I have downloaded nmap. As far as I know, it supports the 'whois' tool. When I try to type the following: whois yahoo.com (as example). I got the following error:
'whois' is not recognized as an internal or external command, operable program or batch file. Can anyone tell me what I'm missing? Do I need to install something other than nmap itself?
Nmap can perform queries with the whois protocol using the whois script like so:
nmap --script whois -sn yahoo.com
Note that the whois script was renamed to whois-ip in Nmap 6.45 (revision 31527) and whois-domain was added. So you can do:
nmap --script whois-ip,whois-domain -sn yahoo.com
or simply:
nmap --script whois* -sn yahoo.com
In addition to the --script argument, the -sn argument tells Nmap not to perform a port scan (since that's probably not what you want).
Based on your error description, it sounds like you are on Windows. Microsoft has a whois utility available as part of the SysInternals suite. You can get it here.
For me, this tool isn't part of nmap
blender ~ $ pacman -Qo `which whois`
/usr/bin/whois is owned by whois 5.0.16-1
And in fact, nmap doesn't supply much more than nmap and some its own binaries:
blender ~ $ pacman -Ql nmap | grep "bin"
nmap /usr/bin/
nmap /usr/bin/ncat
nmap /usr/bin/ndiff
nmap /usr/bin/nmap
nmap /usr/bin/nmapfe
nmap /usr/bin/nping
nmap /usr/bin/xnmap
nmap /usr/bin/zenmap
Check if there is a whois package for your distro.
Related
I am trying to make a program that automatically lists all of the connections to my computer from outside of the router. The end goal of this script is that I would like to be able to have a clean list of the external IP addresses of every server/website I am connecting to. I am also trying to use this as a way to learn more about how networks, websites, and servers work so I am sorry for any mistakes I make with terminology and general knowledge!
My tcpdump bash script:
while :
do
# get myip and assign it to a variable
myip="$(ifconfig wlp2s0 | grep -E -o -m 1 "inet................" | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)")"
# tcpdump on my ip for all packets going to or from my ip address. the ipaddress of the packets is placed in IP Address.txt
sudo tcpdump -c 1 -nn host "$myip" | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" >> IPaddress.txt
done
I thought that tcpdump would be the tool for this however I confess that I do not know how tcpdump works. This script is a bash file that I am running through ubuntu. How would I use tcpdump to collect the IP address of every website that I am connecting to? I read the tcpdump documentation and believe it can help me achieve my goal however if there are better tools out there I would love to hear it! Currently, this code only displays internal IP addresses. ;(
I'd lean more towards using ss or netstat.
ss --all --ipv4
Would show all IPv4 connections.
The same works for IPv6 of course; and you could add one of many arguments to get more detailed information if you want, such as --processes, --extended, or --info.
There's also a few more arguments to control the output format, making it more suitable for parsing:
ss --all --ipv4 --processes --no-header --oneline
Suggest to follow ss command .
Learn about ss command here.
I'm looking for a cross-platform way to check if a port is in use so I can print a warning message.
I have accomplished this in macOS:
if lsof -Pi :8080 -sTCP:LISTEN -t >/dev/null; then
echo "Port 8080 is already in use"
fi
But this bash script needs to also work on Windows machines. I was looking at something like netstat -aon | find "8080", but I'm unsure how to use that in my script (don't have a Windows machine).
Is there an efficient way to do this? If it helps, the Windows machines have WSL available to them (but lsof doesn't appear to work yet).
While I'm certain the other answers would work in certain situations, I just wanted to note I ended up going with the following solution for my own work:
if echo PING | nc localhost 8080 >/dev/null; then
echo "Port 8080 in use"
fi
Im not sure how your network looks like but maybe nmap will be a solution for you. You can scan ports for every pc in your local network using only linux.
If port is open, that mean is in use. This solution will work for any system.
apt-get install nmap
for example like this:
if nmap -p 8080 <ip address> | grep -wq "open"
then
echo "Port 8080 is already in use"
fi
Use netstat (works on windows, mac, wsl2)
Example netstat -a | grep :8080 where 8080 is the port you are interested in.
If you are on wsl1 you will need to use the windows netstat as the one included in wsl is broken. Simply set an alias to the windows netstat before using it alias netstat='/mnt/c/Windows/System32/netstat.exe'
I'm trying to make a script to connect to server via ssh but i'm a bash noob. I do not know the ip and have to use nmap to scan the range. What i want is a script to connect or try to connect to the ip's from nmap output. (with try i mean one of the ips would be my ip, so connecting to this one is useless)
All i got so far is scanning the range with namp -sP 192.168.42.1/24
I have found an nmap filter to only scan for port 22
Here is what I get.
$ nmap --open -p22 192.168.42.*
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-08 08:55 CEST
Nmap scan report for 192.168.42.113
Host is up (0.0057s latency).
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 256 IP addresses (2 hosts up) scanned in 59.63 seconds
You can simply use netcat which is fast.nmap takes too long to scan range.
for i in {1..254..1}
do
if nc -w 1 -zv 192.168.42.$i 22 &>> /dev/null
then
ssh 192.168.42.$i
fi
done
I have two laptops that each has connected to the Internet by landline (two different lines/modem). One is Mac and the other is Windows. I want to send a message from Windows to the Mac.
I installed NetCat on Mac using, brew install netcat, based on this page.
I installed NetCat on Windows based on this page.
I ran following command in Mac terminal in order to see what is my IP address: $ ipconfig getifaddr en0 it printed: 169.254.136.39
In Mac terminal: $ nc -u -l -p 4444. Seems it is ready for incomming messages.
In Windows terminal: $ nc -u 169.254.136.39 4444. I get a new line and I assume connection has established. However, when I enter a message and hit Enter, nothing happens :(
When I replace above command with nc -u -v -n 169.254.136.39 4444 in Windows and nc -u -l -n -p 4444 in Mac, then I get: (UNKNOWN) [169.254.136.39] 4444 (?) open
I have no idea what is wrong? I confirm Firewal is off on my Mac.
I'm writing a BASH script. From the command line I can call nmap and I want to extract the ip for a specific port.
$ nmap [ip]/24
Starting Nmap 6.47 ( http://nmap.org ) at 2015-02-26 01:59 PST
Nmap scan report for 192.168.56.1
Host is up (0.0012s latency).
Not shown: 500 closed ports, 499 filtered ports
PORT STATE SERVICE
3689/tcp open rendezvous
Nmap scan report for 192.168.56.101
Host is up (0.00042s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
I want the IP address for the port 21. In this example that would be 192.168.56.101. How do I extract that from this return and save it to a variable? Thanks
You can use xml output and parse the output using xmllint:
nmap -p 21 -oX - "$IP"/24 | xmllint --xpath '//port[#portid="21"]/state[#state="open"]/../../../address/#addr' -
Nmap's normal output is human-readable, but can change from version to version. It is not designed to be machine-parseable. Nmap has 2 machine-parseable output formats that are a much better fit. First, XML output (using the -oX option) is the most complete format, containing as much or more information than the normal output. You can parse this with xmlstarlet or xmllint.
Another popular option for simple extraction of basic port scan information is the officially deprecated Grepable output format (-oG). This format is missing lots of the "more recent" features like NSE script output and traceroute info, but it is stable for port scan data. Here's how you could go about using this format:
nmap $target -oG - | awk '/ 21\/open\/tcp/{print $2}'
Loop over each line in the output, and look the string "Nmap scan report for <your ip address>", then continue to loop over each line of the output until you either find the line "21/tcp open ftp" or you find an empty line or the end of the output.
The looping can be done with the Bash builtin commands read and while.