 2017-08-16 19:59:18 17

  • 0
    nmap find alive hosts
    aysadk · 2017-08-17 11:04:08 14
  • List all your public IPs in an EC2/AWS region, and run an nmap scan against them (ignoring ping response). Requires: aws cli, jq for shell JSON processing Show Sample Output


    0
    nmap -P0 -sV `aws --output json ec2 describe-addresses | jq -r '.Addresses[].PublicIp'` | tee /dev/shm/nmap-output.txt
    NightMonkey · 2017-08-18 17:55:13 17

  • 0
    nmap -sn 192.168.1.0/24
    aysadk · 2017-10-04 11:19:43 20
  • Trying to check for an open port and missing netcat or nmap? This is the lowest common denominator way to verify a port is accessible from one server to another. This will give you a pretty quick return of 0 if it works. If it fails, it will just hang and takes awhile to timeout. I usually ctrl+c the command. "echo ?$" will give you an exit code other then 0 after you exit. Show Sample Output


    0
    cat < /dev/null > /dev/tcp/<hostname or ip>/<port>; echo $?
    pborowicz · 2018-02-14 15:51:51 36
  • This is helpful if you connect to several networks with different subnets such as 192 networks, 10 networks, etc. Cuts first three octets of ip from ifconfig command and runs nmap ping scan on that subnet. Replace wlan0 with your interface. Assumes class c network, if class b use: cut -d "." -f 1-2 and change nmap command accordingly.


    -1
    dhclient wlan0 && sbnt=$(ifconfig wlan0 |grep "inet addr" |cut -d ":" -f 2 | cut -d "." -f 1-3) && nmap $sbnt.0/24 -sP
    wltj · 2010-06-22 21:00:29 6
  • Today many hosts are blocking traditional ICMP echo replay for an "security" reason, so nmap's fast ARP scan is more usable to view all live IPv4 devices around you. Must be root for ARP scanning.


    -1
    nmap -sP -PR -oG - `/sbin/ip -4 addr show | awk '/inet/ {print $2}' | sed 1d`
    l3k · 2011-07-21 11:50:26 3
  • Not really an easier solution. But an example using && for (if last command returned 0). You can use || for (if last command returned other than 0).. Show Sample Output


    -2
    prefix="10.0.0" && for i in `seq 25`; do ping -c 1 $prefix.$i &> /dev/null && echo "Answer from: $prefix.$i" ; done
    xeor · 2010-04-07 17:17:21 4

  • -2
    nmap -sS -O -v -oS - 192.168.2.0/24
    ene2002 · 2014-01-31 18:04:06 135
  • Displays live hosts on the same network as the local machine with their hostnames and IP addresses. This command is IPv6 and multiple network adapter safe and does not rely on awk or sed, however it requires the "nmap" package installed. Might not work on OSX. Example alias for shell startup file: alias livehosts='nmap -sP "$(ip -4 -o route get 1 | cut -d " " -f 7)"/24 | grep report | cut -d " " -f 5-' Show Sample Output


    -2
    nmap -sP "$(ip -4 -o route get 1 | cut -d ' ' -f 7)"/24 | grep report | cut -d ' ' -f 5-
    lordtoran · 2019-02-01 03:52:02 33
  • Just copy and paste the code in your terminal. Note : sudo apt-get for debian versions , change as per your requirement . Source : www.h3manth.com


    -6
    sudo wget -c "http://nmap.org/dist/nmap-5.00.tar.bz2" && bzip2 -cd nmap-5.00.tar.bz2 | tar xvf - && cd nmap-5.00 && ./configure && make && sudo make install
    hemanth · 2009-07-26 11:36:53 7
  • ‹ First  < 2 3 4

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Which processes are listening on a specific port (e.g. port 80)
swap out "80" for your port of interest. Can use port number or named ports e.g. "http"

Rename files in batch

Download an Entire website with wget

Set laptop display brightness
Run as root. Path may vary depending on laptop model and video card (this was tested on an Acer laptop with ATI HD3200 video). $ cat /proc/acpi/video/VGA/LCD/brightness to discover the possible values for your display.

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

a short counter
Maybe you know shorter ?

Log colorizer for OSX (ccze alternative)
Download colorizer by @raszi @ http://github.com/raszi/colorize

add all files not under version control to repository
This should handle whitespaces well and will not get confused if your filenames have "?" in them

Sort netflow packet capture
Sort netflow packet capture by unique connections excluding source port.

back ssh from firewalled hosts
host B (you) redirects a modem port (62220) to his local ssh. host A is a remote machine (the ones that issues the ssh cmd). once connected port 5497 is in listening mode on host B. host B just do a ssh 127.0.0.1 -p 5497 -l user and reaches the remote host'ssh. This can be used also for vnc and so on.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: