neginsadeghi
neginsadeghi
Can you please tell me which tool you would use for banner grabbing except nmap ? Is there any banner grabber in chain with Recog what I could automate the...
but I need Nmap scripting abilities too, so it's better to say let's find out how we can use pfring with jfscan ?!
Ok, so can you please tell me how we can run Masscan on the 10 GB nic mode and the Nmap on the 1 GB nic mode in the Jfscan...
I even created services.txt in this format and I've verified all of them has port 80 open: IP:port cat services.txt | pv -L3 -l --qui | lzr --handshakes wait,http,tls -sendSYNs...
look we have 52% hitrate based on Zmap output, I can't figureout what's happening that LZR reacts like this root@ubuntu20:~# sudo zmap 185.x.x.0/24 --target-port=80 --output-filter="success = 1 && repeat =...
I guess it's a problem in LZR core
I've used the release version instead of master and now it's kinda working root@xxx:/home/xxx/zmap_R_D/lzr/v1/lzr-1/cmd/lzr# sudo zmap x.x.x.20/30 --target-port=80 --output-filter="success = 1 && repeat = 0" -f "saddr,daddr,sport,dport,seqnum,acknum,window" -O json --source-ip=x.x.x.3...
here is the output file content root@xxx:/home/xxx/zmap_R_D/lzr/v1/lzr-1/cmd/lzr# cat default_20231115100922.json {"saddr":"x.x.x.20","daddr":"x.x.x.3","sport":80,"dport":41528,"seqnum":0,"acknum":0,"window":29200,"ttl":0,"Counter":1,"ACK":false,"ACKed":false,"SYN":false,"RST":false,"FIN":false,"PUSH":false,"HandshakeNum":2,"fingerprint":"unknown","Timestamp":"2023-11-15T10:09:44.961352982Z","expectedRToLZR":"sa"} {"saddr":"x.x.x.22","daddr":"x.x.x.3","sport":80,"dport":36285,"seqnum":0,"acknum":0,"window":29200,"ttl":0,"Counter":1,"ACK":false,"ACKed":false,"SYN":false,"RST":false,"FIN":false,"PUSH":false,"HandshakeNum":2,"fingerprint":"unknown","Timestamp":"2023-11-15T10:09:44.961360806Z","expectedRToLZR":"sa"} {"saddr":"x.x.x.21","daddr":"x.x.x.3","sport":80,"dport":49518,"seqnum":0,"acknum":0,"window":29200,"ttl":0,"Counter":1,"ACK":false,"ACKed":false,"SYN":false,"RST":false,"FIN":false,"PUSH":false,"HandshakeNum":2,"fingerprint":"unknown","Timestamp":"2023-11-15T10:09:44.961365646Z","expectedRToLZR":"sa"} {"saddr":"x.x.x.23","daddr":"x.x.x.3","sport":80,"dport":59933,"seqnum":0,"acknum":0,"window":29200,"ttl":0,"Counter":1,"ACK":false,"ACKed":false,"SYN":false,"RST":false,"FIN":false,"PUSH":false,"HandshakeNum":2,"fingerprint":"unknown","Timestamp":"2023-11-15T10:09:44.961375023Z","expectedRToLZR":"sa"}
Here I've used -sendsyn + source ip too, but it gave me error root@xxxx:/home/xxxx/zmap_R_D/lzr/v1/lzr-1/cmd/lzr# sudo zmap x.x.x.1/30 --target-port=80 --output-filter="success = 1 && repeat = 0" -f "saddr,daddr,sport,dport,seqnum,acknum,window" -O json --source-ip=x.x.x.3...