- Kali Linux Intrusion and Exploitation Cookbook
- Ishan Girdhar Dhruv Shah
- 409字
- 2021-07-09 18:26:40
Using unicornscan for faster port scanning
Unicornscan is another scanner that works very fast, the core reason being the methodology the tool implements. It works with the technique of asynchronous stateless TCP scanning, wherein it makes all possible variations with the TCP flags and the UDP as well. In this recipe, we are going to look at how to make use of unicornscan and its advanced capabilities.
Getting ready
In order to get started with unicornscan, we will take an IP from our range of IPs and dig deeper into the tool's capabilities.
How to do it...
Let's work through the following steps:
- Open terminal and type the following command for a simple unicornscan:
unicornscan <IP address>
The output will be as shown in the following screenshot:
- If you would like to see the details of what it is doing while we execute the command, we can make use of the verbose script by using the following command:
unicornscan -v <IP address>
The output will be as shown in the following screenshot:
We can see that it shows the ports it takes into consideration while it performs the scan.
- Let's say we want to do the same with UDP as well. Enter the following command in terminal:
unicornscan -v -m U <IP address>
The output will be as shown in the following screenshot:
- There are more options available. To check them, type the following command in terminal:
Unicornscan -h
The output will be as shown in the following screenshot:
How it works...
The commands mentioned in the recipe work as follows:
Unicornscan <IP address>
: In this scenario, unicornscan runs the defaultTCP SYN
scan (the params in unicornscan would be-mTS
over the IP) and scans for the quick ports under theunicornscan.conf
file located at/etc/Unicornscan/unicornscan.conf
.-v
: The switch tells the scanner to enter verbose mode and provide more information as to what it is doing when it performs a scan.-m U
: The-m
switch stands for the mode of scanning to be used. In this scenario, we usedU
, which means that the scan type is supposed to be UDP.
In this recipe, we have seen how unicornscan can be effectively used to get information about the open ports at lightning speed, and how we can toggle between different switches.
There's more...
There are many more switches available in unicornscan that can be used to improvise the scanning preference. It is recommended to try them out and get acquainted with them:
Unicornscan -h