X-Scan-v3.2 User Manual
1. System requirement: Windows NT4/2000/XP/2003
2. Introduction:
X-Scan is a general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-scan feature include in the following: service type, remote OS type and version detection based on TCP/IP stack, weak user/password pair, and all of the nessus attack scripts combination. For the most known vulnerabilities, the corresponding descriptions and solutions are provided. As to other vulnerabilities, please refer to "Document" and "Vulnerability engine" in www.xfocus.org.
We provided a simple SDK in X-Scan 3.0 for the purpose of friends can develop plug-ins conveniently. Everyone can download the source code of "nasl for windows", X-Scan plug-in SDK and the sample plug-in code from this link: "http://www.xfocus.net/projects/X-Scan/index.html".
3. Components:
xscan_gui.exe -- X-Scan GUI main program
checkhost.dat -- plug-ins scheduler
update.exe -- live update main program
*.dll -- the dynamic library files
readme.txt -- X-Scan ReadMe
/dat/language.ini -- multi-language config file, language can be switched by setting "LANGUAGE\SELECTED"
/dat/language.* -- multi-language database
/dat/config.ini -- current configuration file, being used for save all configuration
/dat/*.cfg -- custom configuration file
/dat/*.dic -- username and password dictionary, being used for searching weak password
/plugins -- being used for storing all plug-ins (whose suffix is .xpn).
/scripts -- being used for storing all nessus attack scripts (whose suffix is .nasl)
/scripts/desc -- being used for storing all muti-language description of nessus attack scripts (whose suffix is .desc)
/scripts/cache -- being used for caching all nasl scripts (you can delete it at any moment)
4. Preparation:
X-Scan which is absolutely free can be executed immediately after being decompressed without registration and installation (install WinPCap v3.1 beta4 automatically).
5. GUI program options description:
"Scan range":
"IP address range" - You can input a large range of IP section or a single IP address or domain name, and you can input the range of IP address that be separated by "-" or "," also, for example: "192.168.0.1-20,192.168.1.10-192.168.1.254,192.168.2.1/24".
"Load host list from file" - If this checkbox is checked, X-Scan will read target address from a text file. The file should contain a single address or range of address like the "IP address range" in each line.
"Global options":
"Modules" - Select the plug-ins what you want to use.
"Parallel scanning" - Set the maximal number of parallel host and thread.
"Network" - Select your network interface.
"Report" - The final report file what located in the directory "log", support TXT, HTML and XML format currently.
"Others":
"Skip host when failed to get response" - If this checkbox is checked, target will be skiped with no response by "ICMP Ping" and "TCP Ping" before scanning.
"Scan always" - Such as the caption.
"Skip host when no open port has been found" - If X-Scan can't find any TCP port within the "Scan port", X-Scan will cancel the scan action.
"Plug-in options":
You can set the options of every plug-in in this module.
6. Frequently asked questions:
Q: Does X-Scan work exactly without WinPCap?
A: If the WinPCap driver hasn't been installed in your system, X-Scan will install WinPCap 3.1 beta4 automatically, otherwise X-Scan use the current version of WinPCap driver.
Q: I can find 10 "checkhost.exe" in my task list when I'm checking a subnet, why?
A: X-Scan will create sub-process for every host. The sub-processes will terminate automatically after scanning. You can specify this number by parameter "-t".
Q: Why did my computer rebooted when X-Scan was working?
A: WinPcap does not work well if a firewall is installed on the same machine. You should disable or uninstall the firewall and try again.
Q: Why did X-Scan identify target OS incorrectly?
A: If target filtered NETBIOS and SNMP protocol and has strange TCP/IP stack fingerprinter, X-Scan can't identify it's OS correctly, you should judged by yourself.
Q: Why did I selected the "SYN" method to scan TCP port but X-Scan used "TCP" method actually?
A: Only under Windows 2000, SYN scan and the ability of identifing target OS passively are available, the permission of administrator is required simultaneously.
Q: Dose the plug-ins of X-Scan 2.3 is compatible with X-Scan 3.0?
A: No, X-Scan 3.0 changed the plug-in interface for the purpose of friends can develop plug-ins conveniently. So the old plug-ins need some modification.
Q: How can I check the weak password with added password?
A: Dictionary shipped with X-Scan is a simple demo. The better is used your own dictonary.
Q: How can I install X-Scan to my system, and how can I register it?
A: X-Scan which is absolutely free can be executed immediately after being decompressed without registration and installation (install WinPCap 3.1 beta4 automatically).
7. Release history:
X-Scan v3.2 -- release date: 04/08/2005. Updated NASL library to nessus 2.2.4, optimized the main program and NASL library, added HTTP/TELNET/SSH/VNC/CVS/IMAP/NNTP weak password brute crack.
Thank quack for providing so much good idea, and thank our enthusiastic friends again who have ever feedback with good suggestion.
X-Scan v3.1 -- release date: 03/25/2004. Modified the "Active" plug-in, added "SNMP" and "NETBIOS" plug-ins, optimized the main program and NASL library.
X-Scan v3.02 -- release date: 03/08/2004. There are some bugs in "WinPCap 3.1 beta", that maybe cause an exception in CheckHost.exe. So I replaced "WinPCap 3.1 beta" by "WinPCap 2.3", I recommended you to remove "WinPCap 3.1 beta" before you run X-Scan.
X-Scan v3.0 -- release date: 03/01/2004. Fixed known BUGs in the previous v3.0 beta, optimized the main program and plug-ins; updated nasl.dll to support the latest nessus attack scripts; provided a simple library for the purpose of everyone can develop plug-in expediently.
Thank wuxiu and quack for collected nessus attack scripts, thank san for the web page about X-Scan project, and thank our enthusiastic friends again who have ever feed back with good suggestion.
X-Scan v3.0(beta) -- release date: 12/30/2003. Updated main program, added the NASL-plug-in to load all the nessus attack scripts; modified the plug-in interface for the purpose of developping plug-in expediently; enhanced the "identify remote OS" function; threw away some plug-ins what completed by NASL scripts.
Thank isno and Enfis for their excellent plug-ins; thank wuxiu and quack for collected nessus attack scripts; thank our enthusiastic friends who have feed back with good suggestion.
X-Scan v2.3 -- release date: 09/29/2002. Added the SSL-plug-in to check SSL vulnerability; updated PORT/HTTP/IIS-plug-in; updated GUI and changed it's style.
Thank ilsy for excellent plug-ins.
X-Scan v2.2 -- release date: 09/12/2002. Changed the style of result index file; enlarged RPC vulnerability database; fixed known BUGs in the previous v2.1.
Thank xundi, quack and stardust for neaten vulnerability database.
X-Scan v2.1 -- release date: 09/08/2002. Allowed scanning specific SNMP-Info
kellychongc
- 粉丝: 1
- 资源: 13
最新资源
- 基于stm32、树莓派,后端使用Java的springboot架构,以微信小程序作为用户控制端的智能家居控制系统详细文档+全部资料+高分项目.zip
- 基于STM32F103的移动底座与ROS通信,包括ROS串口节点、STM32串口收发详细文档+全部资料+高分项目.zip
- 基于STM32+RC522 RFID 驱动详细文档+全部资料+高分项目.zip
- 基于stm32+FreeRTOS+ESP8266的实时天气系统详细文档+全部资料+高分项目.zip
- 基于stm32的12864oled图形库详细文档+全部资料+高分项目.zip
- 数据集-目标检测系列- 蛋糕 检测数据集 cake >> DataBall
- 基于Matlab实现瑞利衰落信道仿真(源码).rar
- 基于STM32的LCD12881显示屏驱动详细文档+全部资料+高分项目.zip
- time-sync.cc
- 基于STM32的PurePursuit算法的实现详细文档+全部资料+高分项目.zip
- 基于STM32的Marlin三轴机械臂控制程序详细文档+全部资料+高分项目.zip
- 基于STM32的车牌识别系统详细文档+全部资料+高分项目.zip
- 基于stm32的宠物RFID阅读器详细文档+全部资料+高分项目.zip
- 基于STM32的SLAM机器人移动底盘详细文档+全部资料+高分项目.zip
- 基于STM32的倒车雷达项目--OLED显示,HC-SR04详细文档+全部资料+高分项目.zip
- 基于STM32的孤立词语音识别详细文档+全部资料+高分项目.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈