You're reading from Nmap Network Exploration and Security Auditing Cookbook, Third Edition Network discovery and security scanning at your fingertips

Product type Paperback

Published in Sep 2021

Publisher Packt

ISBN-13 9781838649357

Length 436 pages

Edition 3rd Edition

Languages

C++

Tools

Nmap

Concepts

Network Security

Author (1):

Paulino Calderon

View More author details

Table of Contents (22) Chapters

Preface

1. Chapter 1: Nmap Fundamentals

2. Chapter 2: Getting Familiar with Nmap's Family FREE CHAPTER

3. Chapter 3: Network Scanning

4. Chapter 4: Reconnaissance Tasks

5. Chapter 5: Scanning Web Servers

6. Chapter 6: Scanning Databases

7. Chapter 7: Scanning Mail Servers

8. Chapter 8: Scanning Windows Systems

9. Chapter 9: Scanning ICS/SCADA Systems

10. Chapter 10: Scanning Mainframes

11. Chapter 11: Optimizing Scans

12. Chapter 12: Generating Scan Reports

13. Chapter 13: Writing Your Own NSE Scripts

14. Chapter 14: Exploiting Vulnerabilities with the Nmap Scripting Engine

15. Other Books You May Enjoy

Appendix A: HTTP, HTTP Pipelining, and Web Crawling Configuration Options

HTTP user agent

1. Appendix Β: Brute-Force Password Auditing Options

Brute modes

2. Appendix C: NSE Debugging

3. Appendix D: Additional Output Options

4. Appendix Ε: Introduction to Lua

5. Appendix F: References and Additional Reading

Why subscribe?

Running Lua scripts against a network connection with Ncat

Ncat allows users to read, write, redirect, and modify network data in some very interesting ways. Think about it as an enhanced version of the traditional tool netcat. Ncat offers the possibility of running external commands once a connection has been established successfully. Users may use Lua scripts to perform actions on the network sockets created by Ncat.

The following recipe will show you how to run an HTTP server contained in a Lua script with Ncat.

How to do it...

Running Lua scripts against network connections in Ncat is very straightforward; just use the --lua-exec option to set the Lua script you want to execute and the listening port or host to connect to:
```
$ncat --lua-exec <path to Lua script> --listen <port>
```
To start a web server with Ncat, locate the httpd.lua script inside your Ncat's script folder and use the following command:
```
$ncat --lua-exec /path/to/httpd.lua --listen 8080 --keep-open
```
Ncat will start listening on port 8080 and execute the specified Lua script. You may verify that the script is running correctly by pointing a web browser in that direction and checking whether the Got a request for message appears on the output.

How it works...

If you have used netcat before, you are already halfway there. Similar to netcat, Ncat can be put into listening (--listen) and connect mode. However, netcat lacks the --lua-exec option, which serves the purpose of executing an external Lua script against the network socket. This option is very handy for scripting tasks aimed at testing or debugging a wide range of services. The main strength of using this execution mode is that the programs are cross-platform as they are executed on the same built-in interpreter.

The httpd.lua script is an example distributed with Ncat to illustrate service emulation, but it should be clear that our options are endless. Lua is a very powerful language, and many tasks can be scripted with very few lines.

There's more...

Ncat offers a wide range of options that are documented thoroughly at https://nmap.org/ncat/guide/index.html. Do not forget to stop there and go over the full documentation.