XMap 是一款兼含 IPv6 与 IPv4 网络空间探测功能的快速扫描器，并且也是第一款学术界+工业界中专门用于 IPv6 资产快速扫描的工具。其参考 ZMap 的原理进行开发，从底层完全改写了 ZMap 的核心代码，将 ZMap 在 IPv4 网络空间的多种扫描优势移植到 IPv6 空间，并且结合我们自身最新的研究发现，增添了 IPv6 设备快速发现技术以及多端口扫描功能，且完全兼容 ZMap，具备“5分钟”扫描32位网络空间的能力。
XMap 适用于 GNU/Linux，Mac OS 和 BSD 操作系统，已经支持 ICMP Echo，TCP SYN 和 UDP 扫描。
结合应用层扫描工具 ZGrab2, XMap 可以发挥更多的扫描功能。
XMap 最新版本为 v1.0.0，目前仅支持编译安装。
安装步骤详见 INSTALL 文件。
详细使用步骤见 GitHub Wiki。
Abstract. Numerous measurement researches have been performed to discover the IPv4 network security issues by leveraging the fast Internet-wide scanning techniques. However, IPv6 brings the 128-bits address space and renders brute-force network scanning impractical. Although significant efforts have been dedicated to enumerating active IPv6 hosts, limited by technique efficiency and probing accuracy, large-scale empirical measurement studies under the increasing IPv6 networks are infeasible now.
To fill this research gap, by leveraging the extensively adopted IPv6 address allocation strategy, we propose a novel IPv6 network periphery discovery approach. Specifically, XMap, a fast network scanner, is developed to find the periphery, such as a home router. We evaluate it on twelve prominent Internet service providers and harvest 52M active peripheries. Grounded on these found devices, we explore IPv6 network risks of the unintended exposed security services and the flawed traffic routing strategies. First, we demonstrate the unintended exposed security services in IPv6 networks, such as DNS, and HTTP, have become emerging security risks by analyzing 4.7M peripheries. Second, by inspecting the periphery’s packet routing strategies, we present the flawed implementations of IPv6 routing protocol affecting 5.8M router devices. Attackers can exploit this common vulnerability to conduct effective routing loop attacks, inducing DoS to the ISP’s and home routers with an amplification factor of >200. We responsibly disclose those issues to all involved vendors and ASes and discuss mitigation solutions. Our research results indicate that the security community should revisit IPv6 network strategies immediately.
Conference. Proceedings of the 2021 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN ‘21)