如何扫描远程主机开放的端口？

版权声明：转载请注明出处 https://blog.csdn.net/qq_35311107/article/details/81078367

王晓虎是萌新小白帽第一步

我觉得这一步应该叫踩点，看看那些端口开了，这些端口又有什么用等等。

找一找突破口。大佬勿喷，萌新小白帽。

用神器Nmap

nmap -T4 -A -v 172.16.177.130

下面是扫描报告：发现开着的端口不知道干什么用的就去度娘问一下，了解一下端口作用然后找突破口。

Scan Summary

Nmap 7.70 was initiated at Tue Jul 17 10:48:05 2018 with these arguments:
nmap -T4 -A -v 172.16.177.130

Verbosity: 1; Debug level 0

 

172.16.177.130(online)

Address

• 172.16.177.130 - (ipv4)
• 00:0C:29:FA:E9:C8 - VMware (mac)

Ports

The 991 ports scanned but not shown below are in state: closed

Port	State (toggle closed [0] | filtered [0])	Service	Reason	Product	Version	Extra info
22	tcp	open	ssh	syn-ack	OpenSSH	5.3p1 Debian 3ubuntu4	Ubuntu Linux; protocol 2.0
80	tcp	open	http	syn-ack	Apache httpd	2.2.14	(Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
139	tcp	open	netbios-ssn	syn-ack	Samba smbd	3.X - 4.X	workgroup: WORKGROUP
143	tcp	open	imap	syn-ack	Courier Imapd		released 2008
443	tcp	open	http	syn-ack	Apache httpd	2.2.14	(Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
445	tcp	open	netbios-ssn	syn-ack	Samba smbd	3.X - 4.X	workgroup: WORKGROUP
5001	tcp	open	java-rmi	syn-ack	Java RMI
8080	tcp	open	http	syn-ack	Apache Tomcat/Coyote JSP engine	1.1
8081	tcp	open	http	syn-ack	Jetty	6.1.25

Remote Operating System Detection

• Used port: 22/tcp (open)
• Used port: 1/tcp (closed)
• Used port: 39136/udp (closed)
• OS match: Linux 2.6.17 - 2.6.36 (100%)

 

阅读更多