所以曾有『八腳章魚』『強力膠』之稱的 python 也可能『古義』『不傳』的吧!!也許一篇早年的文章《 Glue It All Together With Python 》
Glue It All Together With Python
Guido van Rossum
CNRI
1895 Preston White Drive
Reston, VA 20191
Email: guido@cnri.reston.va.us, guido@python.orgPosition paper for the OMG-DARPA-MCC Workshop on Compositional Software Architecture in Monterey, California, January 6-8, 1998.
Introduction
Python is an advanced scripting language that is being used successfully to glue together large software components. It spans multiple platforms, middleware products, and application domains. Python is an object-oriented language with high-level data structures, dynamic typing, and dynamic binding. Python has been around since 1991, and has a very active user community. For more information, see the Python website http://www.python.org.
Like Tcl, Python is easily extensible with C/C++/Java code, and easily embeddable in applications. Python even uses Tk, the Tcl GUI toolkit, for a de-facto standard portable GUI toolkit. Unlike Tcl, however, Python supports object-oriented programming. Python programmers can create classes, use multiple inheritance, define methods, overload operators, and so on.
……
現今讀來反倒新鮮有趣,真的有此一說的嘛!!所以『走馬看花』就是走過『人』走的『道路』!也許沒有什麼『另闢蹊徑』之事?宛如『偶或』發生於『歷史記載』之事。實在說︰
於理所必然,當推而可知。
這『偶然』卻正是『冠冕』,人可得之於『神明』之『契機』的哩 !!
因此,若有人瀏覽、詳讀、略讀《 The Python Standard Library 》三遍以上,且於其『名目』如數家珍者,必許進入『派生殿堂』,方可傳其 Python 『心法』。
─── 《《派生》 PYTHON 作坊【丁】陽燧月鑑》
如何掌握 nmap 工具呢?
何不跟著原作者 Gordon “Fyodor” Lyon 學習也!
Nmap Network Scanning
Book URL: http://nmap.org/book/
ISBN: 978-0-9799587-1-7
ISBN-10: 0-9799587-1-7
Copyright © 2011 by Insecure.Com LLC. All rights reserved, except where noted.
全書至少略讀一遍,然後詳讀
3. Host Discovery (“Ping Scanning”)
5. Port Scanning Techniques and Algorithms
這幾篇章。
再將參考指南擺在身旁︰
Table of Contents
- Description
- Options Summary
- Target Specification
- Host Discovery
- Port Scanning Basics
- Port Scanning Techniques
- Port Specification and Scan Order
- Service and Version Detection
- OS Detection
- Nmap Scripting Engine (NSE)
- Timing and Performance
- Firewall/IDS Evasion and Spoofing
- Output
- Miscellaneous Options
- Runtime Interaction
- Examples
- Nmap Book
- Bugs
- Authors
- Legal Notices
![[Note]](https://nmap.org/book/images/note.png) |
Note |
|---|---|
| This document describes the very latest version of Nmap available from https://nmap.org/download.html or https://nmap.org/dist/?C=M&O=D. Please ensure you are using the latest version before reporting that a feature doesn’t work as described. |
Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used. Key among that information is the “interesting ports table”. That table lists the port number and protocol, service name, and state. The state is either open, filtered,closed, or unfiltered. Open means that an application on the target machine is listening for connections/packets on that port. Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. Closed ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered when they are responsive to Nmap’s probes, but Nmap cannot determine whether they are open or closed. Nmap reports the state combinations open|filtered and closed|filtered when it cannot determine which of the two states describe a port. The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports.
In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses.
A typical Nmap scan is shown in Example 15.1. The only Nmap arguments used in this example are -A, to enable OS and version detection, script scanning, and traceroute; -T4 for faster execution; and then the hostname.
動手下去玩呦☆
root@kali:~# nmap -v scanme.nmap.org
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-21 09:07 UTC
Initiating Ping Scan at 09:07
Scanning scanme.nmap.org (45.33.32.156) [4 ports]
Completed Ping Scan at 09:07, 0.24s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 09:07
Completed Parallel DNS resolution of 1 host. at 09:07, 0.00s elapsed
Initiating SYN Stealth Scan at 09:07
Scanning scanme.nmap.org (45.33.32.156) [1000 ports]
Discovered open port 80/tcp on 45.33.32.156
Discovered open port 22/tcp on 45.33.32.156
Discovered open port 9929/tcp on 45.33.32.156
Discovered open port 31337/tcp on 45.33.32.156
Completed SYN Stealth Scan at 09:07, 3.20s elapsed (1000 total ports)
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.14s latency).
Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
139/tcp filtered netbios-ssn
9929/tcp open nping-echo
31337/tcp open Elite
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.22 seconds
Raw packets sent: 1005 (44.196KB) | Rcvd: 1000 (40.016KB)
勇猛精進者,自可依循派生古意︰
python-nmap : nmap from python
About
python-nmap is a python library which helps in using nmap port scanner. It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports. It also supports nmap script outputs.
It can even be used asynchronously. Results are returned one host at a time to a callback function defined by the user.
將 nmap 『自動化』哩◎
root@kali:~# python
Python 2.7.15+ (default, Aug 31 2018, 11:56:52)
[GCC 8.2.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import nmap
>>> nm = nmap.PortScanner()
>>> nm.scan('127.0.0.1', '22-443')
{'nmap': {'scanstats': {'uphosts': '1', 'timestr': 'Sun Oct 21 08:27:05 2018', 'downhosts': '0', 'totalhosts': '1', 'elapsed': '2.92'}, 'scaninfo': {'tcp': {'services': '22-443', 'method': 'syn'}}, 'command_line': 'nmap -oX - -p 22-443 -sV 127.0.0.1'}, 'scan': {'127.0.0.1': {'status': {'state': 'up', 'reason': 'localhost-response'}, 'hostnames': [{'type': 'PTR', 'name': 'kali'}], 'vendor': {}, 'addresses': {'ipv4': '127.0.0.1'}, 'tcp': {22: {'product': 'OpenSSH', 'state': 'open', 'version': '7.8p1 Debian 1', 'name': 'ssh', 'conf': '10', 'extrainfo': 'protocol 2.0', 'reason': 'syn-ack', 'cpe': 'cpe:/o:linux:linux_kernel'}}}}}
>>> nm.command_line()
'nmap -oX - -p 22-443 -sV 127.0.0.1'
>>> nm.scaninfo()
{'tcp': {'services': '22-443', 'method': 'syn'}}
>>> nm.all_hosts()
['127.0.0.1']
>>> nm['127.0.0.1'].hostname()
'kali'
>>> nm['127.0.0.1'].state()
'up'
>>> nm['127.0.0.1'].all_protocols()
['tcp']
>>> nm['127.0.0.1']['tcp'].keys()
[22]
>>> nm['127.0.0.1'].has_tcp(22)
True
>>> nm['127.0.0.1'].has_tcp(23)
False
>>> nm['127.0.0.1']['tcp'][22]
{'product': 'OpenSSH', 'state': 'open', 'version': '7.8p1 Debian 1', 'name': 'ssh', 'conf': '10', 'extrainfo': 'protocol 2.0', 'reason': 'syn-ack', 'cpe': 'cpe:/o:linux:linux_kernel'}
>>> nm['127.0.0.1'].tcp(22)
{'product': 'OpenSSH', 'state': 'open', 'version': '7.8p1 Debian 1', 'name': 'ssh', 'conf': '10', 'extrainfo': 'protocol 2.0', 'reason': 'syn-ack', 'cpe': 'cpe:/o:linux:linux_kernel'}
>>> nm['127.0.0.1']['tcp'][22]['state']
'open'
>>> print(nm.csv())
host;hostname;hostname_type;protocol;port;name;state;product;extrainfo;reason;version;conf;cpe
127.0.0.1;kali;PTR;tcp;22;ssh;open;OpenSSH;protocol 2.0;syn-ack;7.8p1 Debian 1;10;cpe:/o:linux:linux_kernel
>>>