I only know enough binary to ask where the bathroom is

I found this gem of an Nmap command yesterday. I was unable to write about this awesome command though because my site was offline. But I’m back now!

Important Notes:

You will need to download the latest version of nmap from insecure.org, or you can click here

The command:

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]

Just remove [targetnetworks] and replace that value with the subnet you wish to scan. Since my gateway is 192.168.1.1, I altered the command to scan my network to look like the following:

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.1.*

Analyze the output:

A clean machine should report at the bottom: “Conficker: Likely CLEAN”, while likely infected machines say: “Conficker: Likely INFECTED”. For more advice, see this nmap-dev post by Brandon Enright.