Python-nmap method of Use (Python3)

Nmap is a well-known port scanning Tool, super easy to use, adjustable parameters are also many (but need to understand the network-related knowledge, otherwise do not cost mental research parameters)

Generally used on Linux, of course, it also has a version of Windows, but does not expand here.

For the use of nmap, you can refer to the online manual https://nmap.org/book/man-briefoptions.html

Python-nmap is actually in Python called the underlying nmap, so the first step is to install the system Nmap, and then installed Python-nmap

Here are the installation steps

The system used in this article is the CentOS 6,python version is 3.5.2

1) Installing the system Nmap

# yum Install Nmap-y

......

Package 2:nmap-5.51-6.el6.x86_64 already installed and latest version

Nothing to do

Since I have already installed it, I am prompted to install it.

Verify

# nmap-v

Starting Nmap 5.51 ...

2) Install Python-nmap

[Email protected] ~]# PIP3 install Python-nmap

Requirement already satisfied:python-nmap in ....

It's also been installed.

The following are used in Python3 (https://xael.org/pages/python-nmap-en.html)

The most basic usage, is also the serial way, please go to the above website to inquire on your own

Here is the asynchronous way, to use Python to scan, I believe that most of the bulk scan, otherwise there is no need to use Python, directly under the command line to execute Nmap

Python-nmap There are two ways to use asynchronous, according to the source, in fact, is a multi-process.

The first type:

# first define a callback method, the parameter must be two, the name is random, here is the host and Scan_result

Import Nmapdef Callback_result (host, Scan_result): Print ('------------------') print (host, scan_result) # async Scann ERNM = Nmap. Portscannerasync () # Scan parameters, the first is to scan the object, can be a single IP, network segment, Ip-ip Many of the wording, detailed their own manual or Baidu # The second is the ports parameter, the same way of writing a variety of # The third arguments parameters, this has to pay attention to, If you do not write this parameter, the default will take a-SV, and then you scan an IP can wait until the everlasting, about the meaning of-sv after the text given as a reference. Here, we give a-ss, or can give a blank string is also possible # Fourth is to specify a callback function Nm.scan (' 192.168.1.0/24 ', ports= ' 22,80,8888 ', arguments= '-ss ', callback= Callback_result) # Below is a must-write, otherwise you will see a run on exit without any results while nm.still_scanning (): Print ("Sleep") nm.wait (2)

The second type:

Import NMAPNM = Nmap. Portscanneryield () for result in Nm.scan (' 192.168.1.0/24 ', ports= ' 22,80,8888,8080,443 ', arguments= "-ss"): Print ( Result

This method of invocation is much simpler and is recommended. The results obtained

  (' 192.168.1.1 ',  {' scan ':  {' 192.168.1.1 ':  {' tcp ':  {80: {' extrainfo ':  ',   ' state ':  ' filtered ',  ' name ':  ' http ',  ' product ':  ',  ' reason ':  ' No-response ',  ' conf ':  ' 3 ',  ' CPE ':  ',  ' version ':  '}, 8080: {' ExtraInfo ':  ',  ' state ':  ' filtered ',  ' name ':  ' http-proxy ',  ' product ':  ',   ' reason ':  ' no-response ',  ' conf ':  ' 3 ',  ' CPE ':  ' ',  ' version ':  '},  443: {' extrainfo ':  ',  ' state ':  ' closed ',  ' name ':  ' https ',  ' product ':   ',  ' reason ':  ' reset ',  ' conf ':  ' 3 ',  ' CPE ':  ',  ' Version ':  '},  22: {' extrainfo ':  ',  ' state ':  ' closed ',  ' name ':  ' ssh ',  ' product ':   ',  ' reason ':  ' reset ',  ' conf ':  ' 3 ',  ' CPE ':  ',  ' Version ':  '},  8888: {' extrainfo ':  ',   ' State ':  ' open ',  ' name ':  ' sun-answerbook ',  ' product ':  ' ',  ' reason ':  ' Syn-ack ',  ' conf ':  ' 3 ',  ' CPE ':  ',  ' version ':  ' '}},  ' vendor ': {},  ' Status ':  {' state ':  ' up ',  ' reason ':  ' timestamp-reply '},  ' addresses ':  {' IPv4 ':   ' 192.168.1.1 '},  ' hostnames ':  [{' type ':  ' ',  ' name ':  ' '}]}},  ' nmap ':  {' Scanstats ':  {' uphosts ':  ' 1 ',  ' downhosts ':  ' 0 ',  ' elapsed ':  ' 1.29 ',  ' Totalhosts ':  ' 1 ',  ' timestr ':  ' wed jun 13 17:25:28 2018 '},  ' Command_ Line ':  ' nmap -ox - -p 22,80,8888,8080,443 -ss 192.168.1.1 ',  ' scaninfo ' :  {' tcp ':  {' services ':  ' 22,80,443,8080,8888 ',  ' method ':  ' Syn '}}})

How to analyze the use of result, you play it, it is actually a tuple, embedded in the dictionary

Service/version DETECTION:

-sv:probe open ports to determine service/version info# probe Port service, version information

Python-nmap method of Use (Python3)