Nmap Zombie Scan

Zombie Scan Part 2

Hi hackers!

In this article, we will learn about Nmap zombie scan to break a firewall part 2.

Disclaimer:-This article is only for educational purposes. Do not misuse it for any other purpose.

First open the kali and give it a root privilege. In this case, we use MSF console.

msfconsole

Type search ipidseq after opening the MSF console

search ipidseq

We use this command for auxiliary searches it will tell you that system that we are using are in use.

Look for auxiliary/scanner/IP/ipidseq

Take that into use for that type.

use auxiliary/scanner/IP/ipidseq

For that type of command, we need to provide some input from us. To find out what type of input is needed.

show options

It will show all the options if there is yes you need to fill that options.

Set the IP address range to 198.168.78.0–198.168.78.255 in RHOST.

If you are using Ethernet, put interface ETH0 or if you are connected to wifi, put WLNA0.

After that, type Show options Look to see if all the options are filled properly are not if all are in good then type.

run

The scans are started and it will work on all IP. Look for incremental IP addresses and open ports.

Use that IP in the idle Nmap zombie scan command

nmap -pn -sI 192.168.78.2 192.168.78.128 -p 1–655535 -v

198.168.78.0 :-The IP address you found in the scan

198.168.78.128:-Target IP

Open the Wireshark and check which attack you are performing is happening on a zombie machine or its happening from our machine.

You can also search for zombie machines using a scripting command.

nmap — script=ipidseq -v -iR 1000 -p80

-iR = search random hosts and we no. Of hosts to scan 1000.

-sI= idle scan

-A= Addressive scan

-v = verbosity

-p80 = scan port no. 80

Thank you for reading this article.

Stay safe, Stay secure