NBTSCAN可以取到PC的真实IP地址和MAC地址,如果有”ARP攻击”在做怪,可以找到装有ARP攻击的PC的IP/和MAC地址。
下面把聽NBTSCAN使用方法详细列出来下
nbtscan [-v] [-d] [-e] [-l] [-t timeout] [-b bandwidth] [-r] [-q] [-s separator]
聽[-m retransmits] (-f filename)|(
聽聽聽聽聽聽聽 -v聽聽聽聽聽聽聽聽聽聽聽聽聽 verbose output. Print all names received
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 from each host
聽聽聽聽聽聽聽 -d聽聽聽聽聽聽聽聽聽聽聽聽聽 dump packets. Print whole packet contents.
聽聽聽聽聽聽聽 -e聽聽聽聽聽聽聽聽聽聽聽聽聽 Format output in /etc/hosts format.
聽聽聽聽聽聽聽 -l聽聽聽聽聽聽聽聽聽聽聽聽聽 Format output in lmhosts format.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 Cannot be used with -v, -s or -h options.
聽聽聽聽聽聽聽 -t timeout聽聽聽聽聽 wait timeout milliseconds for response.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 Default 1000.
聽聽聽聽聽聽聽 -b bandwidth聽聽聽 Output throttling. Slow down output
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 so that it uses no more that bandwidth bps.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 Useful on slow links, so that ougoing queries
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 don't get dropped.
聽聽聽聽聽聽聽 -r聽聽聽聽聽聽聽聽聽聽聽聽聽 use local port 137 for scans. Win95 boxes
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 respond to this only.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 You need to be root to use this option on Unix.
聽聽聽聽聽聽聽 -q聽聽聽聽聽聽聽聽聽聽聽聽聽 Suppress banners and error messages,
聽聽聽聽聽聽聽 -s separator聽聽聽 Script-friendly output. Don't print
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 column and record headers, separate fields with separato
r.
聽聽聽聽聽聽聽 -h聽聽聽聽聽聽聽聽聽聽聽聽聽 Print human-readable names for services.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 Can only be used with -v option.
聽聽聽聽聽聽聽 -m retransmits聽 Number of retransmits. Default 0.
聽聽聽聽聽聽聽 -f filename聽聽聽聽 Take IP addresses to scan from file filename.
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 -f - makes nbtscan take IP addresses from stdin.
聽聽聽聽聽聽聽
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 like 192.168.1.1 or
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 range of addresses in one of two forms:
聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽聽 xxx.xxx.xxx.xxx/xx or xxx.xxx.xxx.xxx-xxx.
NBTSCAN的使用范例:
假设查找一台MAC地址为“000d870d585f”的病毒主机。
1)将压缩包中的nbtscan.exe 和cygwin1.dll解压缩放到c:下。
2)在Windows开始—运行—打开,输入cmd(windows98输入“command”),在出现的DOS窗口中输入:C: btscan -r 192.168.16.1/24(这里需要根据用户实际网段输入),回车。
3)通过查询IP--MAC对应表,查出“000d870d585f”的病毒主机的IP地址为“192.168.16.223”。
聽
下载仅供下载体验和测试学习,不得商用和正当使用。
下载体验