How to scan a host with RustScan
When performing a penetration test, one of the most crucial parts is scanning and enumeration. Because if you lose any important port at this stage, you are letting go a juicy part of the attack vector to compromise the machine.
There are several ways to install the tool. We will use Docker this time because it is more independent of your operating system and local dependencies.
Of course, you’ll need docker already installed in your machine. Afterwards, you are ready to download the latest RustScan Docker image from the official repository:
docker pull rustscan/rustscan:2.0.0
[email protected]:~# docker pull rustscan/rustscan:2.0.0 2.0.0: Pulling from rustscan/rustscan 188c0c94c7c5: Pull complete 0d8f984b5092: Pull complete 6311e106f0ce: Pull complete Digest: sha256:9f7b2d282ab8f94005819a5d7011944e4071bdd5f5b4f67c5b659510d052266c Status: Downloaded newer image for rustscan/rustscan:2.0.0 docker.io/rustscan/rustscan:2.0.0
To check that was downloaded succesfully:
[email protected]:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE rustscan/rustscan 2.0.0 6890f34e17b0 10 months ago 41.6MB
Once downloaded, the easiest way to run a scan is with the following command:
docker run rustscan/rustscan:2.0.0 -a $IP_ADDRESS
Let’s run it against our home router as an example: