【Kail 学习笔记】kali信息搜集工具之DNMAP

简介

dnmap是一款基于nmap的分布式扫描工具，它能够用一个集群来对另外一个机群进行扫描。
dnmap根据一个基于nmap命令行来构造的文件来确定扫描的方向。
dnmap采用的是C/S架构，服务端主要是用来分发任务和汇总扫描状态，客户端主要用来执行扫描任务和记录自身的扫描状态。
该工具主要用于你想扫描一个机群时，你自己拥有一个机群（肉鸡）的资源或者你的小伙伴想帮你的情况。

项目中包含的工具

• dnmap_client: 客户端软件

1. root@kali:~# dnmap_client -h
2. +----------------------------------------------------------------------+
3. | dnmap Client Version 0.6                                             |
4. | This program is free software; you can redistribute it and/or modify |
5. | it under the terms of the GNU General Public License as published by |
6. | the Free Software Foundation; either version 2 of the License, or    |
7. | (at your option) any later version.                                  |
8. |                                                                      |
9. | Author: Garcia Sebastian, eldraco@gmail.com                          |
10. | www.mateslab.com.ar                                                  |
11. +----------------------------------------------------------------------+
12. usage: /usr/bin/dnmap_client <options>
13. options:
14.   -s, --server-ip          IP address of dnmap server.
15.   -p, --server-port      Port of dnmap server. Dnmap port defaults to 46001
16.   -a, --alias                 Your name alias so we can give credit to you for your help. Optional
17.   -d, --debug              Debuging.
18.   -m, --max-rate         Force nmaps commands to use at most this rate. Useful to slow nmap down. Adds the --max-rate parameter.

• dnmap_server: 服务端软件

1. root@kali:~# dnmap_server -h
2. +----------------------------------------------------------------------+
3. | dnmap_server Version 0.6                                             |
4. | This program is free software; you can redistribute it and/or modify |
5. | it under the terms of the GNU General Public License as published by |
6. | the Free Software Foundation; either version 2 of the License, or    |
7. | (at your option) any later version.                                  |
8. |                                                                      |
9. | Author: Garcia Sebastian, eldraco@gmail.com                          |
10. | www.mateslab.com.ar                                                  |
11. +----------------------------------------------------------------------+
12. usage: /usr/bin/dnmap_server <options>
13. options:
14.   -f, --nmap-commands        Nmap commands file
15.   -p, --port                               TCP port where we listen for connections.
16.   -L, --log-file                          Log file. Defaults to /var/log/dnmap_server.conf.
17.   -l, --log-level                        Log level. Defaults to info.
18.   -v, --verbose_level             Verbose level. Give a number between 1 and 5. Defaults to 1. Level 0 means be quiet.
19.   -t, --client-timeout               How many time should we wait before marking a client Offline. We still remember its values just in case it cames back.
20.   -s, --sort                               Field to sort the statical value. You can choose from: Alias, #Commands, UpTime, RunCmdXMin, AvrCmdXMin, Status
21.   -P, --pem-file                       pem file to use for TLS connection. By default we use the server.pem file provided with the server in the current directory.
22. dnmap_server uses a '<nmap-commands-file-name>.dnmaptrace' file to know where it must continue reading the nmap commands file. If you want to start over again,
23. just delete the '<nmap-commands-file-name>.dnmaptrace' file

使用示例

创建一个nmap命令行文件，并把它导入服务端。

1. root@kali:~# echo "nmap -F 192.168.1.0/24 -v -n -oA sub1" >> dnmap.txt
2. root@kali:~# echo "nmap -F 192.168.0.0/24 -v -n -oA sub0" >> dnmap.txt
3. root@kali:~# dnmap_server -f dnmap.txt
4. +----------------------------------------------------------------------+
5. | dnmap_server Version 0.6                                             |
6. | This program is free software; you can redistribute it and/or modify |
7. | it under the terms of the GNU General Public License as published by |
8. | the Free Software Foundation; either version 2 of the License, or    |
9. | (at your option) any later version.                                  |
10. |                                                                      |
11. | Author: Garcia Sebastian, eldraco@gmail.com                          |
12. | www.mateslab.com.ar                                                  |
13. +----------------------------------------------------------------------+
14. =| MET:0:00:00.000544 | Amount of Online clients: 0 |=

用客户端（别名dnmap-client1）来连接服务端（192.168.1.15）

1. root@kali:~# dnmap_client -s 192.168.1.15 -a dnmap-client1
2. +----------------------------------------------------------------------+
3. | dnmap Client Version 0.6                                             |
4. | This program is free software; you can redistribute it and/or modify |
5. | it under the terms of the GNU General Public License as published by |
6. | the Free Software Foundation; either version 2 of the License, or    |
7. | (at your option) any later version.                                  |
8. |                                                                      |
9. | Author: Garcia Sebastian, eldraco@gmail.com                          |
10. | www.mateslab.com.ar                                                  |
11. +----------------------------------------------------------------------+
12. Client Started...
13. Nmap output files stored in 'nmap_output' directory...
14. Starting connection...
15. Client connected succesfully...
16. Waiting for more commands....
17. Command Executed: nmap -F 192.168.1.0/24 -v -n -oA sub1