how can i scan internet servers
C4o opened this issue · 7 comments
sx arp xxx can only get mac address of servers which in local network, and sx tcp xxx scan mode can only be used with arp scan result before. so how can i scan internet servers, i cannot get its mac address.
i cannot get its mac address
Hi @C4o ! And you shouldn't, you must have the mac address of the default gateway in the arp cache to scan external networks.
i get the mac address of the default gateway and put it in arp.cache and try to scan external network again..is anything wrong with me.
first find my default gateway ip
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 gateway (192.168.134.2) 0.080 ms 0.117 ms 0.077 ms
then get the mac address of it
sx arp 192.168.134.2 --json | tee arp.cache {"ip":"192.168.134.2","mac":"00:50:56:fe:32:c5","vendor":"VMware, Inc."}
then try to scan
cat arp.cache | sx tcp -p 1-65535 81.x.x.162 --json Error: invalid IP subnet/host
try to explicitly specify network interface and gateway mac address, like -i eth0 --gwmac 'b0:be:76:43:54:9e'
I just tried to scan in Virtuabox VM using -i and --gwmac options. Everything works fine.
thx for that...but i found another problem..
[root@localhost ~]# cat arp.cache | sx tcp -p 22 81.x.x.162 --json -i ens33 --gwmac '00:50:56:fe:32:c5' {"scan":"tcpsyn","ip":"81.x.x.162","port":22}
[root@localhost ~]# cat arp.cache | sx tcp -p 1-65535 81.x.x.162 --json -i ens33 --gwmac '00:50:56:fe:32:c5'
[root@localhost ~]# cat arp.cache | sx tcp -p 20-30 81.x.x.162 --json -i ens33 --gwmac '00:50:56:fe:32:c5' {"scan":"tcpsyn","ip":"81.x.x.162","port":22}
when i set -p parameter to a large range, sx might be not woring.
It is a typical situation. I suppose that everything is working fine, just try running wireshark, most likely the destination ISP firewall is blocking high-frequency requests. In this case you can use rate limiting. See https://github.com/v-byte-cpu/sx#rate-limiting
okay, thx man.