Network scanning is a part of the reconnaissance phase. The reconnaissance phase allows us to collect useful information about possible targets, network structure, and more. The problem with some current tools such as Nmap is the length it takes to do large network scans.
Now a normal penetration test or network audit won’t require a tool that can scan the entire internet but it is a fun and useful idea to have. The tool can reportedly transmit 10 million packets per second. It can send all those packets from a single machine!
In case you don’t want to look through the read me here is the simple breakdown of what to do.
Build and Install instructions
Note: these instructions are for Ubuntu or Debian.
Building the program
First, make sure you have the dependencies
$ sudo apt-get install git gcc make libpcap-dev
Then we will clone down the source code from the repo
$ git clone https://github.com/robertdavidgraham/masscan.git
Next make sure you are in the directory of the code
$ cd masscan
Lastly, we build it using the make
program/command
$ make
or if you want it to build faster and use more available processing power use
$ make -j
the above command will compile the program using multiple threads.
Testing the build
The author of the masscan tool included a wonderful testing mechanism to ensure the tricky parts of the program work as expected. To run the test we must run make with the regress command. This will cause make to execute the test.
We have to be in in the root masscan source directory as we were previously when we cloned it down. Then run the following make command
$ make regress
This will run and spit out similar to the following:
bin/masscan --selftest
regression test: success!
The program will run and will indicate success or failure.
Installing the program
Now that we have built the program we can copy the executable into our program directory. Copying the executable allows us to execute it like other commands without having to be in the directory or making explicit calls to the executable within the source code directory.
Change directory within the masscan/bin folder
$ cd bin/
then we copy the masscan executable to our /usr/local/bin so it is in our file path when executing other system programs.
$ sudo cp masscan /usr/local/bin/
Now we have masscan in a location the system looks for when trying to execute system programs. This means we will be able to execute the masscan program from anywhere in the filesystem.
Conclusion
MASSCAN is Nmap on massive overdrive. MASSCAN can reportedly scan the entire internet in under 6 minutes. If it was a game item it would be a world class network scanner.
This tool uses a custom TCP/IP stack and can conflict with other tools. The build and installation is easy and quick. It is important to note that the repo has so much more info especially on running the tool. This was a quick intro to pulling it down, building, and installing it.
The repo can be found here > https://github.com/robertdavidgraham/masscan
Happy Scanning
Leave a Reply