+- Forums (https://foro.acosadores.net)
+-- Forum: Hacking, ataques contra dictaduras (https://foro.acosadores.net/forumdisplay.php?fid=4)
+--- Forum: Mapeo de Dictaduras (https://foro.acosadores.net/forumdisplay.php?fid=12)
+---- Forum: Rusia (https://foro.acosadores.net/forumdisplay.php?fid=16)
+---- Thread: Masscan y Nmap a ips de zonas militares (/showthread.php?tid=18)
Masscan y Nmap a ips de zonas militares - anonimo - 12-15-2024
Puedes ver una versión wiki de éste post en https://wiki.acosadores.net/doku.php?id=rusia:masscan-y-nmap-a-ips-zonas-militares
Si leíste el post anterior Ips de zonas militares podrás entender como se obtiene el fichero areas_con_ips.txt (zonas militares con ips asignadas)
Escaneamos los puertos más comunes
sudo masscan --ports 80,22,443,110,995,143,993,3306,2082,2083,25,2095,2096,2077,2078 --rate 10000 -iL areas_con_ips.txt -oJ masscan_areas_con_ips.json
cat masscan_areas_con_ips.json | grep open
{ "ip": "79.174.36.70", "timestamp": "1734231736", "ports": [ {"port": 443, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 48} ] }
{ "ip": "79.174.36.220", "timestamp": "1734231736", "ports": [ {"port": 22, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 48} ] }
mmdblookup --file ../GeoLite2-City.mmdb --ip 79.174.36.70 | grep -oE '[0-9]{1,3}\.[0-9]{6}'
55.687700
37.197100
mmdblookup --file ../GeoLite2-City.mmdb --ip 79.174.36.220 | grep -oE '[0-9]{1,3}\.[0-9]{6}'
55.687700
37.197100
Vemos que las 2 ips pertenecen a la misma zona militar
[attachment=16]
creamos un fichero hosts_areas.txt con esas 2 ips
sudo nmap -F -sS -iL hosts_areas.txt -oA nmap_areas_con_hosts_ru
Starting Nmap 7.80 ( https://nmap.org ) at 2024-12-15 04:08 CET
Nmap scan report for 79.174.36.70
Host is up (0.16s latency).
Not shown: 96 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
443/tcp open https
1723/tcp open pptp
Nmap scan report for 79.174.36.220
Host is up (0.17s latency).
Not shown: 95 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
3306/tcp open mysql
Nmap done: 2 IP addresses (2 hosts up) scanned in 11.98 seconds