NINJA PingU - An Open-source High Performance Network Scanner
NINJA PingU is a free open-source, high-performance network scanner for large-scale analyses.
It is designed with performance as its primary goal and developed as a framework to allow easy plugin integration.
It comes out of the box with a set of plugins for services analysis embedded devices identification and to spot backdoors.
It also implements non-blocking networking I/O in the plugin's interface by means of epoll. Each component is multi-threaded and they have built-in caches to minimize synchronization points. In addition, the results persistent operations are buffered to reduce disk writes.
The [-t 5] sets the number of spotter threads, the [-p 80] specifies the targeted port, [-m Service] loads the service and embedded device identification plugin.
The following and several other devices are currently supported:
How NINJA PingU Works
NINJA PingU takes advantage of raw sockets to reduce the three-way TCP handshake latency and it's state. Directly sending IP packets also avoids the TCP stack overhead.It also implements non-blocking networking I/O in the plugin's interface by means of epoll. Each component is multi-threaded and they have built-in caches to minimize synchronization points. In addition, the results persistent operations are buffered to reduce disk writes.
Plugins:
- 32764/TCP Backdoor Scanner Plugin:
Backdoor32764 is a plugin that can identify hosts affected by Backdoor32764 backdoor. You can run this plugin as follows.
# ./bin/npingu -t 2 -p 32764 1.1.1.1-255.0.0.0 -m Backdoor32764- Embedded Devices & Services Discoverage Plugin:
This plugin can be run by using the following command:
# ./bin/npingu -t 5 -p 80 1.1.1.1-255.0.0.0 -m ServiceThe following and several other devices are currently supported:
- Network Cameras
- Direct Digital Control Services
- Smart TV Devices
- Network Programmable Controllers
- Printers
- Solar Power Plants Management Devices
- VoIP Conference Phones
- Central Communication Devices
- Measurement Control Data Logger Devices
- GPS Devices
- Network Multimedia Disks
Requirements:
NINJA PingU comes with all the necessary dependencies out of the box. The following platform is required, though.- GCC compiler
- Linux box. Will not work neither on *BSD or Windows OS.
- Root privileges (required to create raw socket descriptors)
To get pingu, you can run:
$ cd /tmp; wget https://github.com/OWASP/NINJA-PingU/archive/v1.0.1.tar.gz; tar -xvf
v1.0.1.tar.gz; cd NINJA-PingU-1.0.1/; ./npingu.sh
Usage:
# sudo ./bin/npingu [OPTIONS] targets
-t Number of sender threads.
-p Port scan range. For instance, 80 or 20-80.
-d Delay between packages sent (in usecs).
-s No service identification (less bandwith load, more hosts/time).
-m Module to run. For instance, Service.
-h Show this help.
[targets] Ip address seed. For instance, 192.168.1. or 1.1.1.1-255.0.0.0
NINJA Pingu comes with a bash script to automate process compilation, operating system performance tuning, and enhanced user interface with terminator integration. It can be run by running the following command:
$ ./npingu.shExamples:
- Scanning some OVH servers:
# ./bin/npingu -t 3 -p 20-80 188.1.1.1-188.255.1.1 -d 1 -m Service
-Targeted Hosts [188.165.83.148-188.255.83.148]
-Targeted Port Range [20-80]
-Threads [3]
-Delay 1 usec
-Use the Service identification Module
- Scanning several google web servers:
# ./bin/npingu -t 5 -p 80 -s 74.125.0.0-74.125.255.255
-Targeted Hosts [74.125.0.0-74.125.255.255]
-Targeted Port [80]
-Threads [5]
-s synOnly scan
- Scanning the 32764/TCP Backdoor:
# ./bin/npingu -t 2 1.1.1.1-255.1.1.1 -m Backdoor32764 -p 32764
-Targeted Hosts [1.1.1.1-255.1.1.1]
-Targeted Port [32764]
-Threads [2]
-Use the 32764/TCP Backdoor Module
Source: www.effecthacking.com
NINJA PingU - An Open-source High Performance Network Scanner
Reviewed by Anonymous
on
12:49 AM
Rating:
Reviewed by Anonymous
on
12:49 AM
Rating:
