在Java中通过调用Runtime这个类可以执行其他的可执行程序，执行后返回一个进程（Process），利用Process这个类我们可以取得程序执行的回显，因此在Java中调用nmap进行主机探测的原理就很清晰了。通过给函数传递nmap所在路径和我们需要执行的命令即可

具体实现代码：

/**	 * 调用nmap进行扫描	 * @param nmapDir nmap路径	 * @param command 执行命令	 * 	 * @return 执行回显	 * */	public String getReturnData(String nmapDir,String command){		Process process = null;		StringBuffer stringBuffer = new StringBuffer();		try {			process = Runtime.getRuntime().exec(nmapDir + " " + command);			System.out.println("请稍等。。。");			BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream(),"UTF-8"));			String line = null;						while((line = reader.readLine()) != null){				stringBuffer.append(line + "\n");			}		} catch (IOException e) {			e.printStackTrace();		}		return stringBuffer.toString();	}

测试：

NmapTest1 nmapTest1 = new NmapTest1();		String str = nmapTest1.getReturnData("D:\\nmap\\nmap.exe","-sS -P0 -A -v www.zifangsky.cn");		System.out.println(str);

返回结果：

请稍等。。。

Starting Nmap 7.00 ( https://nmap.org ) at 2015-11-30 21:00 ?D1???

NSE: Loaded 132 scripts for scanning.NSE: Script Pre-scanning.Initiating NSE at 21:00Completed NSE at 21:00, 0.00s elapsedInitiating NSE at 21:00Completed NSE at 21:00, 0.00s elapsedInitiating Parallel DNS resolution of 1 host. at 21:01Completed Parallel DNS resolution of 1 host. at 21:01, 0.32s elapsedInitiating SYN Stealth Scan at 21:01Scanning www.zifangsky.cn (121.42.81.9) [1000 ports]Discovered open port 21/tcp on 121.42.81.9Completed SYN Stealth Scan at 21:01, 9.01s elapsed (1000 total ports)Initiating Service scan at 21:01Scanning 1 service on www.zifangsky.cn (121.42.81.9)Completed Service scan at 21:01, 9.10s elapsed (1 service on 1 host)Initiating OS detection (try #1) against www.zifangsky.cn (121.42.81.9)Initiating Traceroute at 21:01Completed Traceroute at 21:01, 9.06s elapsedInitiating Parallel DNS resolution of 1 host. at 21:01Completed Parallel DNS resolution of 1 host. at 21:01, 16.50s elapsedNSE: Script scanning 121.42.81.9.Initiating NSE at 21:01Completed NSE at 21:02, 13.32s elapsedInitiating NSE at 21:02Completed NSE at 21:02, 0.00s elapsedNmap scan report for www.zifangsky.cn (121.42.81.9)Host is up (0.047s latency).Not shown: 999 filtered portsPORT   STATE SERVICE VERSION21/tcp open  ftp     vsftpd (before 2.0.8) or WU-FTPDWarning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed portDevice type: specialized|WAPRunning: iPXE 1.X, Linux 2.4.X|2.6.XOS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22)Service Info: Host: www.net.cn

TRACEROUTE (using port 21/tcp)

HOP RTT     ADDRESS1   3.00 ms 192.168.0.12   … 30

NSE: Script Post-scanning.

Initiating NSE at 21:02Completed NSE at 21:02, 0.00s elapsedInitiating NSE at 21:02Completed NSE at 21:02, 0.00s elapsedRead data files from: D:\nmapOS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 73.93 seconds           Raw packets sent: 2158 (97.246KB) | Rcvd: 33 (2.050KB)

（PS:打个广告，更多原创文章，尽在我的个人博客网站：）