Exploit Brokers

Network Scanning – MASSCAN

Hacking Tools, Network Scanning / by / Leave a Comment

Network scanning is a part of the reconnaissance phase. The reconnaissance phase allows us to collect useful information about possible targets, network structure, and more. The problem with some current tools such as Nmap is the length it takes to do large network scans.

Now a normal penetration test or network audit won’t require a tool that can scan the entire internet but it is a fun and useful idea to have. The tool can reportedly transmit 10 million packets per second. It can send all those packets from a single machine!

In case you don’t want to look through the read me here is the simple breakdown of what to do.

Build and Install instructions

Note: these instructions are for Ubuntu or Debian.

Building the program

First, make sure you have the dependencies

$ sudo apt-get install git gcc make libpcap-dev

Then we will clone down the source code from the repo

$ git clone https://github.com/robertdavidgraham/masscan.git

Next make sure you are in the directory of the code

$ cd masscan

Lastly, we build it using the make program/command

$ make

or if you want it to build faster and use more available processing power use

$ make -j

the above command will compile the program using multiple threads.

Testing the build

The author of the masscan tool included a wonderful testing mechanism to ensure the tricky parts of the program work as expected. To run the test we must run make with the regress command. This will cause make to execute the test.

We have to be in in the root masscan source directory as we were previously when we cloned it down. Then run the following make command

$ make regress

This will run and spit out similar to the following:

bin/masscan --selftest
regression test: success!

The program will run and will indicate success or failure.

Installing the program

Now that we have built the program we can copy the executable into our program directory. Copying the executable allows us to execute it like other commands without having to be in the directory or making explicit calls to the executable within the source code directory.

Change directory within the masscan/bin folder

$ cd bin/

then we copy the masscan executable to our /usr/local/bin so it is in our file path when executing other system programs.

$ sudo cp masscan /usr/local/bin/

Now we have masscan in a location the system looks for when trying to execute system programs. This means we will be able to execute the masscan program from anywhere in the filesystem.

 

Conclusion

MASSCAN is Nmap on massive overdrive. MASSCAN can reportedly scan the entire internet in under 6 minutes. If it was a game item it would be a world class network scanner.

This tool uses a custom TCP/IP stack and can conflict with other tools. The build and installation is easy and quick. It is important to note that the repo has so much more info especially on running the tool. This was a quick intro to pulling it down, building, and installing it.

The repo can be found here > https://github.com/robertdavidgraham/masscan

Happy Scanning

Network Scanner MASSCAN
Network Scanner MASSCAN

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *