Wednesday, August 19, 2009

Hack PC in your own Network

Nmap 4.85BETA7

After more than 18 months of work since the 4.50 release, Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 5.00 from With nearly 600 significant changes, we consider this the most important Nmap release since 1997 and we recommend that all current users upgrade!

The release notes provide the top 5 improvements in Nmap 5 as well as example runs and screen shots. The change details section includes improvements to the Nmap Scripting Engine, Zenmap GUI and Results Viewer, the new Ncat tool, the new Ndiff scan comparison tool, performance improvements, the new Nmap book, and much more!

Source packages as well as binary installers for Linux, Windows, and Mac OS X are all available from the Nmap download page.

Update: We've gotten some great press from ITWire, Slashdot, SecurityFocus, LoveMyTool, Reddit, Linux Weekly News, InternetNews.Com, Twitter, and dozens more.

Classic Command-Line Nmap

Some movies using NMAP

In The Bourne Ultimatum (IMDB), the CIA needs to hack the mail server of a newspaper (The Guardian UK) to read the email of a reporter they assassinated. So they turn to Nmap and its new official GUI Zenmap to hack the mail server! Nmap reports that the mail server is running SSH 3.9p1, Posfix smtpd, and a name server (presumably bind). They also make substantial use of Bash, the Bourne-again shell. Congratulations to Roger Chui for being the first to spot this. He also sent a scene transcript and the following HD screen shots (click for full resolution):

Scene in the movie

Die Hard 4

In Die Hard 4: Live Free or Die Hard (Wikipedia, IMDB), Detective John McClane (Bruce Willis) is dispatched to retrieve hacker Matthew Farrell (Justin Long) because the FBI suspects him of breaching their computer systems. Later, Justin is enlisted to help thwart terrorist mastermind Thomas Gabrial's attempts at total World destruction. In this Scene, Farrell demonstrates his Nmap skills:

Scene from DIE HARD 4


We have all seen many movies like Hackers which pass off ridiculous 3D animated eye-candy scenes as hacking. So I was shocked to find that Trinity does it properly in The Matrix Reloaded [Under $6 at Amazon]. She whips out Nmap version 2.54BETA25, uses it to find a vulnerable SSH server, and then proceeds to exploit it using the SSH1 CRC32 exploit from 2001. Shame on them for being vulnerable (timing notes). Congratulations to everyone who has helped make Nmap successful! Click on these thumbnails for higher resolution or view more pictures here.


No comments:

Post a Comment