HackDig : Dig high-quality web security articles for hacker

Speeding up Proxychains with Nmap / Xargs

2017-03-17 13:55

So for a while now I’ve wanted a way to better use Nmap with proxychains and essentially I’ve resulted in a fairly simple one-liner that has worked for me for a while now on basic port scanning. It’s a trivial concept but really does speed up the process with no negative affect from what I can tell. Obviously you have to be careful on how threads you permit with Xargs but other than that its pretty straight forward.

A couple of options that you may consider when pivoting with proxychains is possibly multiple hosts with a low number of ports of the alternative being a large amount of ports against one host. Depending on your usage of this may depend on how you use it because you always have to remember how stealthy you are when doing this type of attack. If you’re using this on an internal pentest then you may not worry so much about stealth, but if you’re running this on a Red Team engagement you will want to manipulate the Nmap flags accordingly.

Using the traditional way of running proxychains with Nmap it took 193.62 seconds to finish. An example of this usage has been shown below:

proxychains nmap -p 1-1000 -sT -Pn --open -n -T4 --min-parallelism 100 --min-rate 1 --oG proxychains_nmap_old --append-output <IP Address>

Bringing Xargs into the loop with a thread count of 50 dramatically improves the results and only took 9 seconds to complete. An example of this usage has been shown below:

seq 1 1000 | xargs -P 50 -I{} proxychains nmap -p {} -sT -Pn --open -n -T4 --min-parallelism 100 --min-rate 1 --oG proxychains_nmap --append-output <IP Address>

If you want to run multiple ports or port ranges against multiple hosts you could use the following alternative:

seq 1 254 | xargs -P 50 -I{} proxychains nmap -p 80,443,3389,445,22 -sT -Pn --open -n -T4 --min-parallelism 100 --min-rate 1 --oG proxychains_nmap --append-output 192.168.1.{}

Then grep the output for open ports:

grep


Source: 1201=p?/moc.kcamsdnakcahwkcah.www

Read:2092 | Comments:0 | Tags:Uncategorized

“Speeding up Proxychains with Nmap / Xargs”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud