| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| nmap:scan_os_information_and_traceroute [2016/07/07 23:16] – peter | nmap:scan_os_information_and_traceroute [2019/12/01 11:28] (current) – removed peter |
|---|
| ====== nmap - Scan OS information and Traceroute ====== | |
| |
| Detect which OS and version is running on the remote host. | |
| |
| To enable OS & version detection, script scanning and traceroute, we can use **"-A"** option with NMAP. | |
| |
| <code bash> | |
| nmap -A 192.168.1.100 | |
| </code> | |
| |
| Result: | |
| |
| <code> | |
| Starting Nmap 6.40 ( http://nmap.org ) at 2016-07-08 00:06 BST | |
| Nmap scan report for 192.168.1.100 | |
| Host is up (0.035s latency). | |
| Not shown: 989 closed ports | |
| PORT STATE SERVICE VERSION | |
| 80/tcp open http? | |
| | http-methods: Potentially risky methods: PUT DELETE | |
| |_See http://nmap.org/nsedoc/scripts/http-methods.html | |
| |_http-title: Site doesn't have a title (text/html). | |
| 139/tcp open tcpwrapped | |
| 443/tcp open ssl/https? | |
| | http-methods: Potentially risky methods: PUT DELETE | |
| |_See http://nmap.org/nsedoc/scripts/http-methods.html | |
| |_http-title: Site doesn't have a title (text/html). | |
| | ssl-cert: Subject: commonName=Printer/organizationName=HP/stateOrProvinceName=Washington/countryName=US | |
| | Not valid before: 2015-01-09T13:43:38+00:00 | |
| |_Not valid after: 2035-01-04T13:43:38+00:00 | |
| 445/tcp open netbios-ssn | |
| 515/tcp open printer | |
| 631/tcp open ipp? | |
| | http-methods: Potentially risky methods: PUT DELETE | |
| |_See http://nmap.org/nsedoc/scripts/http-methods.html | |
| 6839/tcp open tcpwrapped | |
| 7435/tcp open tcpwrapped | |
| 8080/tcp open http-proxy? | |
| | http-methods: Potentially risky methods: PUT DELETE | |
| |_See http://nmap.org/nsedoc/scripts/http-methods.html | |
| |_http-title: Site doesn't have a title (text/html). | |
| 9100/tcp open jetdirect? | |
| 9220/tcp open unknown | |
| 4 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port80-TCP:V=6.40%I=7%D=7/8%Time=577EE09E%P=x86_64-pc-linux-gnu%r(GetRe | |
| SF:quest,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nSe | |
| SF:rver:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\ | |
| SF:x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov | |
| SF:\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(HTTPOptions | |
| SF:,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServer: | |
| SF:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\ | |
| SF:x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x202 | |
| SF:0,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RTSPRequest,B7," | |
| SF:HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x | |
| SF:20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x2 | |
| SF:0A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020, | |
| SF:\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(X11Probe,B7,"HTTP/ | |
| SF:1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\ | |
| SF:x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F6 | |
| SF:5A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202 | |
| SF:015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(FourOhFourRequest,B3,"H | |
| SF:TTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServer:\x20HP | |
| SF:\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F | |
| SF:65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x20 | |
| SF:2015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(GenericLines,B7,"HTTP/ | |
| SF:1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\ | |
| SF:x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F6 | |
| SF:5A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202 | |
| SF:015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RPCCheck,B7,"HTTP/1\.1\ | |
| SF:x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x20HT | |
| SF:TP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A;\x | |
| SF:20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202015\x | |
| SF:2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(DNSVersionBindReq,B7,"HTTP/1 | |
| SF:\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x | |
| SF:20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65 | |
| SF:A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x2020 | |
| SF:15\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n"); | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port443-TCP:V=6.40%T=SSL%I=7%D=7/8%Time=577EE0A5%P=x86_64-pc-linux-gnu% | |
| SF:r(GetRequest,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supporte | |
| SF:d\r\nServer:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x | |
| SF:208620\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri | |
| SF:\x20Nov\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(Gene | |
| SF:ricLines,B7,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close | |
| SF:\r\nServer:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x2 | |
| SF:08620\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\ | |
| SF:x20Nov\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(HTTPO | |
| SF:ptions,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nS | |
| SF:erver:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620 | |
| SF:\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20No | |
| SF:v\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RTSPReques | |
| SF:t,B7,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nSer | |
| SF:ver:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x | |
| SF:20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\ | |
| SF:x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RPCCheck,B7, | |
| SF:"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\ | |
| SF:x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x | |
| SF:20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020 | |
| SF:,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(DNSVersionBindReq | |
| SF:,B7,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServ | |
| SF:er:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x2 | |
| SF:0-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x | |
| SF:2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(DNSStatusRequ | |
| SF:est,B7,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nS | |
| SF:erver:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620 | |
| SF:\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20No | |
| SF:v\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(Help,B7,"H | |
| SF:TTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x2 | |
| SF:0HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20 | |
| SF:A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\ | |
| SF:x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n"); | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port631-TCP:V=6.40%I=7%D=7/8%Time=577EE09E%P=x86_64-pc-linux-gnu%r(GetR | |
| SF:equest,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nS | |
| SF:erver:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620 | |
| SF:\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20No | |
| SF:v\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(HTTPOption | |
| SF:s,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServer | |
| SF::\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20- | |
| SF:\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x20 | |
| SF:20,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(GenericLines,B7 | |
| SF:,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer: | |
| SF:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\ | |
| SF:x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x202 | |
| SF:0,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RTSPRequest,B7," | |
| SF:HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x | |
| SF:20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x2 | |
| SF:0A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020, | |
| SF:\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RPCCheck,B7,"HTTP/ | |
| SF:1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\ | |
| SF:x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F6 | |
| SF:5A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202 | |
| SF:015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(DNSVersionBindReq,B7,"H | |
| SF:TTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x2 | |
| SF:0HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20 | |
| SF:A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\ | |
| SF:x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(DNSStatusRequest,B7 | |
| SF:,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer: | |
| SF:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\ | |
| SF:x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x202 | |
| SF:0,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(Help,B7,"HTTP/1\ | |
| SF:.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x2 | |
| SF:0HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A | |
| SF:;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x20201 | |
| SF:5\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n"); | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port8080-TCP:V=6.40%I=7%D=7/8%Time=577EE09E%P=x86_64-pc-linux-gnu%r(Get | |
| SF:Request,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\n | |
| SF:Server:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x20862 | |
| SF:0\x20-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20N | |
| SF:ov\x2020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(HTTPOptio | |
| SF:ns,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServe | |
| SF:r:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20 | |
| SF:-\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2 | |
| SF:020,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RTSPRequest,B7 | |
| SF:,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nConnection:\x20close\r\nServer: | |
| SF:\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\ | |
| SF:x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x202 | |
| SF:0,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(FourOhFourReques | |
| SF:t,B3,"HTTP/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServer | |
| SF::\x20HP\x20HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20- | |
| SF:\x20A7F65A;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x20 | |
| SF:20,\x202015\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(Socks5,B3,"HTTP | |
| SF:/1\.1\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nServer:\x20HP\x2 | |
| SF:0HTTP\x20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A | |
| SF:;\x20Serial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x20201 | |
| SF:5\x2011:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(Socks4,B7,"HTTP/1\.1\x204 | |
| SF:00\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x20HTTP\x | |
| SF:20Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A;\x20Se | |
| SF:rial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202015\x2011 | |
| SF::46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(GenericLines,B7,"HTTP/1\.1\x2040 | |
| SF:0\x20Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x20HTTP\x2 | |
| SF:0Server;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A;\x20Ser | |
| SF:ial\x20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202015\x2011: | |
| SF:46:43AM\x20{FDP1CN1547AR}\r\n\r\n")%r(RPCCheck,B7,"HTTP/1\.1\x20400\x20 | |
| SF:Bad\x20Request\r\nConnection:\x20close\r\nServer:\x20HP\x20HTTP\x20Serv | |
| SF:er;\x20HP\x20HP\x20Officejet\x20Pro\x208620\x20-\x20A7F65A;\x20Serial\x | |
| SF:20Number:\x20CN55FFK2QC;\x20Built:Fri\x20Nov\x2020,\x202015\x2011:46:43 | |
| SF:AM\x20{FDP1CN1547AR}\r\n\r\n"); | |
| |
| Host script results: | |
| |_nbstat: NetBIOS name: HP3863BB75D414, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> | |
| | smb-os-discovery: | |
| | OS: VxWorks (NQ 4.32) | |
| | NetBIOS computer name: | |
| | Workgroup: | |
| |_ System time: 2016-07-08T00:15:24+00:00 | |
| | smb-security-mode: | |
| | Account that was used for smb scripts: guest | |
| | User-level authentication | |
| | SMB Security: Challenge/response passwords supported | |
| |_ Message signing disabled (dangerous, but default) | |
| |_smbv2-enabled: Server doesn't support SMBv2 protocol | |
| |
| Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . | |
| Nmap done: 1 IP address (1 host up) scanned in 225.80 seconds | |
| </code> | |
| |
