{"id":49849,"date":"2022-05-04T09:23:04","date_gmt":"2022-05-04T01:23:04","guid":{"rendered":"https:\/\/version-2.com\/?p=49849"},"modified":"2022-08-19T15:17:01","modified_gmt":"2022-08-19T07:17:01","slug":"nmap-advanced-uses-pt-4-nse","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/05\/nmap-advanced-uses-pt-4-nse\/","title":{"rendered":"Nmap Advanced Uses Pt.4: NSE"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"49849\" class=\"elementor elementor-49849\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<style>\n.post-content h4 { font-size: 24px; color: #4c4ef0; line-height: 1.7em; }\n.post-content h5 { font-size: 20px; color: #4c4ef0; line-height: 1.7em; }\n<\/style>\n\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max\" alt=\"\" width=\"958\" height=\"auto\"><\/p>\n\n\n<h4><strong>Intro<\/strong><\/h4>\n<p>Now that we have covered some of the more important features of Nmap, we would like to talk about one of the most, if not <em>the<\/em> most, important features: NSE, short for <strong>Nmap Scripting Engine<\/strong>. Firstly, let\u2019s mention the fact that the set of NSE scripts is quite diverse and constantly growing. NSE was designed to be flexible, specifically for network discovery, more sophisticated version detection, backdoor detection, vulnerability detection and exploitation.<\/p>\n<h4><strong>NSE Scripts<\/strong><\/h4>\n<p>NSE scripts are written in the Lua programming language. They are tagged with the <strong>-sC<\/strong> option (default scripts option) or with <strong>&#8211;script<\/strong> when we want to specify an exact set of scripts. Note that there are two types of scripts that are supported \u2013 host and service scripts.&nbsp;<\/p>\n<p>Service scripts pertain to some service (open port) that\u2019s running on our target host. All results are shown next to the port in the Nmap output. Host scripts run only once for every target IP.<\/p>\n<p>Before delving further into usage of NSE scripts, and some examples, we would like to provide a bit more context on what spurred the genesis of NSE and what was the original intention for them.<\/p>\n<p>From the Nmap Network Scanning book:<\/p>\n<p style=\"text-align: center;\"><strong>Network discovery<\/strong> \u2013 \u201c<em>Examples include looking up whois data based on the target domain, querying ARIN, RIPE, or APNIC for the target IP to determine ownership, performing identd lookups on open ports, SNMP queries, and listing available NFS\/SMB\/RPC shares and services<\/em>.\u201d<\/p>\n<p style=\"text-align: center;\"><strong>More sophisticated version detection<\/strong> \u2013 \u201c<em>The Nmap version detection system is able to recognize thousands of different services through its probe and regular expression signature based matching system\u2026 Nmap could also recognize more SNMP services if it tried a few hundred different community names by brute force. Neither of these tasks are well suited to traditional Nmap version detection, but both are easily accomplished with NSE\u2026<\/em>\u201d<\/p>\n<p style=\"text-align: center;\"><strong>Vulnerability detection<\/strong> \u2013 \u201c<em>When a new vulnerability is discovered, you often want to scan your networks quickly to identify vulnerable systems before the bad guys do. While Nmap isn\u2019t a comprehensive vulnerability scanner, NSE is powerful enough to handle even demanding vulnerability checks. Many vulnerability detection scripts are already available and we plan to distribute more as they are written.<\/em>\u201d<\/p>\n<p style=\"text-align: center;\"><strong>Backdoor detection \u2013 <\/strong>\u201c<em>Many attackers and some automated worms leave backdoors to enable later reentry. Some of these can be detected by Nmap\u2019s regular expression based version detection. For example, within hours of the MyDoom worm hitting the Internet, Jay Moran posted an Nmap version detection probe and signature so that others could quickly scan their networks for MyDoom infections. NSE is needed to reliably detect more complex worms and backdoors.<\/em>\u201d<\/p>\n<h4><strong>NSE \u2013 Usage<\/strong><\/h4>\n<p>As mentioned above, to use most common scripts, specify <strong>-sC<\/strong>. With <strong>&#8211;script,<\/strong> we can use a specific script we need, but we can also use this switch to further customize our scripts by providing them with some arguments. For example, we can say &#8212;<strong>script-args<\/strong> (for arguments), or &#8212;<strong>script-trace <\/strong>and<strong> &#8211;script-updatedb<\/strong> if we want to debug our script.<\/p>\n<p>NSE scripts are defined by categories, and current categories are:<\/p>\n<ul>\n<li>auth<\/li>\n<li>default<\/li>\n<li>discovery<\/li>\n<li>external<\/li>\n<li>intrusive<\/li>\n<li>malware<\/li>\n<li>safe<\/li>\n<li>version<\/li>\n<li>vuln<span style=\"font-size: 14px;\"><\/span><\/li>\n<\/ul>\n<h5>auth<\/h5>\n<p style=\"font-size: 16px;\">As the name implies, these scripts try to decide what the authentication credentials are for the target machine. Some examples are: <em>snmp-brute, ftp-anon<\/em>.<\/p>\n<h5><strong>default<\/strong><\/h5>\n<p>These are run when we use the -A or -sC options. But, we can also explicitly specify them with the &#8212;<strong>script<\/strong> option. Some factors to consider when trying to decide if you should be running a script by default:<\/p>\n<ul>\n<li>Speed<\/li>\n<li>Verbosity<\/li>\n<li>Usefulness<\/li>\n<li>Reliability<\/li>\n<li>Intrusiveness<\/li>\n<li>Privacy<\/li>\n<\/ul>\n<p>Of course, these are mostly subjective and subject to your discretion, as the limitations in their usage will vary depending on your use case. Thus, you should ponder which ones you would like to promote to the <em>default <\/em>category.<\/p>\n<h5><strong>discovery<\/strong><\/h5>\n<p>These look for information about our target network, mostly by querying SNMP-enabled devices, public registries, etc. Some examples would be: <em>smb-enum-shares, html-title (looks for the root path of a website).<\/em><\/p>\n<h5><strong>external<\/strong><\/h5>\n<p>External scripts may, at times, send data to a db owned by a third-party. (Whois for example) Meaning, if that service is logging activity (which is very likely) they might see and record all that you\u2019ve sent, which will most likely include your IP address. Note that most scripts send traffic strictly between the target (scanned machine) and the scanning machine (attacker machine). Those that don\u2019t send traffic that way are placed in the external category.<\/p>\n<h5><strong>intrusive<\/strong><\/h5>\n<p>Scripts that do not end up in the safe category, due to the risks being too high (use a lot of resources \u2013 CPU, bandwidth, etc.) and\/or considered to be malicious, end up within the intrusive category. Some of the examples are: <em>snmp-brute, http-open-proxy,<\/em><\/p>\n<h5><strong>malware<\/strong><\/h5>\n<p>Scripts in this category check to see if the target is infected with malware. Some examples are: <em>smtp-strangeport, auth-spoof. <\/em>Strangeport looks for SMTP servers that are running on unorthodox ports. Auth-spoof looks for spoofing daemons that love giving fake answers even before queried. These are all signs of malware infected behavior.<\/p>\n<h5><strong>safe<\/strong><\/h5>\n<p>As the name implies, these scripts are designed specifically not to crash anything that\u2019s running, hence they\u2019re categorized as safe. However, they can still anger an administrator! Still, most usually do some regular things and are thus not considered to be a particular threat, or overly aggressive in behavior. Examples: <em>ssh-hostkey, html-title.<\/em><\/p>\n<h5><strong>version<\/strong><\/h5>\n<p>These scripts basically extend the version detection, but cannot be specified explicitly. They\u2019re covered under the -sV command. Examples include: <em>skypev2-version, pptp-version, iax2-version.<\/em><\/p>\n<h5><strong>vuln<\/strong><\/h5>\n<p>Vuln scripts check against a specific known vulnerability. They only report results if the vulns are found. Examples would be: <em>realvnc-auth-bypass, xampp-default-auth.<\/em><\/p>\n<p>Mainly, there are five arguments when it comes to script scanning.<\/p>\n<ul>\n<li>-sC \u2013 the default set of scripts, equivalent to &#8211;script=default<\/li>\n<li>&#8211;script &lt;script-categories&gt; | &lt;directory&gt; | &lt;filename&gt; | all<\/li>\n<\/ul>\n<p>Please note that Nmap scripts are stored in the scripts directory of Nmap. All would execute all scripts in the Nmap script db. Similarly, if we were to specify a directory, Nmap would load (and run) all the scripts inside \u2013 rather, all the files that have .nse extension. Also, note that these can harm your system since they are not run in a sandbox. Verify first. Always.<\/p>\n<ul>\n<li>&#8211;script-args \u2013 with this, we can give arguments to our scripts<\/li>\n<li>&#8211;script-trace \u2013 this option is akin to the &#8211;packet-trace, but with one main difference: it runs at the application layer.<\/li>\n<li>&#8211;script-updatedb \u2013 only used if you\u2019ve removed or added some scripts to the default <em>scripts <\/em>directory, or if some of the categories have been changed. It is ran by specifying the following command \u2013 <strong>nmap \u2013script-updatedb<\/strong><span style=\"font-size: 16px;\"><\/span><\/li>\n<\/ul>\n<h4><strong>Conclusion<\/strong><\/h4>\n<p>Network Scripting Engine, or NSE for short, is a big and important part of Nmap. We hope that by covering the basics in this article, you\u2019re now at least a bit more familiar with some of the ways in which it works.<\/p>\n<p>Remember that anyone can contribute to this project, too. So, if you have some special use cases that you would like to automate, or tweak further, this might be an option for you. There\u2019s also many great resources on the Internet about NSE, so you can see what are some of the uses of it. For example, in the aftermath of the whole Log4j debacle, someone made an NSE script that will check against log4shell or LogJam vulns (CVE-2021-44228). You can check out the Github repo <a href=\"https:\/\/www.github.com\/Diverto\/nse-log4shell\" target=\"_blank\" rel=\"noopener\"><span>here<\/span><\/a>.<\/p>\n<p>Just typing Nmap in Github search gave us 4,577 hits!<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh5.googleusercontent.com\/y13WAWQIkhrLIhI2SjoJ5l6zv5TEItDCHJLAtevNGy_JT0Q6sOPA9EyN1DamsvE-kbcJkiUiBQDwWKv_IDZ_fhw-snbd8Rotct_QfPbHOXDKbTUNXneUh93wGiWlkBnO-nKhYZ8\" width=\"665\" height=\"180\" loading=\"lazy\"><\/p>\n<p>And there you have it! Boosted with your knowledge of NSE, you can further improve on your Nmap mastery, and if you\u2019re interested in writing your own NSE scripts, go and check out <a href=\"https:\/\/www.nmap.org\/book\/nse-tutorial.html\" target=\"_blank\" rel=\"noopener\"><span>this<\/span><\/a> link for NSE script writing tutorial. There is also a simple example script on Nmap\u2019s official website, called <a href=\"https:\/\/www.nmap.org\/book\/nse-example-scripts.html\" target=\"_blank\" rel=\"noopener\"><span>finger<\/span><\/a>, that might be a good starting point for you!<\/p>\n<h4><strong>Resources<\/strong><\/h4>\n<p>Below are some interesting links on the topic of NSE, but we greatly encourage you to go out and search them yourselves.<\/p>\n<ul>\n<li><a href=\"https:\/\/www.infosecmatter.com\/nmap-nse-library\/\" target=\"_blank\" rel=\"noopener\"><span>Infosecmatter | NSE Library<\/span><\/a><\/li>\n<li><a href=\"https:\/\/www.geeksforgeeks.org\/how-to-use-nmap-script-engine-nse-scripts-in-linux\/\" target=\"_blank\" rel=\"noopener\"><span>Geeks for Geeks | How to use Nmap NSE scripts in Linux<\/span><\/a><\/li>\n<li><a href=\"https:\/\/iphelix.medium.com\/writing-nmap-nse-scripts-for-vulnerability-scanning-69b5a1fb94ae\" target=\"_blank\" rel=\"noopener\"><span>Writing NSE scripts for vuln scanning<\/span><\/a><\/li>\n<li><a href=\"https:\/\/nmap.org\/book\/nse-scripts.html\" target=\"_blank\" rel=\"noopener\"><span>Nmap.org | NSE Scripts<\/span><\/a><\/li>\n<li><a href=\"https:\/\/hackmag.com\/devops\/pimp-my-nmap\/\" target=\"_blank\" rel=\"noopener\"><span>Boost your Nmap!<\/span><\/a><\/li>\n<li><a href=\"https:\/\/linuxhint.com\/nmap-scripting-engine-tutorial\/\" target=\"_blank\" rel=\"noopener\"><span>NSE Tutorial<\/span><\/a><\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"39690\" class=\"elementor elementor-39690\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ff2a228 elementor-widget elementor-widget-text-editor\" data-id=\"ff2a228\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p><b>About VRX<\/b><br><b>VRX&nbsp;<\/b>is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Intro Now that we have covered some of the more importa [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[476,488,61],"tags":[477,489],"class_list":["post-49849","post","type-post","status-publish","format-standard","hentry","category-vrx","category-488","category-press-release","tag-vrx","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Nmap Advanced Uses Pt.4: NSE - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Nmap Advanced Uses Pt.4: NSE - Version 2\" \/>\n<meta property=\"og:description\" content=\"Intro Now that we have covered some of the more importa [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-04T01:23:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-19T07:17:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/05\\\/nmap-advanced-uses-pt-4-nse\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Nmap Advanced Uses Pt.4: NSE\",\"datePublished\":\"2022-05-04T01:23:04+00:00\",\"dateModified\":\"2022-08-19T07:17:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/05\\\/nmap-advanced-uses-pt-4-nse\\\/\"},\"wordCount\":1370,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/hubspot\\\/Frame%20136.png?tr=w-1800,c-at_max\",\"keywords\":[\"vRx\",\"2022\"],\"articleSection\":[\"vRx\",\"2022\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/05\\\/nmap-advanced-uses-pt-4-nse\\\/\",\"url\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse\",\"name\":\"Nmap Advanced Uses Pt.4: NSE - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/hubspot\\\/Frame%20136.png?tr=w-1800,c-at_max\",\"datePublished\":\"2022-05-04T01:23:04+00:00\",\"dateModified\":\"2022-08-19T07:17:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#primaryimage\",\"url\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/hubspot\\\/Frame%20136.png?tr=w-1800,c-at_max\",\"contentUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/hubspot\\\/Frame%20136.png?tr=w-1800,c-at_max\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/nmap-advanced-uses-pt.4-nse#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Nmap Advanced Uses Pt.4: NSE\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Nmap Advanced Uses Pt.4: NSE - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse","og_locale":"zh_HK","og_type":"article","og_title":"Nmap Advanced Uses Pt.4: NSE - Version 2","og_description":"Intro Now that we have covered some of the more importa [&hellip;]","og_url":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse","og_site_name":"Version 2","article_published_time":"2022-05-04T01:23:04+00:00","article_modified_time":"2022-08-19T07:17:01+00:00","og_image":[{"url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"7 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/05\/nmap-advanced-uses-pt-4-nse\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Nmap Advanced Uses Pt.4: NSE","datePublished":"2022-05-04T01:23:04+00:00","dateModified":"2022-08-19T07:17:01+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/05\/nmap-advanced-uses-pt-4-nse\/"},"wordCount":1370,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max","keywords":["vRx","2022"],"articleSection":["vRx","2022","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/05\/nmap-advanced-uses-pt-4-nse\/","url":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse","name":"Nmap Advanced Uses Pt.4: NSE - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#primaryimage"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max","datePublished":"2022-05-04T01:23:04+00:00","dateModified":"2022-08-19T07:17:01+00:00","breadcrumb":{"@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#primaryimage","url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max","contentUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/hubspot\/Frame%20136.png?tr=w-1800,c-at_max"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vicarius.io\/blog\/nmap-advanced-uses-pt.4-nse#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Nmap Advanced Uses Pt.4: NSE"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-cY1","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/49849","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=49849"}],"version-history":[{"count":5,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/49849\/revisions"}],"predecessor-version":[{"id":50005,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/49849\/revisions\/50005"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=49849"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=49849"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=49849"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}