The Web Local
 

 

AMAP

 

Amap has been designed to correlate the applications that are running on a specific port or ports residing on a host. Amap does this by connecting to the port(s) and sending packets that will hopefully trigger an automatic response in reply.  These packets  typically encompass a standard attempt by an application to carry out a handshake between both hosts.  A lot of network daemons only respond to when a connection is attempted utilising an appropriate handshake (i.e. SSL). Amap then correlates this response with its in-built library and verbosely prints to screen.  

 

Available from here

 

Execution:

amap v5.3 (c) 2005 by van Hauser <amap-dev@thc.org> www.thc.org/thc-amap

 

Syntax: amap [-A|-B|-P|-W] [-1buSRHUdqv] [[-m] -o <file>] [-D <file>]

[-t/-T sec] [-c cons] [-C retries] [-p proto] [-i <file>]

[target port [port] ...]

 

Modes:

      -A Map applications: send triggers, analyse responses (default)

    -B Just grab banners, do not send triggers

    -P No banner or application stuff - be a port scanner

    -W Web Update - online update the application fingerprint database!

 

Options:

      -1 Only send triggers to a port until 1st identification. Speeeeed!

    -6 Use IPv6 instead of IPv4

    -b Print ascii banner of responses

    -i FILE Nmap machine readable outputfile to read ports from

    -u Ports specified on commandline are UDP (default is TCP)

    -R / -S Do NOT identify RPC / SSL services

    -H Do NOT send application triggers marked as potentially harmful

    -U Do NOT dump unrecognised responses (better for scripting)

    -d Dump all responses

    -v Verbose mode, use twice+ for debug (not recommended :-)

    -q Doesn't report closed ports, do not print them as unidentified

    -o FILE [-m] Write output to file FILE,

             -m creates machine readable output

    -c CONS Amount of parallel connections default 32, max 256)

    -C RETRIES Number of reconnects on connect timeouts default 3)

    -T SEC Connect timeout in seconds (default 5)

    -t SEC Response wait timeout in seconds (default 5)

    -p PROTO Only send triggers for this protocol (e.g. ftp)

 

TARGET PORT The target address and port(s) to scan (additional to -i) amap is a tool to identify application protocols on target ports.

Usage hint: Options "-bqv" are recommended, add "-1" for fast/rush checks.

 

IT Security News:

 

Pen Testing Framework:

 

Latest Tool Reviews:

 

 

 

  
 

© VulnerabilityAssessment.co.uk 28 April 2009