Comments (3)
Ok so a basic idea of why you are seeing the same ports after any scans is this, so how the tool works is it first perform a port_scan on the given target(s) and determine the open ports on the target(s). After that it loads your selected module and try to scan according to those modules, for example in this case the wordpress_version_scan sends a request to the "/wp-admin/install.php" endpoint on the specified target and on all the different ports that are given in the module(80,443 in this case). After that it checks for the response and try to match the provided conditions in the module to the response. If the conditions are satisfied then it outputs it as successful scan and show the output in the graph along with the module name, port and target. If not then it only shows output of the other scans that were successful. In your case it was unable to match the required conditions to get a successful response so it only shows the output of the successful scan i.e. port_scan. I will look into this scan module to find why it wasn't working for you, but usually if it detects something it will show you the output.
PS: You can look at how the scans are being done by turning on the verbose output using the -v argument.
Hope this helps.
from nettacker.
Took me a while to figure it out but i found out why it was not working. The problem was a missing "www", So as the target you put in didn't contain a www the requests sent to the target didn't contain it either and due to some reason the response is altered(in this case there is no response from the target if the end point is accessed without the www in the url). I have tested the wordpress_version_scan module and can confirm it works. I am attaching the results below.
Command used: "python3 nettacker.py -i https://www.arkoselabs.com -m wordpress_version_scan"
OS: Pop!_OS 22.04 LTS x86_64
Output:
from nettacker.
The module and Nettacker works as designed. By asking to scan https://arkoselabs.com Nettacker is connecting to the precise target and that target does not have wordpress - the response from the server is a 301 redirect which Nettacker is not following intentionally (because that would take the scan to a different target taking the pen test/scan "out of scope" (sorry I have to explain this: "staying in scope of an engagement" a concept familiar to people who perform penetration testing/bug bounty ad it means that the security tester are only testing what they are explicitly allowed/authorised to test).
If you wish to scan all subdomains of arkoseblabs.com the command you should have used:
python nettacker.py --skip-service-discovery -i arkoselabs.com -m wordpress_version_scan -s
the
-s
means "run all the modules listed for all subdomains of the target"
Before scanning any target with Nettacker make sure you have explicit permission (either a security penetration testing contract/agreement or being in-scope of the Bug Bounty programme which allows to run security scans on target subdomains/IP addresses
from nettacker.
Related Issues (20)
- joomla_version_scan is not displaying the version
- drupal_version_scan is not displaying the version
- new module to scan for MoveIt versions
- Release 0.3.1
- Need Help HOT 2
- ssh_brute: Detect open dropbear server HOT 12
- Hey Torsten. What sort of documents are you specifically referring to? Are you meaning simply a place to store non-web-specific (not md, html) files from which others could reference the files? Some of this exists already with regard to images which can be used in projects, etc. HOT 1
- Implement requests rate limiter HOT 1
- Enhancement: Provide More Command Examples for New Users
- Avoid warning message when running app.
- When the program is doing a scan, there is a malfunction in the APIs HOT 1
- [X] pip3 install -r requirements.txt ---> py3DNS==4.0.0 not installed! HOT 4
- How can i remove all the hosts and the scans i've done? HOT 3
- Data missing on /logs/get_json?target= HOT 1
- 1
- Reorganize Profile Section in Web Module for Improved Usability HOT 4
- Correct profile name 'invati_ics' in ivanti_ics_cve_2023_46805_vuln module HOT 2
- pagination feature needed in WebUI Results and Crawler search results HOT 4
- Only execute port_scan module on a local vm(metasploitable 2) HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nettacker.