1. SMB 192.168.1.4 445 JOHNPC [*] Windows 7 Ultimate 7601 Service Pack 1
  2. x64 (name:JOHNPC) (domain:JOHNPC) (signing:False) (SMBv1:True)
  4. x64 (name:JOHNPC) (domain:JOHNPC) (signing:False) (SMBv1:True)
  5. Pack 2 x32 (name:WIN03X64) (domain:WIN03X64) (signing:False) (SMBv1:True

第二十二课:基于SMB发现内网存活主机 - 图1

一句话扫描:
单IP:

第二十二课:基于SMB发现内网存活主机 - 图2

多ip:

  1. 1..5 | % { $a = $_; 445 | % {echo ((newobject
  2. Net.Sockets.TcpClient).Connect("192.168.1.$a",$_)) "Port $_ is open"}

多port,多IP: