Today we are going to scan a network for common publicly known Cybersecurity vulnerabilities with Nmap. As we all know Nmap is a very powerful tool when it comes to network scanning to find vulnerabilities in a network. It contains lot of scripts prebuilt for lot of task like for brute forcing a network login address and password for various type of protocols, discovering all directories on a network , fuzzing and a lot of security auditing
techniques are available in Nmap. In this post I am going to scan my network for publicly known vulnerability to check if it’s vulnerable to any bug or not.
What you need to know
This is a basic network scanning so I am going to describe everything that you need to know for doing a basic scan. Apart from this you can search about those vulnerabilities and way to mitigate them after the scan.
Prepare Nmap for the scan
STEP 1 To do this network scan you will need to clone in to a github URL, so type this in your terminal git clone https://github.com/vulnersCom/nmap-vulners.git and press enter.
Now move to nmap-vulners directory and copy vulners.nse to your nmap/script directories as in this case my nmap script is located at /usr/share/namp/scripts so i am going to move vulners.nse to my nmap script directory, to do this type mv /root/Desktop/nmap-vulners/nmap-vulners.nse /usr/share/nmap/scripts/
directory (you can also search your nmap script directory using locate nmap/script).
Start The Attack
To start the attack just type nmap –A --script vulners (your target) –vv.
Command we used above
-A : This is for aggressive mode, this will scan everything from OS scan ,version detection , traceroute to script scanning.
--script : This tells nmap to run a script in this case its 'vulners'.
-vv : This is for verbose mode so that we can see what’s going on in the program.
As we can see above my network is affected with lot of common vulnerabilities with it's description link of what type of vulnerabilities are these. I will not show how to exploit these bug because that is a different part which i will cover in some upcoming post.
So this was basic network scanning to find vulnerabilities in your network , we are going to cover more Nmap tutorial for network hacking so stay connected for more.