BNAT Scanner

This module is a scanner which can detect Broken NAT (network address translation) implementations, which could result in a inability to reach ports on remote machines. Typically, these ports will appear in nmap scans as 'filtered'/'closed'.

Search Other Modules

Rank

Normal

Authors

bannedit < bannedit [at] metasploit.com >
Jonathan Claudius < jclaudius [at] trustwave.com >

Vulnerability References

Development

Similar Modules

auxiliary/bnat/bnat_router

Usage Information

$ msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/bnat/bnat_scan
msf auxiliary(bnat_scan) > set RHOSTS [TARGET HOST RANGE]
msf auxiliary(bnat_scan) > run

Module Options

INTERFACE	The name of the interface (default: eth0)
PORTS	Ports to scan (e.g. 22-25,80,110-900) (default: 21,22,23,80,443)
RHOSTS	The target address range or CIDR identifier
THREADS	The number of concurrent threads (default: 1)
TIMEOUT	The reply read timeout in milliseconds (default: 500)
GATEWAY	The gateway IP address. This will be used rather than a random remote address for the UDP probe, if set.
NETMASK	The local network mask. This is used to decide if an address is in the local network.
ShowProgress	Display progress messages during a scan
ShowProgressPercent	The interval in percent that progress should be shown
UDP_SECRET	The 32-bit cookie for UDP probe requests.
VERBOSE	Enable detailed status messages
WORKSPACE	Specify the workspace for this module