Nmap
1
gem install ruby-nmap ronin-scanners gems
Copied!
As far as you understand how to use nmap and how basically it works, you'll find this lib is easy to use. You can do most of nmap functionality

Basic Scan

Ruby-nmap gem is a Ruby interface to nmap, the exploration tool and security / port scanner.
  • Provides a Ruby interface for running nmap.
  • Provides a Parser for enumerating nmap XML scan files.
let's see how it dose work.
1
require 'nmap'
2
scan = Nmap::Program.scan(:targets => '192.168.0.15', :verbose => true)
Copied!

SYN Scan

1
require 'nmap/program'
2
3
Nmap::Program.scan do |nmap|
4
nmap.syn_scan = true
5
nmap.service_scan = true
6
nmap.os_fingerprint = true
7
nmap.xml = 'scan.xml'
8
nmap.verbose = true
9
10
nmap.ports = [20,21,22,23,25,80,110,443,512,522,8080,1080,4444,3389]
11
nmap.targets = '192.168.1.*'
12
end
Copied!
each option like nmap.syn_scan or nmap.xml is considered as a Task. Documentation shows the list of scan tasks/options that are supported by the lib.

Comprehensive scan

1
#!/usr/bin/env ruby
2
# KING SABRI | @KINGSABRI
3
require 'nmap/program'
4
5
Nmap::Program.scan do |nmap|
6
7
# Target
8
nmap.targets = '192.168.0.1'
9
10
# Verbosity and Debugging
11
nmap.verbose = true
12
nmap.show_reason = true
13
14
# Port Scanning Techniques:
15
nmap.syn_scan = true # You can use nmap.all like -A in nmap
16
17
# Service/Version Detection:
18
nmap.service_scan = true
19
nmap.os_fingerprint = true
20
nmap.version_all = true
21
22
# Script scanning
23
nmap.script = "all"
24
25
nmap.all_ports # nmap.ports = (0..65535).to_a
26
27
# Firewall/IDS Evasion and Spoofing:
28
nmap.decoys = ["google.com","yahoo.com","hotmail.com","facebook.com"]
29
nmap.spoof_mac = "00:11:22:33:44:55"
30
# Timing and Performance
31
nmap.min_parallelism = 30
32
nmap.max_parallelism = 130
33
34
# Scan outputs
35
nmap.output_all = 'rubyfu_scan'
36
37
end
Copied!

Parsing nmap XML scan file

I made an aggressive scan on scanme.nmap.org
1
nmap -n -v -A scanme.nmap.org -oX scanme.nmap.org.xml
Copied!
I quoted the code from official documentation (https://github.com/sophsec/ruby-nmap)
1
require 'nmap/xml'
2
3
Nmap::XML.new(ARGV[0]) do |xml|
4
xml.each_host do |host|
5
puts "[#{host.ip}]"
6
# Print: Port/Protocol port_status service_name
7
host.each_port do |port|
8
puts " #{port.number}/#{port.protocol}\t#{port.state}\t#{port.service}"
9
end
10
end
11
end
Copied!
Returns
1
[45.33.32.156]
2
22/tcp open ssh
3
80/tcp open http
4
9929/tcp open nping-echo
Copied!
Last modified 3yr ago