X-Scan-v3.2 User Manual
1. System requirement: Windows NT4/2000/XP/2003
2. Introduction:
X-Scan is a general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-scan feature include in the following: service type, remote OS type and version detection based on TCP/IP stack, weak user/password pair, and all of the nessus attack scripts combination. For the most known vulnerabilities, the corresponding descriptions and solutions are provided. As to other vulnerabilities, please refer to "Document" and "Vulnerability engine" in www.xfocus.org.
We provided a simple SDK in X-Scan 3.0 for the purpose of friends can develop plug-ins conveniently. Everyone can download the source code of "nasl for windows", X-Scan plug-in SDK and the sample plug-in code from this link: "http://www.xfocus.net/projects/X-Scan/index.html".
3. Components:
xscan_gui.exe -- X-Scan GUI main program
checkhost.dat -- plug-ins scheduler
update.exe -- live update main program
*.dll -- the dynamic library files
readme.txt -- X-Scan ReadMe
/dat/language.ini -- multi-language config file, language can be switched by setting "LANGUAGE\SELECTED"
/dat/language.* -- multi-language database
/dat/config.ini -- current configuration file, being used for save all configuration
/dat/*.cfg -- custom configuration file
/dat/*.dic -- username and password dictionary, being used for searching weak password
/plugins -- being used for storing all plug-ins (whose suffix is .xpn).
/scripts -- being used for storing all nessus attack scripts (whose suffix is .nasl)
/scripts/desc -- being used for storing all muti-language description of nessus attack scripts (whose suffix is .desc)
/scripts/cache -- being used for caching all nasl scripts (you can delete it at any moment)
4. Preparation:
X-Scan which is absolutely free can be executed immediately after being decompressed without registration and installation (install WinPCap v3.1 beta4 automatically).
5. GUI program options description:
"Scan range":
"IP address range" - You can input a large range of IP section or a single IP address or domain name, and you can input the range of IP address that be separated by "-" or "," also, for example: "192.168.0.1-20,192.168.1.10-192.168.1.254,192.168.2.1/24".
"Load host list from file" - If this checkbox is checked, X-Scan will read target address from a text file. The file should contain a single address or range of address like the "IP address range" in each line.
"Global options":
"Modules" - Select the plug-ins what you want to use.
"Parallel scanning" - Set the maximal number of parallel host and thread.
"Network" - Select your network interface.
"Report" - The final report file what located in the directory "log", support TXT, HTML and XML format currently.
"Others":
"Skip host when failed to get response" - If this checkbox is checked, target will be skiped with no response by "ICMP Ping" and "TCP Ping" before scanning.
"Scan always" - Such as the caption.
"Skip host when no open port has been found" - If X-Scan can't find any TCP port within the "Scan port", X-Scan will cancel the scan action.
"Plug-in options":
You can set the options of every plug-in in this module.
6. Frequently asked questions:
Q: Does X-Scan work exactly without WinPCap?
A: If the WinPCap driver hasn't been installed in your system, X-Scan will install WinPCap 3.1 beta4 automatically, otherwise X-Scan use the current version of WinPCap driver.
Q: I can find 10 "checkhost.exe" in my task list when I'm checking a subnet, why?
A: X-Scan will create sub-process for every host. The sub-processes will terminate automatically after scanning. You can specify this number by parameter "-t".
Q: Why did my computer rebooted when X-Scan was working?
A: WinPcap does not work well if a firewall is installed on the same machine. You should disable or uninstall the firewall and try again.
Q: Why did X-Scan identify target OS incorrectly?
A: If target filtered NETBIOS and SNMP protocol and has strange TCP/IP stack fingerprinter, X-Scan can't identify it's OS correctly, you should judged by yourself.
Q: Why did I selected the "SYN" method to scan TCP port but X-Scan used "TCP" method actually?
A: Only under Windows 2000, SYN scan and the ability of identifing target OS passively are available, the permission of administrator is required simultaneously.
Q: Dose the plug-ins of X-Scan 2.3 is compatible with X-Scan 3.0?
A: No, X-Scan 3.0 changed the plug-in interface for the purpose of friends can develop plug-ins conveniently. So the old plug-ins need some modification.
Q: How can I check the weak password with added password?
A: Dictionary shipped with X-Scan is a simple demo. The better is used your own dictonary.
Q: How can I install X-Scan to my system, and how can I register it?
A: X-Scan which is absolutely free can be executed immediately after being decompressed without registration and installation (install WinPCap 3.1 beta4 automatically).
7. Release history:
X-Scan v3.2 -- release date: 04/08/2005. Updated NASL library to nessus 2.2.4, optimized the main program and NASL library, added HTTP/TELNET/SSH/VNC/CVS/IMAP/NNTP weak password brute crack.
Thank quack for providing so much good idea, and thank our enthusiastic friends again who have ever feedback with good suggestion.
X-Scan v3.1 -- release date: 03/25/2004. Modified the "Active" plug-in, added "SNMP" and "NETBIOS" plug-ins, optimized the main program and NASL library.
X-Scan v3.02 -- release date: 03/08/2004. There are some bugs in "WinPCap 3.1 beta", that maybe cause an exception in CheckHost.exe. So I replaced "WinPCap 3.1 beta" by "WinPCap 2.3", I recommended you to remove "WinPCap 3.1 beta" before you run X-Scan.
X-Scan v3.0 -- release date: 03/01/2004. Fixed known BUGs in the previous v3.0 beta, optimized the main program and plug-ins; updated nasl.dll to support the latest nessus attack scripts; provided a simple library for the purpose of everyone can develop plug-in expediently.
Thank wuxiu and quack for collected nessus attack scripts, thank san for the web page about X-Scan project, and thank our enthusiastic friends again who have ever feed back with good suggestion.
X-Scan v3.0(beta) -- release date: 12/30/2003. Updated main program, added the NASL-plug-in to load all the nessus attack scripts; modified the plug-in interface for the purpose of developping plug-in expediently; enhanced the "identify remote OS" function; threw away some plug-ins what completed by NASL scripts.
Thank isno and Enfis for their excellent plug-ins; thank wuxiu and quack for collected nessus attack scripts; thank our enthusiastic friends who have feed back with good suggestion.
X-Scan v2.3 -- release date: 09/29/2002. Added the SSL-plug-in to check SSL vulnerability; updated PORT/HTTP/IIS-plug-in; updated GUI and changed it's style.
Thank ilsy for excellent plug-ins.
X-Scan v2.2 -- release date: 09/12/2002. Changed the style of result index file; enlarged RPC vulnerability database; fixed known BUGs in the previous v2.1.
Thank xundi, quack and stardust for neaten vulnerability database.
X-Scan v2.1 -- release date: 09/08/2002. Allowed scanning specific SNMP-Info
没有合适的资源?快使用搜索试试~ 我知道了~
X-Scan综合扫描器
共7805个文件
nasl:2974个
cache:2963个
desc:1686个
需积分: 5 59 下载量 198 浏览量
2009-12-04
17:07:01
上传
评论 2
收藏 10.36MB RAR 举报
温馨提示
X-Scan是国内最著名的综合扫描器之一,它完全免费,是不需要安装的绿色软件、界面支持中文和英文两种语言、包括图形界面和命令行方式。主要由国内著名的民间黑客组织“安全焦点”(http://www.xfocus.net)完成,从2000年的内部测试版X-Scan V0.2到目前的最新版本X-Scan 3.3-cn都凝聚了国内众多黑客的心血。最值得一提的是,X-Scan把扫描报告和安全焦点网站相连接,对扫描到的每个漏洞进行“风险等级”评估,并提供漏洞描述、漏洞溢出程序,方便网管测试、修补漏洞.
资源推荐
资源详情
资源评论
收起资源包目录
X-Scan综合扫描器 (7805个子文件)
server.bmp 1KB
imap.bmp 1KB
netbios.bmp 1KB
ftp.bmp 1KB
nntp.bmp 1KB
debian.bmp 1KB
nasl.bmp 1KB
mandrake.bmp 1KB
ssh.bmp 1KB
telnet.bmp 1KB
vnc.bmp 1KB
ibm.bmp 1KB
cgi.bmp 824B
win98.bmp 824B
winxp.bmp 824B
ntuser.bmp 824B
policy.bmp 824B
smtp.bmp 824B
finger.bmp 824B
3com.bmp 824B
file.bmp 824B
http.bmp 824B
sql.bmp 824B
freebsd.bmp 824B
ntdisk.bmp 824B
ntreg.bmp 824B
ntpass.bmp 824B
win2k.bmp 824B
port.bmp 824B
ntuse.bmp 824B
cisco.bmp 824B
time.bmp 822B
mac.bmp 822B
ntjob.bmp 822B
snmp.bmp 822B
service.bmp 822B
novell.bmp 822B
vendor.bmp 822B
alert.bmp 822B
high.bmp 822B
go.bmp 822B
low.bmp 822B
med.bmp 822B
user.bmp 822B
sun.bmp 822B
www.bmp 822B
net.bmp 822B
socks.bmp 822B
user-disabled.bmp 822B
information.bmp 822B
ntshare.bmp 822B
redhat.bmp 822B
suse.bmp 822B
printer.bmp 822B
iis.bmp 822B
info.bmp 822B
ntstatist.bmp 822B
os.bmp 822B
winme.bmp 822B
linux.bmp 822B
winnt.bmp 822B
question.bmp 822B
cvs.bmp 822B
tracert.bmp 822B
hp.bmp 822B
session.bmp 822B
dns.bmp 246B
shell.bmp 246B
scan.bmp 246B
check.bmp 246B
svrinfo.bmp 246B
uncheck.bmp 246B
ssl.bmp 246B
aix.bmp 246B
pop3.bmp 246B
rpc.bmp 246B
nntp_info.cache 20KB
webmirror.cache 20KB
torturecgis.cache 20KB
ids_evasion.cache 20KB
smtp_settings.cache 20KB
global_settings.cache 20KB
logins.cache 20KB
http_ids_evasion.cache 20KB
kerberos.cache 20KB
smb_scope.cache 20KB
smb_sid2localuser.cache 20KB
smb_sid2user.cache 20KB
http_login.cache 20KB
smb_nt_ms02-009.cache 7KB
sygate_remote_control.cache 7KB
squid_wccp_and_gopher_flaws.cache 7KB
postgresql_multiple_flaws.cache 7KB
ixmail_sql_injection.cache 7KB
cp-firewall-webauth.cache 7KB
telnetserver_detect_type_nd_version.cache 7KB
CSCdx92043.cache 7KB
smb_localusers_disabled.cache 7KB
mspws_dotdotdot.cache 7KB
tomcat_source_exposure.cache 7KB
共 7805 条
- 1
- 2
- 3
- 4
- 5
- 6
- 79
资源评论
kellychongc
- 粉丝: 1
- 资源: 13
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功