winmap
Windows portscanner with Nmap-like user interface.
This project was started in March 2000 by the author Olle Segerdahl <
olle@nxs.se>.
It's intent was to create a portscanning tool that was slim and usable, using only raw sockets (ie. no device drivers needed) and with an
Nmap-like user interface.
If you are familiar with Nmap, you should have no trouble using winmap, as the parameters and output are designed to be at least vaguely similar.
Features:
- ICMP hostenumeration with TCP & UDP portscanning
- Nmap-like user interface (syntax and output)
- Uses only WinSock code, no external packet libraries
- Resolves IPs to hostnames and portnumbers to servicenames
- Many commandline switches available to finetune behaviour
FAQ:
Q: What's this thing good for anyway?
A: Not much, if you're on a client release of Windows or can install WinPcap,
then you're probably much better off with nmap. I find it is still
useful on Windows Server when you have local admin privileges but
can't, or don't want to for some reason, load the WinPcap drivers...
Q: Why can't I use the SYN scan feature?
A: The SYN scan needs access to raw sockets, these require local administrator
privileges and are severely restricted on client versions of Windows.
Also, you might be running a Windows version from the 90's... ;)
Q: Hey! The TCP connect() scan is really slow, winmap SUCKS!
A: Please read "What the hell are those *.reg files in the distribution for?"
in this FAQ and apply the relevant registry updates.
Q: What the hell are those *.reg files in the distribution for?
A: Simply put, they make the default TCP connect() scan go a hellofalot faster.
They do this by disabling the stupid retries that winsock does in the
connect() function. Refer to M$ KB article Q175523: "INFO: Winsock TCP
Connection Performance to Unused Ports" for more details.
As with most registry changes, you must reboot to activate the changes.
Q: Why can't I SYN scan my own IP adress?
A: Winsock does not allow the RCV_ALL flag to be set on loopback interfaces,
and since all traffic to and from local IP's are routed over loopback
we have no way of listening to the reply packets. SYN and UDP scan skips
scanning of any IP adresses routed over the loopback interface.
Q: Why doesn't winmap find my "services file"?
A: The short answer is that winmap checks for the file "services" first in
%SYSTEMROOT%\system32\drivers\etc and then in %WINDIR% .... the long and
more correct answer is in the code... Use the source, Luke!
Download:
© 2002-2012 by Olle Segerdahl <olle@nxs.se>