Scan in Windows using NMAP from the command line. Computers and Networking Jan 052010 @echo off REM Author: Robert Holland REM Purpose: Performs an NMAP scan based on user input arguments (requires NMap to be installed). REM Takes two or three arguments: protocol and IP Address or Hostname. REM Dumps results in a file on the users desktop and opens it in notepad. The filename will have the targetname and current timestamp. REM Type “scan” without the quotes at the command prompt to see examples. set DATESTAMP=None for /F “tokens=2-4 delims=/ ” %%i in (‘date /t’) do set DATESTAMP=%%k%%i%%j REM echo %DATESTAMP% set TIMESTAMP1=None set TIMESTAMP2=”” set TIMESTAMP3=”” set TIMESTAMP4=”” set TIMESTAMP5=None for /F “tokens=5 delims=: ” %%i in (‘echo ^| time ^| find “current” ‘) do set TIMESTAMP2=%%i for /F “tokens=6 delims=: ” %%i in (‘echo ^| time ^| find “current” ‘) do set TIMESTAMP3=%%i for /F “tokens=7 delims=: ” %%i in (‘echo ^| time ^| find “current” ‘) do set TIMESTAMP4=%%i set TIMESTAMP4=%TIMESTAMP4:.=% set TIMESTAMP=%TIMESTAMP2%%TIMESTAMP3%%TIMESTAMP4% REM echo > %DATESTAMP%%TIMESTAMP%.txt if {“%1”} == {} goto :HelpMe if {%1} == {^/^/} goto :HelpMe if {%1} == {^/?} goto :HelpMe if {%1} == {^/h} goto :HelpMe if {%1} == {-h} goto :HelpMe if {%1} == {xxx} (cls )else if {%1} == {tcp} (nmap -sS -O -PI -PT %2 -oN “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {tu} (nmap -sS -sU -O -PI -PT %2 -oN “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {tcpport} (nmap -sS -O -p %2 -PI -PT %3 -oN “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {udp} (nmap -sU -O -PI -PT %2 -oN “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {udpport} (nmap -sU -O -p %2 -PI -PT %3 -oN “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {portrange} (nmap -sS -sU -O -p %2 -PI -PT %3 -oN “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%3.%DATESTAMP%%TIMESTAMP%.txt” )else if {%1} == {pingsweep} (nmap -sP -PI -PT %2 -oN “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” & notepad “%UserProfile%\Desktop\%2.%DATESTAMP%%TIMESTAMP%.txt” )else goto HelpMe goto :eof :HelpMe @echo “Usage: @echo. scan [tu, udp, tcp, udpport, tcpport [portname], portrange [begin-end], pingsweep [begin-end]] hostname @echo. hostname is interchageable with IP address. @echo. @echo. Examples: @echo. To scan open tcp and udp ports on a target type: scan tu hostname @echo. To scan open udp ports on a target type: scan udp hostname @echo. To scan open tcp ports on a target type: scan tcp 123.45.67.89 @echo. To scan a specific target on udp port 20 type: scan udpport 20 ipaddress @echo. To scan a specific target on tcp port 20 type: scan tcpport 20 ipaddress @echo. To scan a range of udp and tcp ports type: scan portrange 1-500 hostname @echo. To scan a range of IP addresses to see if they are active type: scan pingsweep 123.45.67.1-254”