sandmap icon indicating copy to clipboard operation
sandmap copied to clipboard

Published 20 hours ago verified publisher icon trimstray

Multiple Zombie Idle Scan module

Open satandyh opened this issue 7 years ago • 3 comments

Hi, in whole internet that I searched before I don't found any realisation of Idle Scan using more than one zombie host. For me this theme new. I think that it effective. Please create some module for this functional. Or help me to try create it. Thank for any Your answer.

satandyh avatar Sep 28 '18 10:09 satandyh

A good idea! Can you send faqs/manuals and other that accurately describe this scanning technique? Thanks a lot.

trimstray avatar Oct 02 '18 06:10 trimstray

Ok. Here are the official manual page from nmap. Inside complete information about this technique.

After reading You can see that nmap do this scan using only one zombie host. My idea is to use multiple zombies against one target host. Each zombie in this way will use separate port range (for example, 1st zombie - 1:10000, 2nd - 10001:20000, 3rd - 20001:30000, etc) for scan target. To achieve this I see only one way: to start nmap multiple times with different options. Next step is parse results from all nmap processes to one file/window/etc.

Something like this. Of course there may be several pitfalls in nmap itself. But anyway I believe that it possible.

satandyh avatar Oct 04 '18 08:10 satandyh

Thanks. I am studying this.

trimstray avatar Oct 09 '18 08:10 trimstray