Dnmap is an excellent project for distributing Nmap scans among different clients. The extra resources available, such as bandwidth, allow us to scan one or more targets faster when time is a limiting factor during a security assessment.
The following recipe will show you how to perform distributed port scanning with Dnmap.
Download the latest version of Dnmap from the official SourceForge repositories at http://sourceforge.net/projects/dnmap/files/ .
Dnmap depends on python's library "twisted". If you are on a Debian-based system, you can install it with the following command:
#apt-get install libssl-dev python-twisted
It is also worth mentioning that Nmap is not self-contained in Dnmap; we must install it separately on each client. Please refer to the Compiling Nmap from source code recipe in Chapter 1, Nmap Fundamentals for instructions on installing Nmap.
#cat cmds.txt nmap -sU -p1-10000 -sV scanme.nmap.org nmap -sU -p10000-20000 -sV scanme.nmap.org nmap -sU -p20000-30000 -sV scanme.nmap.org nmap -sU -p40000-50000 -sV scanme.nmap.org nmap -sU -p50001-60000 -sV scanme.nmap.org
dnmap_server.py
:#python dnmap_server.py -f cmds.txt
The following screenshot shows the Dnmap server:
#python dnmap_client.py -a client1 -s 192.168.1.1
The following screenshot shows the Dnmap server:
Dnmap is a set of python scripts published by Sebastian GarcĂa "el draco" from Mateslab (http://mateslab.com.ar), to distribute Nmap scans using a server-client connection model.
Commands are stored in a file that is read by the server. The script dnmap_server.py
handles all of the incoming connections and assigns commands to the clients. Each client executes only one Nmap command at a time.
Additionally, you can increase the debugging level on the server by using the argument -d [1-5]
, as shown in the following command:
#python dnmap_server.py -f cmds.txt -d 5
The server handles disconnections by reinserting the commands at the end of the file. Dnmap creates a file named .dnmap-trace file
to keep a track of the current state of progress.
If the server itself loses connectivity, the clients will automatically try to reconnect indefinitely, until the server comes back online.
18.189.178.237