amap-5.2-win
所属分类:网络编程
开发工具:Visual C++
文件大小:1378KB
下载次数:72
上传日期:2008-03-28 14:00:19
上 传 者:
ripplewizard
说明: nmap世界著名的扫描工具,这就是他的windows版本源代码,不要错过
(nmap scanning tool to the world-famous, and this is his version of the windows source code, do not miss)
文件列表:
amap-5.2-win\!51os.com.txt (2292, 2005-06-21)
amap-5.2-win\!HackerDown.com.htm (3385, 2005-06-21)
amap-5.2-win\!软件信息说明.txt (2926, 2005-10-04)
amap-5.2-win\amap-5.2\amap-inc.h (570, 2003-10-30)
amap-5.2-win\amap-5.2\AMAP-LIB-INTERFACE (2692, 2005-02-16)
amap-5.2-win\amap-5.2\amap-lib.c (92165, 2005-09-08)
amap-5.2-win\amap-5.2\amap-lib.h (369, 2005-02-16)
amap-5.2-win\amap-5.2\amap.1 (8279, 2005-04-12)
amap-5.2-win\amap-5.2\amap.c (7210, 2005-02-19)
amap-5.2-win\amap-5.2\amap.h (4806, 2005-09-08)
amap-5.2-win\amap-5.2\amapcrap.c (14442, 2005-09-08)
amap-5.2-win\amap-5.2\appdefs.resp (14907, 2005-09-22)
amap-5.2-win\amap-5.2\appdefs.rpc (10080, 2005-01-06)
amap-5.2-win\amap-5.2\appdefs.trig (8263, 2005-09-22)
amap-5.2-win\amap-5.2\CHANGES (17305, 2005-09-22)
amap-5.2-win\amap-5.2\configure (4851, 2005-06-03)
amap-5.2-win\amap-5.2\IGNORE (212, 2003-07-17)
amap-5.2-win\amap-5.2\INSTALL (728, 2005-01-07)
amap-5.2-win\amap-5.2\LICENCE.AMAP (1385, 2005-02-01)
amap-5.2-win\amap-5.2\LICENSE.GNU (18007, 2005-01-23)
amap-5.2-win\amap-5.2\Makefile.am (1578, 2005-09-22)
amap-5.2-win\amap-5.2\pcre-3.9\aclocal.m4 (118024, 2003-05-26)
amap-5.2-win\amap-5.2\pcre-3.9\AUTHORS (179, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\bootstrap (265, 2002-12-23)
amap-5.2-win\amap-5.2\pcre-3.9\chartables.c (7021, 2002-12-04)
amap-5.2-win\amap-5.2\pcre-3.9\config.guess (38486, 2002-12-04)
amap-5.2-win\amap-5.2\pcre-3.9\config.in (733, 2002-12-05)
amap-5.2-win\amap-5.2\pcre-3.9\config.sub (28189, 2002-12-04)
amap-5.2-win\amap-5.2\pcre-3.9\configure (190922, 2003-05-26)
amap-5.2-win\amap-5.2\pcre-3.9\configure.in (2512, 2002-12-29)
amap-5.2-win\amap-5.2\pcre-3.9\dll.mk (1975, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\get.c (7425, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\INSTALL (8049, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\install-sh (5598, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\internal.h (16328, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\LICENCE (1944, 2002-01-02)
amap-5.2-win\amap-5.2\pcre-3.9\ltmain.sh (143026, 2002-12-04)
amap-5.2-win\amap-5.2\pcre-3.9\Makefile.am (264, 2002-12-29)
amap-5.2-win\amap-5.2\pcre-3.9\Makefile.in (11561, 2003-06-20)
amap-5.2-win\amap-5.2\pcre-3.9\maketables.c (3987, 2002-01-02)
... ...
AMAP v5.2
Application MAPper
- a next generation scanning tool
- by van Hauser and DJ RevMoon / THC
http://www.thc.org
Want to become an amap beta tester? Send an email to
- amap-subscribe@thc.org
INTRODUCTION
============
This is a public release of Amap. Amap is a next-generation scanning
tool for pentesters. It attempts to identify applications even if they
are running on a different port than normal.
It also identifies non-ascii based applications. This is achieved by
sending trigger packets, and looking up the responses in a list of
response strings.
Without filled databases containing triggers and responses, the tool is
worthless, so I ask you to help us fill the database. How to do this? Well,
whenever a client application connects to a server, some kind of handshake
is exchanged (at least, usually. Syslogd for instance won't say nothing,
and snmpd without the right community string neither). Anyway, amap takes
the first packet sent back and compares it to a list of signature responses.
Really simple, actually. And in reality, it turns out really to be that
simple, at least, for most protocols.
So now, with amap, you can identify that SSL server running on port 3442,
as well as that Oracle listener on port 23.
For unknown protocols, you can use amapcrap, which sends random crap to a
udp, tcp or ssl'ed port, to illicit a response, which you can then
put into the appdefs.trig and appdefs.resp files.
INSTALLING
==========
-> please see the INSTALL file for hints and known problems/solutions
TRIGGERS AND RESPONSES
======================
Take a look at the supplied appdefs.trig and appdefs.resp files.
Much will become clear then.
ESSENTIALS
==========
Amap takes nmap -oM output files as input. You can specify a single IP
address and port)s= on the command line, but usually, you'd run it from a nmap
file, thusly:
# (first "nmap -sS -oM results.nmap -p 1-65535 TARGET" of course)
# amap -i results.nmap -o results.amap -m
or:
# amap 127.0.0.1 443
or:
# amap target 21-6000
Other switches and options can be seen by typing:
# amap -h
HINTS
=====
use the -1 switch, it makes amap much faster!
use the -b switch to let amap print the banners!
use the -q switch to hide messages about closed ports
use the -v switch to get more information
use the -t and -T switches to adapt to your target servers (timeout options)
use the -W switch to update your fingerprint database online
To have a very fast port scanner and banner grabber (but inefficient
application identification):
amap -qbp http TARGET 1-65535
and it gives better results than the "native" banner grab mode:
amap -B -q TARGET 1-65535
CONTRIBUTING
============
Send us the initial packets (sent and received) in tcpdump format for all
wacko, proprietary and obscure applications. Send them to:
amap-dev@thc.org. Please include application name and version.
A web-enabled interface with uploader will become available soon for your
convenience.
Want to become an amap beta tester? Send an email to amap-subscribe@thc.org
COMMERCIAL COMPANIES/SERVICES
=============================
This tool is not completely GPL! See the LICEN[SC]E.* files.
BUGS
====
None :-) Send bugreports to amap-dev@thc.org.
TODO
====
-> see the TODO file
THANKS
======
T1nk, Guido van Rooij, Unicorn, Arhab, Johnny Cyberpunk and many others who
sent us triggers and responses.
Yours,
van Hauser and DJ RevMoon
近期下载者:
相关文件:
收藏者: