Today we are going to look at how to use the masscan tool in this Linux tutorial section. This tool is pre-installed on Linux and if you do not have this tool on your device you can install it using the command given below. You can also use this tool through termux.
sudo apt install masscan
If you want to run this masscan tool on your Linux you need to type the command sudo masscan in the terminal and run it. And there is another way in Linux by clicking on the Linux logo in the top left side corner and gathering information> Live host identification> masscan
What is masscan?
MASSCAN is TCP port scanner which transmits SYN packets asynchronously and produces results similar to Nmap, the most famous port scanner. Internally, it operates more like scan-rand, unicorn-scan, and Z Map, using asynchronous transmission. It’s a flexible utility that allows arbitrary address and port ranges.
- Ultra Fast port scanning: Transmits up to 10M packets/sec ( Capable- NIC & PF_RING Drivers required)
- Nmap style output
- Nmap style target specification and options
- Banner grabbing
- Basic Vulnerability Scanning like Heartbleed
- Custom TCP/IP stack
- It can be used as a first level recon tool to map the network
- Enumerate a large no of hosts
- Enumerate various subnets inside an organization
- Enumerating the internet!
- Random scanning for FUN & Knowledge!
Scan IPs, Grab Banners & Output Results
First, we need to find the IP address of the website so we need to type the following command in your terminal.
Now we can find the substitute IP address under an IP using this masscan tool.
Example: If the IP we obtained is 188.8.131.52, we use 184.108.40.206/24 to scan IPs 220.127.116.11-254
sudo masscan 18.104.22.168/24 -p80,443
Now we attempt to grab banners from the IPs we scan. For this, we may come across an issue. Since masscan uses custom stack the OS may reject the packet. This is well explained in the home page of the tool. SO for now we need to specify a separate IP address in the same subnet.
For now, My kali has IP address 192.168.1.4. So we need to specify a source IP in the 192.168.1.0/24 range.
masscan 22.214.171.124 -p 80,443 --banners --source-ip 172.20.10.5
Pausing & Resuming a Scan
Maybe when you do a big scanning you can stop and resume again. Press Ctrl + C to stop and run the following command to resume scanning again.
sudo masscan --resume paused.conf
Not only this, but with the help of this tool you can do much more. To know them you have to type sudo masscan –help in your terminal.
If you want to know more about this masscan tool click here
I hope this post is helpful to you and you can ask me through the command section if you have any doubts.