X-Scan-v3.02 User Manual
1. System requirement: Windows NT4/2000/XP/2003
2. Introduction:
X-Scan is a general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method. Plug-ins are supportable and GUI or CUI programs are separately provided. The following items can be scanned: service type, remote OS type and version detection based on TCP/IP stack, weak user/password pair, and all of the nessus attack scripts combination. For the most known vulnerabilities, the corresponding descriptions and solutions are provided. As to other vulnerabilities, please refer to "Document" and "Vulnerability engine" in www.xfocus.org.
We provided a simple SDK in X-Scan 3.0 for the purpose of friends can develop plug-ins expediently. Everyone can download the source code of "nasl for windows", X-Scan plug-in SDK and the sample plug-in code from this link: "http://www.xfocus.net/projects/X-Scan/index.html".
3. Components:
xscan_gui.exe -- X-Scan GUI main program
xscan.exe -- X-Scan CUI main program
checkhost.exe -- plug-ins scheduler
update.exe -- live update main program
*.dll -- the indispensable library file
readme.txt -- X-Scan help text
/dat/language.ini -- multi-language config file, language can be switched by setting "LANGUAGE\SELECTED"
/dat/language.* -- multi-language database
/dat/config.ini -- user configuration file, being used for save scanning port list, scanning settings and the names of all dictionary files (including relative paths)
/dat/config.bak -- backup file of "/dat/config.ini", being used for restore the default configuration
/dat/cgi.lst -- CGI vulnerabilities list
/dat/iis_code.ini -- "IIS encode/decode" vulnerabilities list
/dat/port.ini -- being used for save all the known ports and their corresponding services
/dat/*_user.dic -- username dictionary file, being used for searching weak-password user
/dat/*_pass.dic -- password dictionary, being used for searching weak password
/dat/p0f*.fp -- being used for identifing the target OS fingerprinter(passively)
/dat/nmap-os-fingerprints -- being used for identifing the target OS fingerprinter
/dat/*.nsl -- being used for saving the nessus attack scripts list
/plugins -- being used for storing all plug-ins (whose suffix is .xpn).
/scripts -- being used for storing all nessus attack scripts (whose suffix is .nasl)
/scripts/desc -- being used for storing all muti-language description of nessus attack scripts (whose suffix is .desc)
Note: xscan_gui.exe & xscan.exe use the same plug-in and data file, but each will run independently.
4. Preparation:
X-Scan which is absolutely free can be executed immediately after being decompressed without registration and installation (install WinPCap driver automatically).
5. GUI program options description:
General config:
"IP address range" - You can input a single IP address or domain name, and you can input the range of IP address that be separated by "-" or "," also, for example: "192.168.0.1-192.168.0.20,192.168.1.10-192.168.1.254".
"Load host list from file" - If you select this checkbox, X-Scan will read target address from a text file. The file should contain a single address or range of address like the "IP address range" in every line.
"Report file" - The final report file what locates directory "\log".
"Report type" - Support TXT and HTML format currently.
"Build and open report automate when complete" - Such as the caption.
"Save host list" - If you select this checkbox, X-Scan will save the address of alive hosts into a text file.
"Host list file" - Being used for saving the address of alive hosts, this file locates directory "\log".
"Advanced config":
"Maximal number of thread" - The maximal number of concurrent threads when X-Scan is working.
"Maximal number of host" - The maximal number of concurrent host when X-Scan is working, X-Scan will create sub-process for every host.
"Display verbose information" - Such as the caption.
"Skip host when failed to get response" - X-Scan will try to check the activity of target host by "TCP Ping" if it's running under Windows 2000/XP/2003 and has administrator permission, otherwise X-Scan will perform this job by "ICMP Ping".
"Skip host when no open port has been found" - If X-Scan doesn't found any TCP port within the "Scan port", X-Scan will cancel the other detection to this host.
"Scan always" - Such as the caption.
"Port":
"Scan port" - The range of TCP port that be separated by "-" or ",".
"Scan mode" - X-Scan support "TCP full connection" and "SYN half connection" two kinds of methods currently.
"Identify service by response" - Connect to open port to identify the service by it's response.
"Identify OS version forwardly by TCP/IP stack fingerprinter" - Such as the caption.
"Default port" - Such as the caption.
"NASL config":
"NASL scripts list" - You can customize nessus attack scripts to make scanning speed up. If you want to load all the scripts, you should clear this edit box.
"Select" - In the selecting window, you can select scripts by their risk, category and family.
"Script execute timeout(s)" - Specify the timeout of script executing.
"Network read timeout(s)" - Specify the timeout of reading TCP socket.
"Skip the destructive scripts for host" - Such as the caption.
"Check the dependencies of scripts" - Many scripts are depend on each other, if you don't select this checkbox, you can make scanning speed up, but the result is incorrect probably.
"Execute the destructive scripts for single service orderly" - If a script gather information from a service when another script is performming a DoS attack, the result is incorrect probably. But if you don't select this checkbox, you can make scanning speed up.
"Network config":
"Network adapter" - Select an appropriate adapter in order to capture network packets by WinPCap. You should select "\Device\Packet_NdisWanIp" if you have a dial-up connection.
"HTTP":
"Encode" - All are such as the caption.
"Dictionary":
Specify all the password dictionary file what being used for checking weak password.
6. CUI program parameter description:
1.command format: xscan -host <start IP>[-<end IP>] <scanning items> [other options]
xscan -file <host list> < scanning items > [other options]
Explanations of scanning items are as follow:
-active : check if the target host is active
-os : check target operate system by NETBIOS and SNMP protocol
-port : scan the common port status (customizing scanning port list by modifying "PORT-SCAN-OPTIONS\PORT-LIST" in \dat\config.ini);
-ftp : scan FTP weak password (setting user/password dictionary file by modifying \dat\config.ini);
-pub : check anonymous pub write permission of FTP server
-pop3 : scan POP3-Server weak password (setting user/password dictionary file by modifying \dat\config.ini);
-smtp : scan SMTP-Server weak password (setting user/password dictionary file by modifying \dat\config.ini);
-sql : scan SQL-Server weak password (setting user/password dictionary file by modifying \dat\config.ini);
-smb : scan NT-Server weak password (setting user/password dict
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
X_scan (2000个子文件)
config.bak 2KB
debian.bmp 1KB
nasl.bmp 1KB
mandrake.bmp 1KB
ftp.bmp 1KB
ibm.bmp 1KB
netbios.bmp 1KB
server.bmp 1KB
3com.bmp 824B
winxp.bmp 824B
sql.bmp 824B
file.bmp 824B
ntdisk.bmp 824B
http.bmp 824B
policy.bmp 824B
freebsd.bmp 824B
cgi.bmp 824B
win2k.bmp 824B
ntreg.bmp 824B
win98.bmp 824B
ntuser.bmp 824B
ntuse.bmp 824B
ntpass.bmp 824B
finger.bmp 824B
cisco.bmp 824B
smtp.bmp 824B
port.bmp 824B
info.bmp 822B
vendor.bmp 822B
service.bmp 822B
high.bmp 822B
med.bmp 822B
linux.bmp 822B
low.bmp 822B
winme.bmp 822B
ntjob.bmp 822B
user-disabled.bmp 822B
ntshare.bmp 822B
winnt.bmp 822B
suse.bmp 822B
alert.bmp 822B
hp.bmp 822B
redhat.bmp 822B
iis.bmp 822B
tracert.bmp 822B
go.bmp 822B
ntstatist.bmp 822B
question.bmp 822B
sun.bmp 822B
session.bmp 822B
user.bmp 822B
os.bmp 822B
time.bmp 822B
novell.bmp 822B
printer.bmp 822B
mac.bmp 822B
snmp.bmp 822B
net.bmp 822B
information.bmp 822B
shell.bmp 246B
pop3.bmp 246B
aix.bmp 246B
svrinfo.bmp 246B
scan.bmp 246B
rpc.bmp 246B
uncheck.bmp 246B
check.bmp 246B
ssl.bmp 246B
dns.bmp 246B
language.cn 13KB
altavista_search.nasl.desc 802B
xnews.nasl.desc 687B
alchemy_eye_http.nasl.desc 559B
advanced_poll_phpinfo.nasl.desc 555B
airport_plaintext_credentials.nasl.desc 552B
worm_netsky_b.nasl.desc 536B
wwwboardpwd.nasl.desc 525B
alcatel_adsl_firewalling.nasl.desc 524B
samihttp_1_0_4.nasl.desc 502B
trillian_patchg.nasl.desc 502B
xoops_myheader_url_xss.nasl.desc 501B
alexandriadev_upload_spoofing.nasl.desc 500B
an_httpd_cgis.nasl.desc 495B
vp-asp_sql_injection.nasl.desc 489B
alcatel_backdoor_switch.nasl.desc 488B
bea_password.nasl.desc 486B
www_too_long_useragent.nasl.desc 478B
oracle_soap_vulns.nasl.desc 471B
smb_nt_ms04-006.nasl.desc 462B
12planet_chat_server_path_disclosure.nasl.desc 459B
iis_webdav_overflow.nasl.desc 455B
alienform.nasl.desc 450B
3com_config_disclosure.nasl.desc 448B
wftp_321_overflow.nasl.desc 440B
webdav_enabled.nasl.desc 437B
smb_nt_ms04-007.nasl.desc 430B
ftp_servu_mdtm_overflow.nasl.desc 427B
12planet_chat_server_plaintext_password.nasl.desc 425B
agora.nasl.desc 421B
anaconda.nasl.desc 418B
共 2000 条
- 1
- 2
- 3
- 4
- 5
- 6
- 20
资源评论
wangbochao
- 粉丝: 0
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功