nmap java_Java中调用nmap进行主机探测的原理

在Java中通过调用Runtime这个类可以执行其他的可执行程序，执行后返回一个进程(Process)，利用Process这个类我们可以取得程序执行的回显，因此在Java中调用nmap进行主机探测的原理就很清晰了。通过给函数传递nmap所在路径和我们需要执行的命令即可。

具体实现代码：

/**

* 调用nmap进行扫描

* @param nmapDir nmap路径

* @param command 执行命令

*

* @return 执行回显

* */

public String getReturnData(String nmapDir,String command){

Process process = null;

StringBuffer stringBuffer = new StringBuffer();

try {

process = Runtime.getRuntime().exec(nmapDir + " " + command);

System.out.println("请稍等。。。");

BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream(),"UTF-8"));

String line = null;

while((line = reader.readLine()) != null){

stringBuffer.append(line + "\n");

}

} catch (IOException e) {

e.printStackTrace();

}

return stringBuffer.toString();

}

测试：

NmapTest1 nmapTest1 = new NmapTest1();

String str = nmapTest1.getReturnData("D:\\nmap\\nmap.exe","-sS -P0 -A -v www.zifangsky.cn");

System.out.println(str);

返回结果：

请稍等。。。

Starting Nmap 7.00 ( https://nmap.org ) at 2015-11-30 21:00 ?D1��������?����??

NSE: Loaded 132 scripts for scanning.

NSE: Script Pre-scanning.

Initiating NSE at 21:00

Completed NSE at 21:00, 0.00s elapsed

Initiating NSE at 21:00

Completed NSE at 21:00, 0.00s elapsed

Initiating Parallel DNS resolution of 1 host. at 21:01

Completed Parallel DNS resolution of 1 host. at 21:01, 0.32s elapsed

Initiating SYN Stealth Scan at 21:01

Scanning www.zifangsky.cn (121.42.81.9) [1000 ports]

Discovered open port 21/tcp on 121.42.81.9

Completed SYN Stealth Scan at 21:01, 9.01s elapsed (1000 total ports)

Initiating Service scan at 21:01

Scanning 1 service on www.zifangsky.cn (121.42.81.9)

Completed Service scan at 21:01, 9.10s elapsed (1 service on 1 host)

Initiating OS detection (try #1) against www.zifangsky.cn (121.42.81.9)

Initiating Traceroute at 21:01

Completed Traceroute at 21:01, 9.06s elapsed

Initiating Parallel DNS resolution of 1 host. at 21:01

Completed Parallel DNS resolution of 1 host. at 21:01, 16.50s elapsed

NSE: Script scanning 121.42.81.9.

Initiating NSE at 21:01

Completed NSE at 21:02, 13.32s elapsed

Initiating NSE at 21:02

Completed NSE at 21:02, 0.00s elapsed

Nmap scan report for www.zifangsky.cn (121.42.81.9)

Host is up (0.047s latency).

Not shown: 999 filtered ports

PORT   STATE SERVICE VERSION

21/tcp open  ftp     vsftpd (before 2.0.8) or WU-FTPD

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

Device type: specialized|WAP

Running: iPXE 1.X, Linux 2.4.X|2.6.X

OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22

OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22)

Service Info: Host: www.net.cn

TRACEROUTE (using port 21/tcp)

HOP RTT     ADDRESS

1   3.00 ms 192.168.0.1

2   … 30

NSE: Script Post-scanning.

Initiating NSE at 21:02

Completed NSE at 21:02, 0.00s elapsed

Initiating NSE at 21:02

Completed NSE at 21:02, 0.00s elapsed

Read data files from: D:\nmap

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 73.93 seconds

Raw packets sent: 2158 (97.246KB) | Rcvd: 33 (2.050KB)

感谢zifangsky的个人博客提供内容。