Commands tagged nmap (18)

  • nmap for windows and other platforms is available on developer's site: http://nmap.org/download.html nmap is robust tool with many options and has various output modes - is the best (imho) tool out there.. from nmap 5.21 man page: -oN/-oX/-oS/-oG : Output scan in normal, XML, s| Show Sample Output


    6
    nmap -v -sP 192.168.0.0/16 10.0.0.0/8
    anapsix · 2010-07-14 19:53:02 0
  • Using NMAP to check to see if port 22(SSH) is open on servers and network devices. Show Sample Output


    6
    nmap -oG - -T4 -p22 -v 192.168.0.254 | grep ssh
    SeeFor · 2011-01-11 16:12:23 0

  • 6
    nmap --iflist
    bandie91 · 2013-06-22 10:50:43 1
  • scan whole specific network for active online ips Show Sample Output


    6
    nmap -n -sn 192.168.1.0/24 -oG - | awk '/Up$/{print $2}'
    aysadk · 2019-09-04 13:31:53 4
  • This command uses nmap to perform reverse DNS lookups on a subnet. It produces a list of IP addresses with the corresponding PTR record for a given subnet. You can enter the subnet in CDIR notation (i.e. /24 for a Class C)). You could add "--dns-servers x.x.x.x" after the "-sL" if you need the lookups to be performed on a specific DNS server. On some installations nmap needs sudo I believe. Also I hope awk is standard on most distros. Show Sample Output


    4
    nmap -R -sL 209.85.229.99/27 | awk '{if($3=="not")print"("$2") no PTR";else print$3" is "$2}' | grep '('
    netsaint · 2009-09-02 16:33:15 1
  • Shows how many Windows and Linux devices are on your network. May add support for others, but that's all that are on my network right now. Show Sample Output


    3
    sudo nmap -F -O 192.168.1.1-255 | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"
    matthewbauer · 2010-01-10 03:09:56 2

  • 3
    nmap -sP 192.168.1.0/24
    harpo · 2014-11-07 12:15:06 0

  • 2
    nmap -sn 192.168.1.0/24
    pdxdoughnut · 2014-01-28 23:32:18 0
  • Will report back IP address's of all hosts that are UP. Show Sample Output


    2
    fping -ga 192.168.1.0/24 2> /dev/null
    netaxiz · 2014-01-31 19:19:19 0
  • populate the auth.hosts file with a list of IP addresses that are authorized to be in use and when you run this command it will return the addresses that are pingable and not in the authorized list. Can be combined with the "Command line Twitter" command to tweet unauthorized access. Show Sample Output


    1
    diff <(nmap -sP 192.168.1.0/24 | grep ^Host | sed 's/.appears to be up.//g' | sed 's/Host //g') auth.hosts | sed 's/[0-9][a-z,A-Z][0-9]$//' | sed 's/</UNAUTHORIZED IP -/g'
    bandit36 · 2009-03-12 05:28:08 3
  • TCP Connect scanning for localhost and network 192.168.0.0/24 Show Sample Output


    1
    nmap -v -sT 192.168.0.0/24
    Dhinesh · 2011-11-19 07:06:52 0
  • the command for the impatient sysadmin: simply checks every five secs, if a host or a specific service running on it is up. ideal for hosts that are configured not to respond on pings. Show Sample Output


    0
    while true; do clear; nmap ${hostname} -PN -p ${hostport}; sleep 5; done
    flokra · 2009-08-14 20:19:59 0
  • Change the IP address from 127.0.0.1 to the target machines ip address. Even if the target has ICMP (ping) blocked, it will show you what ports are open on the target. Very handy for situations where you know the target is up and online but wont respond to pings. Show Sample Output


    0
    nmap -sT -PN -vv <target ip>
    Richie086 · 2011-07-22 02:37:19 0
  • Check to see if a port is open or closed on a given host. Show Sample Output


    0
    checkport() { sudo nmap -sS -p $1 $2 }
    peterRepeater · 2011-12-13 11:46:15 1
  • Nmap will list all IP's in the target specified, can specify subnet or range of IP addresses. It will attempt to resolve all IP's listed. No packets sent to target only generates DNS queries. Show Sample Output


    0
    nmap -sL 74.125.237.1/24
    the_wanderer · 2012-05-30 00:51:20 0

  • 0
    nmap -n 10.0.0.50 | grep udp | cut -d":"-f3>> test02
    h_kaur2 · 2015-11-13 13:28:35 0

  • 0
    nmap -n 10.0.0.50 | grep udp | cut -d":"-f3>>
    h_kaur2 · 2015-11-13 13:31:14 0
  • Displays live hosts on the same network as the local machine with their hostnames and IP addresses. This command is IPv6 and multiple network adapter safe and does not rely on awk or sed, however it requires the "nmap" package installed. Might not work on OSX. Example alias for shell startup file: alias livehosts='nmap -sP "$(ip -4 -o route get 1 | cut -d " " -f 7)"/24 | grep report | cut -d " " -f 5-' Show Sample Output


    -2
    nmap -sP "$(ip -4 -o route get 1 | cut -d ' ' -f 7)"/24 | grep report | cut -d ' ' -f 5-
    lordtoran · 2019-02-01 03:52:02 0

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Stream YouTube URL directly to mplayer.
This is the result of a several week venture without X. I found myself totally happy without X (and by extension without flash) and was able to do just about anything but watch YouTube videos... so this a the solution I came up with for that. I am sure this can be done better but this does indeed work... and tends to work far better than YouTube's ghetto proprietary flash player ;-) Replace $i with any YouTube ID you want and this will scrape the site for the _real_ URL to the full quality .FLV file on Youtube's server and will then will hand that over to mplayer (or vlc or whatever you want) to be streamed. In some browsers you can replace $i with just a % or put this in a shell script so all YouTube IDs can be handed directly off to your media player of choice for true streaming without the need for Flash or a downloader like clive. (I do however fully recommend clive if you wish to archive videos instead of streaming them) If any interest is shown I would be more than happy to provide similar commands for other sites. Most streaming flash players use similar logic to YouTube. Edit: 05/03/2011 - Updated line to work with current YouTube. It could be a lot prettier but I will probably follow up with another update when I figure out how to get rid of that pesky Grep. Sed should take that syntax... but it doesn't. Original (no longer working) command: mplayer -fs $(echo "http://youtube.com/get_video.php?$(curl -s $youtube_url | sed -n "/watch_fullscreen/s;.*\(video_id.\+\)&title.*;\1;p")")

Which processes are listening on a specific port (e.g. port 80)
swap out "80" for your port of interest. Can use port number or named ports e.g. "http"

Record live sound in Vorbis (eg for bootlegs or to take audio notes)
This will record the capture channel of your soundcard, directly encoded in Ogg Vorbis, in stereo at quality 5 (I'm using this to record live jam sessions from my line input). You can choose which device to capture (eg. line input, microphone or PCM output) with $ alsamixer -V capture You can do the same thing and live encode in MP3 or FLAC if you wish, just check FLAC and LAME man pages.

Find out the active XOrg Server DISPLAY number (from outside)
It's useful when you cannot access your env (systemd) or the process DISPLAY variable is not set. Perhaps also when you have a multi-head/user configuration.

Check every URL redirect (HTTP status codes 301/302) with curl
curl -sLkIv --stderr - https://t.co/2rQjHfptZ8 -s: silences the output when piped to a different command -L: follow every redirect -k: ignores certificate errors -I: just request the headers -v: be verbose --stderr - : redirect stderr to stdout https://t.co/2rQjHfptZ8: URL to check for redirects piped to grep -i location: -i: grep target text ignoring case location: : greps every string containing "location:" piped to awk {'print $3'} prints the third column in every string piped to sed '/^$/d' removes blank lines

Rename files in batch

Gentoo: Get the size of all installed packets, sorted
On a Gentoo system, this command will tell you which packets you have installed and sort them by how much space they consume. Good for finding out space-hogs when tidying up disk space.

find listening ports by pid
change 24073 to your pid

create an uncompressed tar file of each child directory of the current working directory
First, use find to find directories exactly one level below current directory, then create a tar file using the directory as the basename.

Install pip with Proxy
Installs pip packages defining a proxy


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: