· 6 years ago · Feb 28, 2019, 11:54 PM
1utopsy-4.10.0 Documents Empire Music Pictures stash.sqlite Videos
2Desktop Downloads hashes netntlm Public Templates
3root@kali:~# nmap sn 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
4Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-26 20:23 CST
5Failed to resolve "sn".
6Nmap scan report for 192.168.1.200
7Host is up (0.000042s latency).
8Not shown: 977 closed ports
9PORT STATE SERVICE
1021/tcp open ftp
1122/tcp open ssh
1223/tcp open telnet
1325/tcp open smtp
1453/tcp open domain
1580/tcp open http
16111/tcp open rpcbind
17139/tcp open netbios-ssn
18445/tcp open microsoft-ds
19512/tcp open exec
20513/tcp open login
21514/tcp open shell
221099/tcp open rmiregistry
231524/tcp open ingreslock
242049/tcp open nfs
252121/tcp open ccproxy-ftp
263306/tcp open mysql
275432/tcp open postgresql
285900/tcp open vnc
296000/tcp open X11
306667/tcp open irc
318009/tcp open ajp13
328180/tcp open unknown
33MAC Address: 00:0C:29:7D:98:06 (VMware)
34
35Nmap scan report for 192.168.1.108
36Host is up (0.0000070s latency).
37All 1000 scanned ports on 192.168.1.108 are closed
38
39Nmap done: 255 IP addresses (2 hosts up) scanned in 6.55 seconds
40root@kali:~# cat livehost | cut -d " " -f2|grep -v Nmap
41cat: livehost: No such file or directory
42root@kali:~# nslookup google.com
43
44Server: 192.168.1.1
45Address: 192.168.1.1#53
46
47Non-authoritative answer:
48Name: google.com
49Address: 216.58.194.142
50Name: google.com
51Address: 2607:f8b0:4000:80d::200e
52
53root@kali:~#
54root@kali:~# dig google.com ANY
55
56; <<>> DiG 9.11.4-2-Debian <<>> google.com ANY
57;; global options: +cmd
58;; Got answer:
59;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30160
60;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
61
62;; OPT PSEUDOSECTION:
63; EDNS: version: 0, flags:; udp: 4096
64;; QUESTION SECTION:
65;google.com. IN ANY
66
67;; ANSWER SECTION:
68google.com. 243 IN A 216.58.194.142
69google.com. 243 IN AAAA 2607:f8b0:4000:80d::200e
70
71;; Query time: 0 msec
72;; SERVER: 192.168.1.1#53(192.168.1.1)
73;; WHEN: Tue Feb 26 23:11:55 CST 2019
74;; MSG SIZE rcvd: 83
75
76root@kali:~# host a google.com
77;; connection timed out; no servers could be reached
78root@kali:~# host -a google.com
79Trying "google.com"
80;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43107
81;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
82
83;; QUESTION SECTION:
84;google.com. IN ANY
85
86;; ANSWER SECTION:
87google.com. 133 IN A 216.58.194.142
88google.com. 133 IN AAAA 2607:f8b0:4000:80d::200e
89
90Received 72 bytes from 192.168.1.1#53 in 0 ms
91root@kali:~# theharvester d Microsoft.com b google
92
93Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
94
95
96 *******************************************************************
97* *
98* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
99* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
100* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
101* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
102* *
103* TheHarvester Ver. 2.7.2 *
104* Coded by Christian Martorella *
105* Edge-Security Research *
106* cmartorella@edge-security.com *
107*******************************************************************
108
109
110root@kali:~# theharvester d Microsoft.com b linkedin
111
112Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
113
114
115 *******************************************************************
116* *
117* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
118* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
119* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
120* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
121* *
122* TheHarvester Ver. 2.7.2 *
123* Coded by Christian Martorella *
124* Edge-Security Research *
125* cmartorella@edge-security.com *
126*******************************************************************
127
128
129root@kali:~# theharvester d Microsoft.com b twitter
130
131Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
132
133
134 *******************************************************************
135* *
136* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
137* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
138* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
139* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
140* *
141* TheHarvester Ver. 2.7.2 *
142* Coded by Christian Martorella *
143* Edge-Security Research *
144* cmartorella@edge-security.com *
145*******************************************************************
146
147
148root@kali:~# theharvester d offensive-security.com ALL
149
150Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
151
152
153 *******************************************************************
154* *
155* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
156* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
157* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
158* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
159* *
160* TheHarvester Ver. 2.7.2 *
161* Coded by Christian Martorella *
162* Edge-Security Research *
163* cmartorella@edge-security.com *
164*******************************************************************
165
166
167root@kali:~# nslookup scanme.nmap.org
168Server: 192.168.1.1
169Address: 192.168.1.1#53
170
171Non-authoritative answer:
172Name: scanme.nmap.org
173Address: 45.33.32.156
174Name: scanme.nmap.org
175Address: 2600:3c01::f03c:91ff:fe18:bb2f
176
177root@kali:~# dig scanme.nmap.org ANY
178
179; <<>> DiG 9.11.4-2-Debian <<>> scanme.nmap.org ANY
180;; global options: +cmd
181;; Got answer:
182;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34794
183;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
184
185;; OPT PSEUDOSECTION:
186; EDNS: version: 0, flags:; udp: 4096
187;; QUESTION SECTION:
188;scanme.nmap.org. IN ANY
189
190;; ANSWER SECTION:
191scanme.nmap.org. 3543 IN A 45.33.32.156
192scanme.nmap.org. 3543 IN AAAA 2600:3c01::f03c:91ff:fe18:bb2f
193
194;; Query time: 0 msec
195;; SERVER: 192.168.1.1#53(192.168.1.1)
196;; WHEN: Tue Feb 26 23:36:47 CST 2019
197;; MSG SIZE rcvd: 88
198
199root@kali:~# host a scanme.nmap.org
200;; connection timed out; no servers could be reached
201root@kali:~# theharvester d Microsoft.com b scanme.nmap.org
202
203Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
204
205
206 *******************************************************************
207* *
208* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
209* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
210* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
211* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
212* *
213* TheHarvester Ver. 2.7.2 *
214* Coded by Christian Martorella *
215* Edge-Security Research *
216* cmartorella@edge-security.com *
217*******************************************************************
218
219
220root@kali:~# nmap sn 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
221Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-26 23:43 CST
222Failed to resolve "sn".
223Nmap scan report for 192.168.1.200
224Host is up (0.000049s latency).
225Not shown: 977 closed ports
226PORT STATE SERVICE
22721/tcp open ftp
22822/tcp open ssh
22923/tcp open telnet
23025/tcp open smtp
23153/tcp open domain
23280/tcp open http
233111/tcp open rpcbind
234139/tcp open netbios-ssn
235445/tcp open microsoft-ds
236512/tcp open exec
237513/tcp open login
238514/tcp open shell
2391099/tcp open rmiregistry
2401524/tcp open ingreslock
2412049/tcp open nfs
2422121/tcp open ccproxy-ftp
2433306/tcp open mysql
2445432/tcp open postgresql
2455900/tcp open vnc
2466000/tcp open X11
2476667/tcp open irc
2488009/tcp open ajp13
2498180/tcp open unknown
250MAC Address: 00:0C:29:7D:98:06 (VMware)
251
252Nmap scan report for 192.168.1.109
253Host is up (0.0000060s latency).
254All 1000 scanned ports on 192.168.1.109 are closed
255
256Nmap done: 255 IP addresses (2 hosts up) scanned in 5.56 seconds
257root@kali:~# nmap sn 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
258Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-26 23:54 CST
259Failed to resolve "sn".
260Nmap scan report for 192.168.1.101
261Host is up (0.00019s latency).
262Not shown: 999 filtered ports
263PORT STATE SERVICE
26480/tcp open http
265MAC Address: 00:0C:29:B3:B1:2F (VMware)
266
267Nmap scan report for 192.168.1.200
268Host is up (0.000051s latency).
269Not shown: 977 closed ports
270PORT STATE SERVICE
27121/tcp open ftp
27222/tcp open ssh
27323/tcp open telnet
27425/tcp open smtp
27553/tcp open domain
27680/tcp open http
277111/tcp open rpcbind
278139/tcp open netbios-ssn
279445/tcp open microsoft-ds
280512/tcp open exec
281513/tcp open login
282514/tcp open shell
2831099/tcp open rmiregistry
2841524/tcp open ingreslock
2852049/tcp open nfs
2862121/tcp open ccproxy-ftp
2873306/tcp open mysql
2885432/tcp open postgresql
2895900/tcp open vnc
2906000/tcp open X11
2916667/tcp open irc
2928009/tcp open ajp13
2938180/tcp open unknown
294MAC Address: 00:0C:29:7D:98:06 (VMware)
295
296Nmap scan report for 192.168.1.109
297Host is up (0.0000070s latency).
298All 1000 scanned ports on 192.168.1.109 are closed
299
300Nmap done: 255 IP addresses (3 hosts up) scanned in 8.49 seconds
301root@kali:~# ap sn -p80 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
302bash: ap: command not found
303root@kali:~# nmap sn -p80 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
304Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 00:04 CST
305Failed to resolve "sn".
306Nmap scan report for 192.168.1.101
307Host is up (0.00021s latency).
308
309PORT STATE SERVICE
31080/tcp open http
311MAC Address: 00:0C:29:B3:B1:2F (VMware)
312
313Nmap scan report for 192.168.1.200
314Host is up (0.00010s latency).
315
316PORT STATE SERVICE
31780/tcp open http
318MAC Address: 00:0C:29:7D:98:06 (VMware)
319
320Nmap scan report for 192.168.1.109
321Host is up (0.000044s latency).
322
323PORT STATE SERVICE
32480/tcp closed http
325
326Nmap done: 255 IP addresses (3 hosts up) scanned in 3.70 seconds
327root@kali:~# Nmap sn -p443 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
328bash: Nmap: command not found
329root@kali:~# Nmap -sn -p443 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
330bash: Nmap: command not found
331root@kali:~# nmap sn -p443 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
332Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 00:11 CST
333Failed to resolve "sn".
334Nmap scan report for 192.168.1.101
335Host is up (0.00012s latency).
336
337PORT STATE SERVICE
338443/tcp filtered https
339MAC Address: 00:0C:29:B3:B1:2F (VMware)
340
341Nmap scan report for 192.168.1.200
342Host is up (0.00013s latency).
343
344PORT STATE SERVICE
345443/tcp closed https
346MAC Address: 00:0C:29:7D:98:06 (VMware)
347
348Nmap scan report for 192.168.1.109
349Host is up (0.000056s latency).
350
351PORT STATE SERVICE
352443/tcp closed https
353
354Nmap done: 255 IP addresses (3 hosts up) scanned in 5.68 seconds
355root@kali:~# nmap -sn -p443 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
356Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 00:11 CST
357You cannot use -F (fast scan) or -p (explicit port selection) when not doing a port scan
358QUITTING!
359root@kali:~# nmap -p443 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
360Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 00:12 CST
361Nmap scan report for 192.168.1.101
362Host is up (0.00024s latency).
363
364PORT STATE SERVICE
365443/tcp filtered https
366MAC Address: 00:0C:29:B3:B1:2F (VMware)
367
368Nmap scan report for 192.168.1.200
369Host is up (0.00013s latency).
370
371PORT STATE SERVICE
372443/tcp closed https
373MAC Address: 00:0C:29:7D:98:06 (VMware)
374
375Nmap scan report for 192.168.1.109
376Host is up (0.000053s latency).
377
378PORT STATE SERVICE
379443/tcp closed https
380
381Nmap done: 255 IP addresses (3 hosts up) scanned in 3.48 seconds
382root@kali:~# nmap -p4435 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
383Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 00:14 CST
384Nmap scan report for 192.168.1.101
385Host is up (0.00011s latency).
386
387PORT STATE SERVICE
3884435/tcp filtered unknown
389MAC Address: 00:0C:29:B3:B1:2F (VMware)
390
391Nmap scan report for 192.168.1.200
392Host is up (0.00015s latency).
393
394PORT STATE SERVICE
3954435/tcp closed unknown
396MAC Address: 00:0C:29:7D:98:06 (VMware)
397
398Nmap scan report for 192.168.1.109
399Host is up (0.000056s latency).
400
401PORT STATE SERVICE
4024435/tcp closed unknown
403
404Nmap done: 255 IP addresses (3 hosts up) scanned in 61625.15 seconds
405root@kali:~# nmap -p445 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
406Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 17:22 CST
407Nmap scan report for 192.168.1.101
408Host is up (0.00022s latency).
409
410PORT STATE SERVICE
411445/tcp filtered microsoft-ds
412MAC Address: 00:0C:29:B3:B1:2F (VMware)
413
414Nmap scan report for 192.168.1.200
415Host is up (0.00018s latency).
416
417PORT STATE SERVICE
418445/tcp open microsoft-ds
419MAC Address: 00:0C:29:7D:98:06 (VMware)
420
421Nmap scan report for 192.168.1.109
422Host is up (0.000058s latency).
423
424PORT STATE SERVICE
425445/tcp closed microsoft-ds
426
427Nmap done: 255 IP addresses (3 hosts up) scanned in 3.89 seconds
428root@kali:~# nmap -p22 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
429Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 17:24 CST
430Nmap scan report for 192.168.1.200
431Host is up (0.000097s latency).
432
433PORT STATE SERVICE
43422/tcp open ssh
435MAC Address: 00:0C:29:7D:98:06 (VMware)
436
437Nmap scan report for 192.168.1.109
438Host is up (0.000061s latency).
439
440PORT STATE SERVICE
44122/tcp closed ssh
442
443Nmap done: 255 IP addresses (2 hosts up) scanned in 5.72 seconds
444root@kali:~# nmap -sU -p0-10 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
445Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 17:27 CST
446Nmap scan report for 192.168.1.200
447Host is up (0.00012s latency).
448
449PORT STATE SERVICE
4500/udp closed unknown
4511/udp closed tcpmux
4522/udp closed compressnet
4533/udp closed compressnet
4544/udp closed unknown
4555/udp closed rje
4566/udp closed unknown
4577/udp closed echo
4588/udp closed unknown
4599/udp closed discard
46010/udp open|filtered unknown
461MAC Address: 00:0C:29:7D:98:06 (VMware)
462
463Nmap scan report for 192.168.1.109
464Host is up (0.000019s latency).
465
466PORT STATE SERVICE
4670/udp closed unknown
4681/udp closed tcpmux
4692/udp closed compressnet
4703/udp closed compressnet
4714/udp closed unknown
4725/udp closed rje
4736/udp closed unknown
4747/udp closed echo
4758/udp closed unknown
4769/udp closed discard
47710/udp closed unknown
478
479Nmap done: 255 IP addresses (2 hosts up) scanned in 10.79 seconds
480root@kali:~# nmap -v
481Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 17:58 CST
482Read data files from: /usr/bin/../share/nmap
483WARNING: No targets were specified, so 0 hosts scanned.
484Nmap done: 0 IP addresses (0 hosts up) scanned in 0.04 seconds
485 Raw packets sent: 0 (0B) | Rcvd: 0 (0B)
486root@kali:~# nmap -p0-65535 192.168.122.1 24 --exclude 192.168.1.1 -oG livehosts
487Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:10 CST
488setup_target: failed to determine route to 24 (0.0.0.24)
489Stats: 0:10:05 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
490SYN Stealth Scan Timing: About 50.14% done; ETC: 18:30 (0:10:02 remaining)
491Stats: 0:10:06 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
492SYN Stealth Scan Timing: About 50.27% done; ETC: 18:30 (0:10:01 remaining)
493Stats: 0:10:50 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
494SYN Stealth Scan Timing: About 53.56% done; ETC: 18:30 (0:09:24 remaining)
495Nmap scan report for 192.168.122.1
496Host is up (0.00017s latency).
497Not shown: 65527 filtered ports
498PORT STATE SERVICE
49921/tcp open ftp
50080/tcp open http
501110/tcp open pop3
502113/tcp closed ident
503143/tcp open imap
504443/tcp open https
5058008/tcp open http
5068010/tcp open xmpp
5078020/tcp open intu-ec-svcdisc
508
509Nmap done: 1 IP address (1 host up) scanned in 1269.16 seconds
510root@kali:~# nmap -p0-65535 192.168.122.1 24 --exclude 192.168.1.1 -oG livehosts
511Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:54 CST
512setup_target: failed to determine route to 24 (0.0.0.24)
513Stats: 0:00:17 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
514SYN Stealth Scan Timing: About 9.25% done; ETC: 18:57 (0:02:47 remaining)
515Stats: 0:00:18 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
516SYN Stealth Scan Timing: About 9.25% done; ETC: 18:57 (0:02:57 remaining)
517Stats: 0:00:19 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
518SYN Stealth Scan Timing: About 9.26% done; ETC: 18:58 (0:03:06 remaining)
519Stats: 0:00:20 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
520SYN Stealth Scan Timing: About 9.27% done; ETC: 18:58 (0:03:16 remaining)
521Stats: 0:00:21 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
522SYN Stealth Scan Timing: About 9.28% done; ETC: 18:58 (0:03:25 remaining)
523Stats: 0:00:23 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
524SYN Stealth Scan Timing: About 9.29% done; ETC: 18:58 (0:03:45 remaining)
525
526root@kali:~# nmap -sU -p0-10 192.168.1.0/24 --exclude 192.168.1.1 -oG livehosts
527Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:58 CST
528Nmap scan report for 192.168.1.101
529Host is up (0.00024s latency).
530
531PORT STATE SERVICE
5320/udp open|filtered unknown
5331/udp open|filtered tcpmux
5342/udp open|filtered compressnet
5353/udp open|filtered compressnet
5364/udp open|filtered unknown
5375/udp open|filtered rje
5386/udp open|filtered unknown
5397/udp open|filtered echo
5408/udp open|filtered unknown
5419/udp open|filtered discard
54210/udp open|filtered unknown
543MAC Address: 00:0C:29:B3:B1:2F (VMware)
544
545Nmap scan report for 192.168.1.200
546Host is up (0.00015s latency).
547
548PORT STATE SERVICE
5490/udp closed unknown
5501/udp closed tcpmux
5512/udp closed compressnet
5523/udp closed compressnet
5534/udp closed unknown
5545/udp closed rje
5556/udp closed unknown
5567/udp closed echo
5578/udp closed unknown
5589/udp open|filtered discard
55910/udp closed unknown
560MAC Address: 00:0C:29:7D:98:06 (VMware)
561
562Nmap scan report for 192.168.1.110
563Host is up (0.000017s latency).
564
565PORT STATE SERVICE
5660/udp closed unknown
5671/udp closed tcpmux
5682/udp closed compressnet
5693/udp closed compressnet
5704/udp closed unknown
5715/udp closed rje
5726/udp closed unknown
5737/udp closed echo
5748/udp closed unknown
5759/udp closed discard
57610/udp closed unknown
577
578Nmap done: 255 IP addresses (3 hosts up) scanned in 8.20 seconds
579root@kali:~# ls
580autopsy-4.10.0 Documents Empire hashes Music Pictures stash.sqlite Videos
581Desktop Downloads filetxt livehosts netntlm Public Templates
582root@kali:~# cat livehosts
583# Nmap 7.70 scan initiated Wed Feb 27 18:58:11 2019 as: nmap -sU -p0-10 --exclude 192.168.1.1 -oG livehosts 192.168.1.0/24
584Host: 192.168.1.101 () Status: Up
585Host: 192.168.1.101 () Ports: 0/open|filtered/udp/////, 1/open|filtered/udp//tcpmux///, 2/open|filtered/udp//compressnet///, 3/open|filtered/udp//compressnet///, 4/open|filtered/udp/////, 5/open|filtered/udp//rje///, 6/open|filtered/udp/////, 7/open|filtered/udp//echo///, 8/open|filtered/udp/////, 9/open|filtered/udp//discard///, 10/open|filtered/udp/////
586Host: 192.168.1.200 () Status: Up
587Host: 192.168.1.200 () Ports: 0/closed/udp/////, 1/closed/udp//tcpmux///, 2/closed/udp//compressnet///, 3/closed/udp//compressnet///, 4/closed/udp/////, 5/closed/udp//rje///, 6/closed/udp/////, 7/closed/udp//echo///, 8/closed/udp/////, 9/open|filtered/udp//discard///, 10/closed/udp/////
588Host: 192.168.1.110 () Status: Up
589Host: 192.168.1.110 () Ports: 0/closed/udp/////, 1/closed/udp//tcpmux///, 2/closed/udp//compressnet///, 3/closed/udp//compressnet///, 4/closed/udp/////, 5/closed/udp//rje///, 6/closed/udp/////, 7/closed/udp//echo///, 8/closed/udp/////, 9/closed/udp//discard///, 10/closed/udp/////
590# Nmap done at Wed Feb 27 18:58:19 2019 -- 255 IP addresses (3 hosts up) scanned in 8.20 seconds
591root@kali:~# ls
592autopsy-4.10.0 Documents Empire hashes Music Pictures stash.sqlite Videos
593Desktop Downloads filetxt livehosts netntlm Public Templates
594root@kali:~# cat filetxt
595Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:25 CST
596Initiating ARP Ping Scan at 18:25
597Scanning 254 hosts [1 port/host]
598Completed ARP Ping Scan at 18:25, 8.26s elapsed (254 total hosts)
599Initiating Parallel DNS resolution of 254 hosts. at 18:25
600Completed Parallel DNS resolution of 254 hosts. at 18:25, 0.00s elapsed
601Nmap scan report for 192.168.1.0 [host down]
602Nmap scan report for 192.168.1.2 [host down]
603Nmap scan report for 192.168.1.3 [host down]
604Nmap scan report for 192.168.1.4 [host down]
605Nmap scan report for 192.168.1.5 [host down]
606Nmap scan report for 192.168.1.6 [host down]
607Nmap scan report for 192.168.1.7 [host down]
608Nmap scan report for 192.168.1.8 [host down]
609Nmap scan report for 192.168.1.9 [host down]
610Nmap scan report for 192.168.1.10 [host down]
611Nmap scan report for 192.168.1.11 [host down]
612Nmap scan report for 192.168.1.12 [host down]
613Nmap scan report for 192.168.1.13 [host down]
614Nmap scan report for 192.168.1.14 [host down]
615Nmap scan report for 192.168.1.15 [host down]
616Nmap scan report for 192.168.1.16 [host down]
617Nmap scan report for 192.168.1.17 [host down]
618Nmap scan report for 192.168.1.18 [host down]
619Nmap scan report for 192.168.1.19 [host down]
620Nmap scan report for 192.168.1.20 [host down]
621Nmap scan report for 192.168.1.21 [host down]
622Nmap scan report for 192.168.1.22 [host down]
623Nmap scan report for 192.168.1.23 [host down]
624Nmap scan report for 192.168.1.24 [host down]
625Nmap scan report for 192.168.1.25 [host down]
626Nmap scan report for 192.168.1.26 [host down]
627Nmap scan report for 192.168.1.27 [host down]
628Nmap scan report for 192.168.1.28 [host down]
629Nmap scan report for 192.168.1.29 [host down]
630Nmap scan report for 192.168.1.30 [host down]
631Nmap scan report for 192.168.1.31 [host down]
632Nmap scan report for 192.168.1.32 [host down]
633Nmap scan report for 192.168.1.33 [host down]
634Nmap scan report for 192.168.1.34 [host down]
635Nmap scan report for 192.168.1.35 [host down]
636Nmap scan report for 192.168.1.36 [host down]
637Nmap scan report for 192.168.1.37 [host down]
638Nmap scan report for 192.168.1.38 [host down]
639Nmap scan report for 192.168.1.39 [host down]
640Nmap scan report for 192.168.1.40 [host down]
641Nmap scan report for 192.168.1.41 [host down]
642Nmap scan report for 192.168.1.42 [host down]
643Nmap scan report for 192.168.1.43 [host down]
644Nmap scan report for 192.168.1.44 [host down]
645Nmap scan report for 192.168.1.45 [host down]
646Nmap scan report for 192.168.1.46 [host down]
647Nmap scan report for 192.168.1.47 [host down]
648Nmap scan report for 192.168.1.48 [host down]
649Nmap scan report for 192.168.1.49 [host down]
650Nmap scan report for 192.168.1.50 [host down]
651Nmap scan report for 192.168.1.51 [host down]
652Nmap scan report for 192.168.1.52 [host down]
653Nmap scan report for 192.168.1.53 [host down]
654Nmap scan report for 192.168.1.54 [host down]
655Nmap scan report for 192.168.1.55 [host down]
656Nmap scan report for 192.168.1.56 [host down]
657Nmap scan report for 192.168.1.57 [host down]
658Nmap scan report for 192.168.1.58 [host down]
659Nmap scan report for 192.168.1.59 [host down]
660Nmap scan report for 192.168.1.60 [host down]
661Nmap scan report for 192.168.1.61 [host down]
662Nmap scan report for 192.168.1.62 [host down]
663Nmap scan report for 192.168.1.63 [host down]
664Nmap scan report for 192.168.1.64 [host down]
665Nmap scan report for 192.168.1.65 [host down]
666Nmap scan report for 192.168.1.66 [host down]
667Nmap scan report for 192.168.1.67 [host down]
668Nmap scan report for 192.168.1.68 [host down]
669Nmap scan report for 192.168.1.69 [host down]
670Nmap scan report for 192.168.1.70 [host down]
671Nmap scan report for 192.168.1.71 [host down]
672Nmap scan report for 192.168.1.72 [host down]
673Nmap scan report for 192.168.1.73 [host down]
674Nmap scan report for 192.168.1.74 [host down]
675Nmap scan report for 192.168.1.75 [host down]
676Nmap scan report for 192.168.1.76 [host down]
677Nmap scan report for 192.168.1.77 [host down]
678Nmap scan report for 192.168.1.78 [host down]
679Nmap scan report for 192.168.1.79 [host down]
680Nmap scan report for 192.168.1.80 [host down]
681Nmap scan report for 192.168.1.81 [host down]
682Nmap scan report for 192.168.1.82 [host down]
683Nmap scan report for 192.168.1.83 [host down]
684Nmap scan report for 192.168.1.84 [host down]
685Nmap scan report for 192.168.1.85 [host down]
686Nmap scan report for 192.168.1.86 [host down]
687Nmap scan report for 192.168.1.87 [host down]
688Nmap scan report for 192.168.1.88 [host down]
689Nmap scan report for 192.168.1.89 [host down]
690Nmap scan report for 192.168.1.90 [host down]
691Nmap scan report for 192.168.1.91 [host down]
692Nmap scan report for 192.168.1.92 [host down]
693Nmap scan report for 192.168.1.93 [host down]
694Nmap scan report for 192.168.1.94 [host down]
695Nmap scan report for 192.168.1.95 [host down]
696Nmap scan report for 192.168.1.96 [host down]
697Nmap scan report for 192.168.1.97 [host down]
698Nmap scan report for 192.168.1.98 [host down]
699Nmap scan report for 192.168.1.99 [host down]
700Nmap scan report for 192.168.1.100 [host down]
701Nmap scan report for 192.168.1.101 [host down]
702Nmap scan report for 192.168.1.102 [host down]
703Nmap scan report for 192.168.1.103 [host down]
704Nmap scan report for 192.168.1.104 [host down]
705Nmap scan report for 192.168.1.105 [host down]
706Nmap scan report for 192.168.1.106 [host down]
707Nmap scan report for 192.168.1.107 [host down]
708Nmap scan report for 192.168.1.108 [host down]
709Nmap scan report for 192.168.1.109 [host down]
710Nmap scan report for 192.168.1.111 [host down]
711Nmap scan report for 192.168.1.112 [host down]
712Nmap scan report for 192.168.1.113 [host down]
713Nmap scan report for 192.168.1.114 [host down]
714Nmap scan report for 192.168.1.115 [host down]
715Nmap scan report for 192.168.1.116 [host down]
716Nmap scan report for 192.168.1.117 [host down]
717Nmap scan report for 192.168.1.118 [host down]
718Nmap scan report for 192.168.1.119 [host down]
719Nmap scan report for 192.168.1.120 [host down]
720Nmap scan report for 192.168.1.121 [host down]
721Nmap scan report for 192.168.1.122 [host down]
722Nmap scan report for 192.168.1.123 [host down]
723Nmap scan report for 192.168.1.124 [host down]
724Nmap scan report for 192.168.1.125 [host down]
725Nmap scan report for 192.168.1.126 [host down]
726Nmap scan report for 192.168.1.127 [host down]
727Nmap scan report for 192.168.1.128 [host down]
728Nmap scan report for 192.168.1.129 [host down]
729Nmap scan report for 192.168.1.130 [host down]
730Nmap scan report for 192.168.1.131 [host down]
731Nmap scan report for 192.168.1.132 [host down]
732Nmap scan report for 192.168.1.133 [host down]
733Nmap scan report for 192.168.1.134 [host down]
734Nmap scan report for 192.168.1.135 [host down]
735Nmap scan report for 192.168.1.136 [host down]
736Nmap scan report for 192.168.1.137 [host down]
737Nmap scan report for 192.168.1.138 [host down]
738Nmap scan report for 192.168.1.139 [host down]
739Nmap scan report for 192.168.1.140 [host down]
740Nmap scan report for 192.168.1.141 [host down]
741Nmap scan report for 192.168.1.142 [host down]
742Nmap scan report for 192.168.1.143 [host down]
743Nmap scan report for 192.168.1.144 [host down]
744Nmap scan report for 192.168.1.145 [host down]
745Nmap scan report for 192.168.1.146 [host down]
746Nmap scan report for 192.168.1.147 [host down]
747Nmap scan report for 192.168.1.148 [host down]
748Nmap scan report for 192.168.1.149 [host down]
749Nmap scan report for 192.168.1.150 [host down]
750Nmap scan report for 192.168.1.151 [host down]
751Nmap scan report for 192.168.1.152 [host down]
752Nmap scan report for 192.168.1.153 [host down]
753Nmap scan report for 192.168.1.154 [host down]
754Nmap scan report for 192.168.1.155 [host down]
755Nmap scan report for 192.168.1.156 [host down]
756Nmap scan report for 192.168.1.157 [host down]
757Nmap scan report for 192.168.1.158 [host down]
758Nmap scan report for 192.168.1.159 [host down]
759Nmap scan report for 192.168.1.160 [host down]
760Nmap scan report for 192.168.1.161 [host down]
761Nmap scan report for 192.168.1.162 [host down]
762Nmap scan report for 192.168.1.163 [host down]
763Nmap scan report for 192.168.1.164 [host down]
764Nmap scan report for 192.168.1.165 [host down]
765Nmap scan report for 192.168.1.166 [host down]
766Nmap scan report for 192.168.1.167 [host down]
767Nmap scan report for 192.168.1.168 [host down]
768Nmap scan report for 192.168.1.169 [host down]
769Nmap scan report for 192.168.1.170 [host down]
770Nmap scan report for 192.168.1.171 [host down]
771Nmap scan report for 192.168.1.172 [host down]
772Nmap scan report for 192.168.1.173 [host down]
773Nmap scan report for 192.168.1.174 [host down]
774Nmap scan report for 192.168.1.175 [host down]
775Nmap scan report for 192.168.1.176 [host down]
776Nmap scan report for 192.168.1.177 [host down]
777Nmap scan report for 192.168.1.178 [host down]
778Nmap scan report for 192.168.1.179 [host down]
779Nmap scan report for 192.168.1.180 [host down]
780Nmap scan report for 192.168.1.181 [host down]
781Nmap scan report for 192.168.1.182 [host down]
782Nmap scan report for 192.168.1.183 [host down]
783Nmap scan report for 192.168.1.184 [host down]
784Nmap scan report for 192.168.1.185 [host down]
785Nmap scan report for 192.168.1.186 [host down]
786Nmap scan report for 192.168.1.187 [host down]
787Nmap scan report for 192.168.1.188 [host down]
788Nmap scan report for 192.168.1.189 [host down]
789Nmap scan report for 192.168.1.190 [host down]
790Nmap scan report for 192.168.1.191 [host down]
791Nmap scan report for 192.168.1.192 [host down]
792Nmap scan report for 192.168.1.193 [host down]
793Nmap scan report for 192.168.1.194 [host down]
794Nmap scan report for 192.168.1.195 [host down]
795Nmap scan report for 192.168.1.196 [host down]
796Nmap scan report for 192.168.1.197 [host down]
797Nmap scan report for 192.168.1.198 [host down]
798Nmap scan report for 192.168.1.199 [host down]
799Nmap scan report for 192.168.1.201 [host down]
800Nmap scan report for 192.168.1.202 [host down]
801Nmap scan report for 192.168.1.203 [host down]
802Nmap scan report for 192.168.1.204 [host down]
803Nmap scan report for 192.168.1.205 [host down]
804Nmap scan report for 192.168.1.206 [host down]
805Nmap scan report for 192.168.1.207 [host down]
806Nmap scan report for 192.168.1.208 [host down]
807Nmap scan report for 192.168.1.209 [host down]
808Nmap scan report for 192.168.1.210 [host down]
809Nmap scan report for 192.168.1.211 [host down]
810Nmap scan report for 192.168.1.212 [host down]
811Nmap scan report for 192.168.1.213 [host down]
812Nmap scan report for 192.168.1.214 [host down]
813Nmap scan report for 192.168.1.215 [host down]
814Nmap scan report for 192.168.1.216 [host down]
815Nmap scan report for 192.168.1.217 [host down]
816Nmap scan report for 192.168.1.218 [host down]
817Nmap scan report for 192.168.1.219 [host down]
818Nmap scan report for 192.168.1.220 [host down]
819Nmap scan report for 192.168.1.221 [host down]
820Nmap scan report for 192.168.1.222 [host down]
821Nmap scan report for 192.168.1.223 [host down]
822Nmap scan report for 192.168.1.224 [host down]
823Nmap scan report for 192.168.1.225 [host down]
824Nmap scan report for 192.168.1.226 [host down]
825Nmap scan report for 192.168.1.227 [host down]
826Nmap scan report for 192.168.1.228 [host down]
827Nmap scan report for 192.168.1.229 [host down]
828Nmap scan report for 192.168.1.230 [host down]
829Nmap scan report for 192.168.1.231 [host down]
830Nmap scan report for 192.168.1.232 [host down]
831Nmap scan report for 192.168.1.233 [host down]
832Nmap scan report for 192.168.1.234 [host down]
833Nmap scan report for 192.168.1.235 [host down]
834Nmap scan report for 192.168.1.236 [host down]
835Nmap scan report for 192.168.1.237 [host down]
836Nmap scan report for 192.168.1.238 [host down]
837Nmap scan report for 192.168.1.239 [host down]
838Nmap scan report for 192.168.1.240 [host down]
839Nmap scan report for 192.168.1.241 [host down]
840Nmap scan report for 192.168.1.242 [host down]
841Nmap scan report for 192.168.1.243 [host down]
842Nmap scan report for 192.168.1.244 [host down]
843Nmap scan report for 192.168.1.245 [host down]
844Nmap scan report for 192.168.1.246 [host down]
845Nmap scan report for 192.168.1.247 [host down]
846Nmap scan report for 192.168.1.248 [host down]
847Nmap scan report for 192.168.1.249 [host down]
848Nmap scan report for 192.168.1.250 [host down]
849Nmap scan report for 192.168.1.251 [host down]
850Nmap scan report for 192.168.1.252 [host down]
851Nmap scan report for 192.168.1.253 [host down]
852Nmap scan report for 192.168.1.254 [host down]
853Nmap scan report for 192.168.1.255 [host down]
854Initiating Parallel DNS resolution of 1 host. at 18:25
855Completed Parallel DNS resolution of 1 host. at 18:25, 0.00s elapsed
856Initiating SYN Stealth Scan at 18:25
857Scanning 192.168.1.200 [1000 ports]
858Discovered open port 139/tcp on 192.168.1.200
859Discovered open port 21/tcp on 192.168.1.200
860Discovered open port 5900/tcp on 192.168.1.200
861Discovered open port 111/tcp on 192.168.1.200
862Discovered open port 22/tcp on 192.168.1.200
863Discovered open port 445/tcp on 192.168.1.200
864Discovered open port 25/tcp on 192.168.1.200
865Discovered open port 23/tcp on 192.168.1.200
866Discovered open port 3306/tcp on 192.168.1.200
867Discovered open port 53/tcp on 192.168.1.200
868Discovered open port 80/tcp on 192.168.1.200
869Discovered open port 8180/tcp on 192.168.1.200
870Discovered open port 6000/tcp on 192.168.1.200
871Discovered open port 514/tcp on 192.168.1.200
872Discovered open port 6667/tcp on 192.168.1.200
873Discovered open port 8009/tcp on 192.168.1.200
874Discovered open port 512/tcp on 192.168.1.200
875Discovered open port 1524/tcp on 192.168.1.200
876Discovered open port 513/tcp on 192.168.1.200
877Discovered open port 2121/tcp on 192.168.1.200
878Discovered open port 2049/tcp on 192.168.1.200
879Discovered open port 1099/tcp on 192.168.1.200
880Discovered open port 5432/tcp on 192.168.1.200
881Completed SYN Stealth Scan at 18:25, 0.07s elapsed (1000 total ports)
882Nmap scan report for 192.168.1.200
883Host is up (0.000057s latency).
884Not shown: 977 closed ports
885PORT STATE SERVICE
88621/tcp open ftp
88722/tcp open ssh
88823/tcp open telnet
88925/tcp open smtp
89053/tcp open domain
89180/tcp open http
892111/tcp open rpcbind
893139/tcp open netbios-ssn
894445/tcp open microsoft-ds
895512/tcp open exec
896513/tcp open login
897514/tcp open shell
8981099/tcp open rmiregistry
8991524/tcp open ingreslock
9002049/tcp open nfs
9012121/tcp open ccproxy-ftp
9023306/tcp open mysql
9035432/tcp open postgresql
9045900/tcp open vnc
9056000/tcp open X11
9066667/tcp open irc
9078009/tcp open ajp13
9088180/tcp open unknown
909MAC Address: 00:0C:29:7D:98:06 (VMware)
910
911Initiating SYN Stealth Scan at 18:25
912Scanning 192.168.1.110 [1000 ports]
913Completed SYN Stealth Scan at 18:25, 0.05s elapsed (1000 total ports)
914Nmap scan report for 192.168.1.110
915Host is up (0.0000060s latency).
916All 1000 scanned ports on 192.168.1.110 are closed
917
918Read data files from: /usr/bin/../share/nmap
919Nmap done: 255 IP addresses (2 hosts up) scanned in 8.60 seconds
920 Raw packets sent: 2507 (102.196KB) | Rcvd: 3001 (124.120KB)
921Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:47 CST
922Initiating Parallel DNS resolution of 1 host. at 18:47
923Completed Parallel DNS resolution of 1 host. at 18:47, 0.01s elapsed
924Initiating SYN Stealth Scan at 18:47
925Scanning 192.168.1.110 [1000 ports]
926Completed SYN Stealth Scan at 18:47, 0.05s elapsed (1000 total ports)
927Nmap scan report for 192.168.1.110
928Host is up (0.0000060s latency).
929All 1000 scanned ports on 192.168.1.110 are closed
930
931Read data files from: /usr/bin/../share/nmap
932Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
933 Raw packets sent: 1000 (44.000KB) | Rcvd: 2000 (84.000KB)
934Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-27 18:48 CST
935Nmap scan report for 192.168.1.110
936Host is up (0.0000060s latency).
937All 1000 scanned ports on 192.168.1.110 are closed
938
939Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
940root@kali:~#