The NMAP command you can use scan for the Conficker virus on your LAN

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.0.1-254
This was posted on reddit. replace 192.168.0.1-256 with the IP's you want to check.

6
By: cowholio4
2009-03-31 15:15:17

These Might Interest You


  • 6
    nmap -PN -d -p445 --script=smb-check-vulns --script-args=safe=1 IP-RANGES
    themoux · 2009-08-06 11:54:33 1
  • nmap for windows and other platforms is available on developer's site: http://nmap.org/download.html nmap is robust tool with many options and has various output modes - is the best (imho) tool out there.. from nmap 5.21 man page: -oN/-oX/-oS/-oG : Output scan in normal, XML, s| Show Sample Output


    6
    nmap -v -sP 192.168.0.0/16 10.0.0.0/8
    anapsix · 2010-07-14 19:53:02 0

  • 1
    nmap -sP 192.168.1.0/24 | grep "Nmap scan report for"| cut -d' ' -f 5 > ips.txt
    jorgemendoza · 2012-11-18 18:17:04 0
  • In the field, I needed to script a process to scan a specific vendor devices in the network. With the help of nmap, I got all the devices of that particular vendor, and started a scripted netcat session to download configuration files from a tftp server. This is the nmap loop (part of the script). You can however, add another pipe with grep to filter the vendor/manufacturer devices only. If want to check the whole script, check in http://pastebin.com/ju7h4Xf4 Show Sample Output


    0
    nmap -sP 10.0.0.0/8 | grep -v "Host" | tail -n +3 | tr '\n' ' ' | sed 's|Nmap|\nNmap|g' | grep "MAC Address" | cut -d " " -f5,8-15
    jaimerosario · 2014-12-26 18:31:53 0

What Others Think

it looks like missing something in the command. target specification?
alperyilmaz · 481 weeks and 1 day ago
How could one have a copy of the smb-check-vulns scripts ? My local nmap installation (version 4.68) does not come with one bundled.
andrelop · 481 weeks and 1 day ago
@alperyilmaz thanks i added that...
cowholio4 · 481 weeks and 1 day ago
@andrelop You can download it or build from source http://nmap.org/download.html
cowholio4 · 481 weeks and 1 day ago
If you get this: SCRIPT ENGINE: error while initializing script rules: No such category, file or directory: 'smb-check-vulns' You need this: http://nmap.org/nsedoc/scripts/smb-check-vulns.html
hm2k · 481 weeks and 1 day ago
You MUST get nmap-4.85BETA5 because earlier versions won't scan for Conficker. http://nmap.ucsd.edu/nmap/dist/nmap-4.85BETA6.tar.bz2 Install info: bzip2 -cd nmap-4.85BETA6.tar.bz2 | tar xvf - cd nmap-4.85BETA6 ./configure make su root make install
messo · 481 weeks ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: