PENTEST VIA CELLULAR NETWORK (IV): PORT SCANNING PYTHON-NMAP
- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwDMqMgfPW0ySrGsMayB1hoK8cdsUbr0-LffjGwzq4Zn_s2zYtxlMSB2FV5Yo3kfxRvxUTGmuxMCS5OgUjnYZC9Qzganazt9pLWutFZ79OEO5rDVmXGnnfFtueW578hDUog9NdKHaNF_xP/s400/screenshot.22.jpg)
1 - Installing Python-Map on the Raspeberry Pi
- python-nmap is a python library which helps in using Nmap port scanner.
- It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports.
- It also supports nmap script outputs.
- For further information:
https://xael.org/norman/python/python-nmap/
- Python-nmap works on top of Nmap, so let's make sure that Nmap is previosly installed:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNwf8RzIrVvPAuY-YrdX6XIEzGr4x0AI0ycj9K8ENwumM9euXL8NLo82vkQ53lMFEn1haK71Sb_k1-c-V-l_bKPXXfVQNIHs05gLrztxpxbXRqOm4G5SMewcV-L52ktWOkzoSnGj4ycWzx/s1600/screenshot.12.jpg)
- Downloading python-nmap:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7ULDp_O5Oov6Q03j0_OkUA5GIsaxLBBtPGp2xCfNqJSCMq0guwCwc_CU4ZC0nSdvWxvKemBcaiIG7fnYSwQ1dG_4awf9i8WPVow7L5FfSkm3B6wfMJee5k9InuoriVFz8bQArGcZsVwJ5/s1600/screenshot.5.jpg)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8hevXvDYpTyCFVctvvE5OTagIW-soxzbDjOcneEy9lF-GdeHbG_yQXa8X4Akm-dUasGWy1ca5v5KTnXk0FOq5DewQ1LR3UlA9eeHVwfK4mCfndl2NbCGTCdHexqbygEC1E51FI9aCCR_5/s400/screenshot.6.jpg)
- Uncompressing:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvFeIuGbP_p4Cm7xLYErmGjk3lmHyA_zN-hCyHoZCb9IuVyC4yK-57WyB2iSfn0jUU1cCy7gF5it3ir70kZuC_WSw03IzXC57pqoln-fM1shHQ_-nHMo1oRB-siYZu-Q3aZ72pWQMDWLWP/s1600/screenshot.7.jpg)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX1eGnD3lQV0OvpJs0rm3ULjyiSALddZxLXNj1PHku0FK0R2VODQ_75d1NcZAefg154koumyPLTwAXMG135Mkdn7Ljbi3ZXLvRX4DZ1qgytObIzFMaZBQqOBfyfXDA99GfA5WMs45LwdLE/s1600/screenshot.8.jpg)
- Setting up and installing:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiewm47TfRMyBbyP9hEdGbzmotSJYCctsBotGUwxcy0vUKKEALL0hhi3jq_wtJUYJ_Re5da5TZw64wvnVEGXVJDpajSHesFwZ9xSiOsAzh2qqpRj8xqE6JrlniBOGz4rBgeqn6OzffGwZPp/s1600/screenshot.9.jpg)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3UNxpKmqgEtp6GE0hfUJlsrYfUkcBm9bjlzFTjYuxTVygV-DNCsidz-C7JT50BGtBJu0OU2h6YWmq9dHqHK6tDFyr4rt3m9hX225zo2Eb9vZCaTtCsd3lTGmmFlpxNw3YokBdGDky_Odd/s1600/screenshot.10.jpg)
2 - Testing python-nmap with Python interactive mode
- Now, let's check its funcionality scanning the port 22 of the localhost Raspberry Pi, invoking python-nmap from Python:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKvCLDC7sxEbg-LOe8IheR-2WEuZU0ma2NkUPO9BkW5uhDQBJ7Ags2SY3FZEvWDcoRxONtwzRiXFrCEPbQI1QnXCYqHmXuPAheIsPRC69NoiMJSsVPBsZux6NBnWT5rgY4Kzaf3TdkoI1O/s1600/screenshot.13.jpg)
- The SSH port 22 is in "open" status:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiboyohEWF8lsO-LfbGsgOQrDwgg_Wl6SzGAxkW2BxF4Yf_6sPg1_UzL-zmaJYz2kAM6BsNszeuzo_8n_UvBIWUqDtHKBHtUNoCbToDTuHkNtaOYrGc92KnnhhwOaI017xYWE1cVBCagg00/s1600/screenshot.14.jpg)
3 - Writing a Python script using python-nmap
- This Python script uses python-nmap for scanning, and it is based on the documentation provided by the python-nmap official website:
https://xael.org/norman/python/python-nmap/
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgQdGyl_PWbZq_3D8jTgmMOK3llWJnwJ-qoWFTUbGNRciYDC-2WVdo-FpeO2QxRTeNcQP74VzW9qjJ3iPw_HgSXhj4TdHLYdxfmOXXhhux0ZU05XIQc_IVngwUUrBjJkXPI6H7rSYF5qVI/s1600/screenshot.1.jpg)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjibNaMRUb0uvoJr0PJHxZ5bQGxFZfkovaCxK8c7fMYIGqdPJ1hBS6IWzcf7OX5Sq6GSxuG6rD7jTOZw62LDEhlx3Ij25frcOYYkPZzL0jfM27eotnz5pVS-W8LDhviB39xLJ1uwnttFvSA/s1600/screenshot.2.jpg)
- Let's notice that the final section of the script just indicates to scan the localhost port 22:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbkBonpsFizkCWyfgv8uRZ-0qMic6eOiY0TI_1Z03CDr8tnz9ytj94LW16GcfcrJRSuCBGLNK63wCLN8FK0zGROc9p5hEMYVDbPcXx5HyCy48ydJEAdexJJ81WlEo36YVFZczmLFrAI9xU/s400/screenshot.16.jpg)
- Running the script the result is successful:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7QsnD2deOhHplpF6lUXl5ebtdfTLJH2tgNqPoKEpayd3pGm2tvUKM12ovy00BiIgXEeO_lQB7vrjzd6dvjlwm93Hw3ReF7AsiZO1KwJmBejfD9USpV88zJRQ8mCtsxFf6UNKQlDJvF0Rd/s1600/screenshot.17.jpg)