GoGhost - a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.

Jul 6, 2020

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.

Installation

You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it:

go build GoGhost.go

Usage Options

GoGhost Scanned 25,000 IP addresses in less than 3 seconds, NMAP took more than 600.

-iL [FILE]

By using the -iL option you're able to specify a list file with CIDRs in the file.

-iR [CIDR]

By using the -iR option you're able to specify an IP Range.

False Positive & False Negative

If the Windows is patched with KB4551762, GoGhost will still flag it as vulnerable. If the list of CIDRs in the file is bigger than 500k IP Addresses it may flag some vulnerable as Timeout.

The Results

Timeout => Closed Port

Not Vulnerable => Does not has compression

....

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Akuagwu Philemon
Akuagwu Philemon
4 years ago

Wow this was really educative

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023