Metasploit的攻击实例讲解----辅助扫描工具
不多说,直接上干货!
怎么弹出来这个呢,连续按两次tab。
msf > use auxiliary/scanner/
Display all possibilities? (y or n)
use auxiliary/scanner/acpp/login
use auxiliary/scanner/afp/afp_login
use auxiliary/scanner/afp/afp_server_info
use auxiliary/scanner/backdoor/energizer_duo_detect
use auxiliary/scanner/chargen/chargen_probe
use auxiliary/scanner/couchdb/couchdb_enum
use auxiliary/scanner/couchdb/couchdb_login
use auxiliary/scanner/db2/db2_auth
use auxiliary/scanner/db2/db2_version
use auxiliary/scanner/db2/discovery
use auxiliary/scanner/dcerpc/endpoint_mapper
use auxiliary/scanner/dcerpc/hidden
use auxiliary/scanner/dcerpc/management
use auxiliary/scanner/dcerpc/tcp_dcerpc_auditor
use auxiliary/scanner/dcerpc/windows_deployment_services
use auxiliary/scanner/dect/call_scanner
use auxiliary/scanner/dect/station_scanner
use auxiliary/scanner/discovery/arp_sweep
use auxiliary/scanner/discovery/empty_udp
use auxiliary/scanner/discovery/ipv6_multicast_ping
use auxiliary/scanner/discovery/ipv6_neighbor
use auxiliary/scanner/discovery/ipv6_neighbor_router_advertisement
use auxiliary/scanner/discovery/udp_probe
use auxiliary/scanner/discovery/udp_sweep
use auxiliary/scanner/dlsw/dlsw_leak_capture
use auxiliary/scanner/dns/dns_amp
use auxiliary/scanner/elasticsearch/indices_enum
use auxiliary/scanner/emc/alphastor_devicemanager
use auxiliary/scanner/emc/alphastor_librarymanager
use auxiliary/scanner/finger/finger_users
use auxiliary/scanner/ftp/anonymous
use auxiliary/scanner/ftp/bison_ftp_traversal
use auxiliary/scanner/ftp/colorado_ftp_traversal
use auxiliary/scanner/ftp/ftp_login
use auxiliary/scanner/ftp/ftp_version
use auxiliary/scanner/ftp/konica_ftp_traversal
use auxiliary/scanner/ftp/pcman_ftp_traversal
use auxiliary/scanner/ftp/titanftp_xcrc_traversal
use auxiliary/scanner/h323/h323_version
use auxiliary/scanner/http/a10networks_ax_directory_traversal
use auxiliary/scanner/http/accellion_fta_statecode_file_read
use auxiliary/scanner/http/adobe_xml_inject
use auxiliary/scanner/http/allegro_rompager_misfortune_cookie
use auxiliary/scanner/http/apache_activemq_source_disclosure
use auxiliary/scanner/http/apache_activemq_traversal
use auxiliary/scanner/http/apache_mod_cgi_bash_env
use auxiliary/scanner/http/apache_userdir_enum
use auxiliary/scanner/http/appletv_login
use auxiliary/scanner/http/atlassian_crowd_fileaccess
use auxiliary/scanner/http/axis_local_file_include
use auxiliary/scanner/http/axis_login
use auxiliary/scanner/http/backup_file
use auxiliary/scanner/http/barracuda_directory_traversal
use auxiliary/scanner/http/bitweaver_overlay_type_traversal
use auxiliary/scanner/http/blind_sql_query
use auxiliary/scanner/http/bmc_trackit_passwd_reset
use auxiliary/scanner/http/brute_dirs
use auxiliary/scanner/http/buffalo_login
use auxiliary/scanner/http/caidao_bruteforce_login
use auxiliary/scanner/http/canon_wireless
use auxiliary/scanner/http/cert
use auxiliary/scanner/http/chef_webui_login
use auxiliary/scanner/http/chromecast_webserver
use auxiliary/scanner/http/cisco_asa_asdm
use auxiliary/scanner/http/cisco_device_manager
use auxiliary/scanner/http/cisco_ios_auth_bypass
use auxiliary/scanner/http/cisco_ironport_enum
use auxiliary/scanner/http/cisco_nac_manager_traversal
use auxiliary/scanner/http/cisco_ssl_vpn
use auxiliary/scanner/http/cisco_ssl_vpn_priv_esc
use auxiliary/scanner/http/clansphere_traversal
use auxiliary/scanner/http/coldfusion_locale_traversal
use auxiliary/scanner/http/coldfusion_version
use auxiliary/scanner/http/concrete5_member_list
use auxiliary/scanner/http/copy_of_file
use auxiliary/scanner/http/crawler
use auxiliary/scanner/http/dell_idrac
use auxiliary/scanner/http/dir_listing
use auxiliary/scanner/http/dir_scanner
use auxiliary/scanner/http/dir_webdav_unicode_bypass
use auxiliary/scanner/http/dlink_dir_300_615_http_login
use auxiliary/scanner/http/dlink_dir_615h_http_login
use auxiliary/scanner/http/dlink_dir_session_cgi_http_login
use auxiliary/scanner/http/dlink_user_agent_backdoor
use auxiliary/scanner/http/dolibarr_login
use auxiliary/scanner/http/drupal_views_user_enum
use auxiliary/scanner/http/ektron_cms400net
use auxiliary/scanner/http/elasticsearch_traversal
use auxiliary/scanner/http/enum_wayback
use auxiliary/scanner/http/error_sql_injection
use auxiliary/scanner/http/etherpad_duo_login
use auxiliary/scanner/http/f5_bigip_virtual_server
use auxiliary/scanner/http/f5_mgmt_scanner
use auxiliary/scanner/http/file_same_name_dir
use auxiliary/scanner/http/files_dir
use auxiliary/scanner/http/frontpage_login
use auxiliary/scanner/http/git_scanner
use auxiliary/scanner/http/gitlab_login
use auxiliary/scanner/http/gitlab_user_enum
use auxiliary/scanner/http/glassfish_login
use auxiliary/scanner/http/goahead_traversal
use auxiliary/scanner/http/groupwise_agents_http_traversal
use auxiliary/scanner/http/host_header_injection
use auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal
use auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal
use auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal
use auxiliary/scanner/http/hp_imc_reportimgservlt_traversal
use auxiliary/scanner/http/hp_imc_som_file_download
use auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess
use auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration
use auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess
use auxiliary/scanner/http/hp_sys_mgmt_login
use auxiliary/scanner/http/http_header
use auxiliary/scanner/http/http_hsts
use auxiliary/scanner/http/http_login
use auxiliary/scanner/http/http_put
use auxiliary/scanner/http/http_traversal
use auxiliary/scanner/http/http_version
use auxiliary/scanner/http/httpbl_lookup
use auxiliary/scanner/http/iis_internal_ip
use auxiliary/scanner/http/influxdb_enum
use auxiliary/scanner/http/infovista_enum
use auxiliary/scanner/http/ipboard_login
use auxiliary/scanner/http/jboss_status
use auxiliary/scanner/http/jboss_vulnscan
use auxiliary/scanner/http/jenkins_command
use auxiliary/scanner/http/jenkins_enum
use auxiliary/scanner/http/jenkins_login
use auxiliary/scanner/http/joomla_bruteforce_login
use auxiliary/scanner/http/joomla_ecommercewd_sqli_scanner
use auxiliary/scanner/http/joomla_gallerywd_sqli_scanner
use auxiliary/scanner/http/joomla_pages
use auxiliary/scanner/http/joomla_plugins
use auxiliary/scanner/http/joomla_version
use auxiliary/scanner/http/linknat_vos_traversal
use auxiliary/scanner/http/linksys_e1500_traversal
use auxiliary/scanner/http/litespeed_source_disclosure
use auxiliary/scanner/http/lucky_punch
use auxiliary/scanner/http/majordomo2_directory_traversal
use auxiliary/scanner/http/manageengine_desktop_central_login
use auxiliary/scanner/http/manageengine_deviceexpert_traversal
use auxiliary/scanner/http/manageengine_deviceexpert_user_creds
use auxiliary/scanner/http/manageengine_securitymanager_traversal
use auxiliary/scanner/http/mediawiki_svg_fileaccess
use auxiliary/scanner/http/mod_negotiation_brute
use auxiliary/scanner/http/mod_negotiation_scanner
use auxiliary/scanner/http/ms09_020_webdav_unicode_bypass
use auxiliary/scanner/http/ms15_034_http_sys_memory_dump
use auxiliary/scanner/http/mybook_live_login
use auxiliary/scanner/http/netdecision_traversal
use auxiliary/scanner/http/netgear_sph200d_traversal
use auxiliary/scanner/http/nginx_source_disclosure
use auxiliary/scanner/http/novell_file_reporter_fsfui_fileaccess
use auxiliary/scanner/http/novell_file_reporter_srs_fileaccess
use auxiliary/scanner/http/novell_mdm_creds
use auxiliary/scanner/http/ntlm_info_enumeration
use auxiliary/scanner/http/octopusdeploy_login
use auxiliary/scanner/http/open_proxy
use auxiliary/scanner/http/openmind_messageos_login
use auxiliary/scanner/http/options
use auxiliary/scanner/http/oracle_demantra_database_credentials_leak
use auxiliary/scanner/http/oracle_demantra_file_retrieval
use auxiliary/scanner/http/oracle_ilom_login
use auxiliary/scanner/http/owa_ews_login
use auxiliary/scanner/http/owa_iis_internal_ip
use auxiliary/scanner/http/owa_login
use auxiliary/scanner/http/pocketpad_login
use auxiliary/scanner/http/prev_dir_same_name_file
use auxiliary/scanner/http/radware_appdirector_enum
use auxiliary/scanner/http/rails_json_yaml_scanner
use auxiliary/scanner/http/rails_mass_assignment
use auxiliary/scanner/http/rails_xml_yaml_scanner
use auxiliary/scanner/http/replace_ext
use auxiliary/scanner/http/rewrite_proxy_bypass
use auxiliary/scanner/http/rfcode_reader_enum
use auxiliary/scanner/http/rips_traversal
use auxiliary/scanner/http/robots_txt
use auxiliary/scanner/http/s40_traversal
use auxiliary/scanner/http/sap_businessobjects_user_brute
use auxiliary/scanner/http/sap_businessobjects_user_brute_web
use auxiliary/scanner/http/sap_businessobjects_user_enum
use auxiliary/scanner/http/sap_businessobjects_version_enum
use auxiliary/scanner/http/scraper
use auxiliary/scanner/http/sentry_cdu_enum
use auxiliary/scanner/http/servicedesk_plus_traversal
use auxiliary/scanner/http/sevone_enum
use auxiliary/scanner/http/simple_webserver_traversal
use auxiliary/scanner/http/smt_ipmi_49152_exposure
use auxiliary/scanner/http/smt_ipmi_cgi_scanner
use auxiliary/scanner/http/smt_ipmi_static_cert_scanner
use auxiliary/scanner/http/smt_ipmi_url_redirect_traversal
use auxiliary/scanner/http/soap_xml
use auxiliary/scanner/http/sockso_traversal
use auxiliary/scanner/http/splunk_web_login
use auxiliary/scanner/http/squid_pivot_scanning
use auxiliary/scanner/http/squiz_matrix_user_enum
use auxiliary/scanner/http/ssl
use auxiliary/scanner/http/ssl_version
use auxiliary/scanner/http/support_center_plus_directory_traversal
use auxiliary/scanner/http/svn_scanner
use auxiliary/scanner/http/svn_wcdb_scanner
use auxiliary/scanner/http/sybase_easerver_traversal
use auxiliary/scanner/http/symantec_brightmail_ldapcreds
use auxiliary/scanner/http/symantec_brightmail_logfile
use auxiliary/scanner/http/symantec_web_gateway_login
use auxiliary/scanner/http/titan_ftp_admin_pwd
use auxiliary/scanner/http/title
use auxiliary/scanner/http/tomcat_enum
use auxiliary/scanner/http/tomcat_mgr_login
use auxiliary/scanner/http/tplink_traversal_noauth
use auxiliary/scanner/http/trace
use auxiliary/scanner/http/trace_axd
use auxiliary/scanner/http/typo3_bruteforce
use auxiliary/scanner/http/vcms_login
use auxiliary/scanner/http/verb_auth_bypass
use auxiliary/scanner/http/vhost_scanner
use auxiliary/scanner/http/wangkongbao_traversal
use auxiliary/scanner/http/web_vulndb
use auxiliary/scanner/http/webdav_internal_ip
use auxiliary/scanner/http/webdav_scanner
use auxiliary/scanner/http/webdav_website_content
use auxiliary/scanner/http/webpagetest_traversal
use auxiliary/scanner/http/wildfly_traversal
use auxiliary/scanner/http/wordpress_cp_calendar_sqli
use auxiliary/scanner/http/wordpress_ghost_scanner
use auxiliary/scanner/http/wordpress_login_enum
use auxiliary/scanner/http/wordpress_multicall_creds
use auxiliary/scanner/http/wordpress_pingback_access
use auxiliary/scanner/http/wordpress_scanner
use auxiliary/scanner/http/wordpress_xmlrpc_login
use auxiliary/scanner/http/wp_contus_video_gallery_sqli
use auxiliary/scanner/http/wp_dukapress_file_read
use auxiliary/scanner/http/wp_gimedia_library_file_read
use auxiliary/scanner/http/wp_mobile_pack_info_disclosure
use auxiliary/scanner/http/wp_mobileedition_file_read
use auxiliary/scanner/http/wp_nextgen_galley_file_read
use auxiliary/scanner/http/wp_simple_backup_file_read
use auxiliary/scanner/http/wp_subscribe_comments_file_read
use auxiliary/scanner/http/xpath
use auxiliary/scanner/http/yaws_traversal
use auxiliary/scanner/http/zabbix_login
use auxiliary/scanner/http/zenworks_assetmanagement_fileaccess
use auxiliary/scanner/http/zenworks_assetmanagement_getconfig
use auxiliary/scanner/ike/cisco_ike_benigncertain
use auxiliary/scanner/imap/imap_version
use auxiliary/scanner/ip/ipidseq
use auxiliary/scanner/ipmi/ipmi_cipher_zero
use auxiliary/scanner/ipmi/ipmi_dumphashes
use auxiliary/scanner/ipmi/ipmi_version
use auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum
use auxiliary/scanner/kademlia/server_info
use auxiliary/scanner/llmnr/query
use auxiliary/scanner/lotus/lotus_domino_hashes
use auxiliary/scanner/lotus/lotus_domino_login
use auxiliary/scanner/lotus/lotus_domino_version
use auxiliary/scanner/mdns/query
use auxiliary/scanner/misc/cctv_dvr_login
use auxiliary/scanner/misc/clamav_control
use auxiliary/scanner/misc/dahua_dvr_auth_bypass
use auxiliary/scanner/misc/dvr_config_disclosure
use auxiliary/scanner/misc/easycafe_server_fileaccess
use auxiliary/scanner/misc/ib_service_mgr_info
use auxiliary/scanner/misc/java_rmi_server
use auxiliary/scanner/misc/oki_scanner
use auxiliary/scanner/misc/poisonivy_control_scanner
use auxiliary/scanner/misc/raysharp_dvr_passwords
use auxiliary/scanner/misc/rosewill_rxs3211_passwords
use auxiliary/scanner/misc/sercomm_backdoor_scanner
use auxiliary/scanner/misc/sunrpc_portmapper
use auxiliary/scanner/misc/zenworks_preboot_fileaccess
use auxiliary/scanner/mongodb/mongodb_login
use auxiliary/scanner/motorola/timbuktu_udp
use auxiliary/scanner/msf/msf_rpc_login
use auxiliary/scanner/msf/msf_web_login
use auxiliary/scanner/mssql/mssql_hashdump
use auxiliary/scanner/mssql/mssql_login
use auxiliary/scanner/mssql/mssql_ping
use auxiliary/scanner/mssql/mssql_schemadump
use auxiliary/scanner/mysql/mysql_authbypass_hashdump
use auxiliary/scanner/mysql/mysql_file_enum
use auxiliary/scanner/mysql/mysql_hashdump
use auxiliary/scanner/mysql/mysql_login
use auxiliary/scanner/mysql/mysql_schemadump
use auxiliary/scanner/mysql/mysql_version
use auxiliary/scanner/mysql/mysql_writable_dirs
use auxiliary/scanner/natpmp/natpmp_portscan
use auxiliary/scanner/nessus/nessus_ntp_login
use auxiliary/scanner/nessus/nessus_rest_login
use auxiliary/scanner/nessus/nessus_xmlrpc_login
use auxiliary/scanner/nessus/nessus_xmlrpc_ping
use auxiliary/scanner/netbios/nbname
use auxiliary/scanner/nexpose/nexpose_api_login
use auxiliary/scanner/nfs/nfsmount
use auxiliary/scanner/ntp/ntp_monlist
use auxiliary/scanner/ntp/ntp_nak_to_the_future
use auxiliary/scanner/ntp/ntp_peer_list_dos
use auxiliary/scanner/ntp/ntp_peer_list_sum_dos
use auxiliary/scanner/ntp/ntp_readvar
use auxiliary/scanner/ntp/ntp_req_nonce_dos
use auxiliary/scanner/ntp/ntp_reslist_dos
use auxiliary/scanner/ntp/ntp_unsettrap_dos
use auxiliary/scanner/openvas/openvas_gsad_login
use auxiliary/scanner/openvas/openvas_omp_login
use auxiliary/scanner/openvas/openvas_otp_login
use auxiliary/scanner/oracle/emc_sid
use auxiliary/scanner/oracle/isqlplus_login
use auxiliary/scanner/oracle/isqlplus_sidbrute
use auxiliary/scanner/oracle/oracle_hashdump
use auxiliary/scanner/oracle/oracle_login
use auxiliary/scanner/oracle/sid_brute
use auxiliary/scanner/oracle/sid_enum
use auxiliary/scanner/oracle/spy_sid
use auxiliary/scanner/oracle/tnslsnr_version
use auxiliary/scanner/oracle/tnspoison_checker
use auxiliary/scanner/oracle/xdb_sid
use auxiliary/scanner/oracle/xdb_sid_brute
use auxiliary/scanner/pcanywhere/pcanywhere_login
use auxiliary/scanner/pcanywhere/pcanywhere_tcp
use auxiliary/scanner/pcanywhere/pcanywhere_udp
use auxiliary/scanner/pop3/pop3_login
use auxiliary/scanner/pop3/pop3_version
use auxiliary/scanner/portmap/portmap_amp
use auxiliary/scanner/portscan/ack
use auxiliary/scanner/portscan/ftpbounce
use auxiliary/scanner/portscan/syn
use auxiliary/scanner/portscan/tcp
use auxiliary/scanner/portscan/xmas
use auxiliary/scanner/postgres/postgres_dbname_flag_injection
use auxiliary/scanner/postgres/postgres_hashdump
use auxiliary/scanner/postgres/postgres_login
use auxiliary/scanner/postgres/postgres_schemadump
use auxiliary/scanner/postgres/postgres_version
use auxiliary/scanner/printer/canon_iradv_pwd_extract
use auxiliary/scanner/printer/printer_delete_file
use auxiliary/scanner/printer/printer_download_file
use auxiliary/scanner/printer/printer_env_vars
use auxiliary/scanner/printer/printer_list_dir
use auxiliary/scanner/printer/printer_list_volumes
use auxiliary/scanner/printer/printer_ready_message
use auxiliary/scanner/printer/printer_upload_file
use auxiliary/scanner/printer/printer_version_info
use auxiliary/scanner/quake/server_info
use auxiliary/scanner/rdp/ms12_020_check
use auxiliary/scanner/redis/file_upload
use auxiliary/scanner/redis/redis_login
use auxiliary/scanner/redis/redis_server
use auxiliary/scanner/rogue/rogue_recv
use auxiliary/scanner/rogue/rogue_send
use auxiliary/scanner/rservices/rexec_login
use auxiliary/scanner/rservices/rlogin_login
use auxiliary/scanner/rservices/rsh_login
use auxiliary/scanner/rsync/modules_list
use auxiliary/scanner/sap/sap_ctc_verb_tampering_user_mgmt
use auxiliary/scanner/sap/sap_hostctrl_getcomputersystem
use auxiliary/scanner/sap/sap_icf_public_info
use auxiliary/scanner/sap/sap_icm_urlscan
use auxiliary/scanner/sap/sap_mgmt_con_abaplog
use auxiliary/scanner/sap/sap_mgmt_con_brute_login
use auxiliary/scanner/sap/sap_mgmt_con_extractusers
use auxiliary/scanner/sap/sap_mgmt_con_getaccesspoints
use auxiliary/scanner/sap/sap_mgmt_con_getenv
use auxiliary/scanner/sap/sap_mgmt_con_getlogfiles
use auxiliary/scanner/sap/sap_mgmt_con_getprocesslist
use auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter
use auxiliary/scanner/sap/sap_mgmt_con_instanceproperties
use auxiliary/scanner/sap/sap_mgmt_con_listlogfiles
use auxiliary/scanner/sap/sap_mgmt_con_startprofile
use auxiliary/scanner/sap/sap_mgmt_con_version
use auxiliary/scanner/sap/sap_router_info_request
use auxiliary/scanner/sap/sap_router_portscanner
use auxiliary/scanner/sap/sap_service_discovery
use auxiliary/scanner/sap/sap_smb_relay
use auxiliary/scanner/sap/sap_soap_bapi_user_create1
use auxiliary/scanner/sap/sap_soap_rfc_brute_login
use auxiliary/scanner/sap/sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
use auxiliary/scanner/sap/sap_soap_rfc_dbmcli_sxpg_command_exec
use auxiliary/scanner/sap/sap_soap_rfc_eps_get_directory_listing
use auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence
use auxiliary/scanner/sap/sap_soap_rfc_ping
use auxiliary/scanner/sap/sap_soap_rfc_read_table
use auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir
use auxiliary/scanner/sap/sap_soap_rfc_susr_rfc_user_interface
use auxiliary/scanner/sap/sap_soap_rfc_sxpg_call_system_exec
use auxiliary/scanner/sap/sap_soap_rfc_sxpg_command_exec
use auxiliary/scanner/sap/sap_soap_rfc_system_info
use auxiliary/scanner/sap/sap_soap_th_saprel_disclosure
use auxiliary/scanner/sap/sap_web_gui_brute_login
use auxiliary/scanner/scada/digi_addp_reboot
use auxiliary/scanner/scada/digi_addp_version
use auxiliary/scanner/scada/digi_realport_serialport_scan
use auxiliary/scanner/scada/digi_realport_version
use auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess
use auxiliary/scanner/scada/koyo_login
use auxiliary/scanner/scada/modbus_findunitid
use auxiliary/scanner/scada/modbusclient
use auxiliary/scanner/scada/modbusdetect
use auxiliary/scanner/scada/profinet_siemens
use auxiliary/scanner/scada/sielco_winlog_fileaccess
use auxiliary/scanner/sip/enumerator
use auxiliary/scanner/sip/enumerator_tcp
use auxiliary/scanner/sip/options
use auxiliary/scanner/sip/options_tcp
use auxiliary/scanner/sip/sipdroid_ext_enum
use auxiliary/scanner/smb/pipe_auditor
use auxiliary/scanner/smb/pipe_dcerpc_auditor
use auxiliary/scanner/smb/psexec_loggedin_users
use auxiliary/scanner/smb/smb2
use auxiliary/scanner/smb/smb_enum_gpp
use auxiliary/scanner/smb/smb_enumshares
use auxiliary/scanner/smb/smb_enumusers
use auxiliary/scanner/smb/smb_enumusers_domain
use auxiliary/scanner/smb/smb_login
use auxiliary/scanner/smb/smb_lookupsid
use auxiliary/scanner/smb/smb_uninit_cred
use auxiliary/scanner/smb/smb_version
use auxiliary/scanner/smtp/smtp_enum
use auxiliary/scanner/smtp/smtp_ntlm_domain
use auxiliary/scanner/smtp/smtp_relay
use auxiliary/scanner/smtp/smtp_version
use auxiliary/scanner/snmp/aix_version
use auxiliary/scanner/snmp/arris_dg950
use auxiliary/scanner/snmp/brocade_enumhash
use auxiliary/scanner/snmp/cisco_config_tftp
use auxiliary/scanner/snmp/cisco_upload_file
use auxiliary/scanner/snmp/netopia_enum
use auxiliary/scanner/snmp/sbg6580_enum
use auxiliary/scanner/snmp/snmp_enum
use auxiliary/scanner/snmp/snmp_enum_hp_laserjet
use auxiliary/scanner/snmp/snmp_enumshares
use auxiliary/scanner/snmp/snmp_enumusers
use auxiliary/scanner/snmp/snmp_login
use auxiliary/scanner/snmp/snmp_set
use auxiliary/scanner/snmp/ubee_ddw3611
use auxiliary/scanner/snmp/xerox_workcentre_enumusers
use auxiliary/scanner/ssh/apache_karaf_command_execution
use auxiliary/scanner/ssh/cerberus_sftp_enumusers
use auxiliary/scanner/ssh/detect_kippo
use auxiliary/scanner/ssh/fortinet_backdoor
use auxiliary/scanner/ssh/juniper_backdoor
use auxiliary/scanner/ssh/karaf_login
use auxiliary/scanner/ssh/ssh_enumusers
use auxiliary/scanner/ssh/ssh_identify_pubkeys
use auxiliary/scanner/ssh/ssh_login
use auxiliary/scanner/ssh/ssh_login_pubkey
use auxiliary/scanner/ssh/ssh_version
use auxiliary/scanner/ssl/openssl_ccs
use auxiliary/scanner/ssl/openssl_heartbleed
use auxiliary/scanner/steam/server_info
use auxiliary/scanner/telephony/wardial
use auxiliary/scanner/telnet/brocade_enable_login
use auxiliary/scanner/telnet/lantronix_telnet_password
use auxiliary/scanner/telnet/lantronix_telnet_version
use auxiliary/scanner/telnet/telnet_encrypt_overflow
use auxiliary/scanner/telnet/telnet_login
use auxiliary/scanner/telnet/telnet_ruggedcom
use auxiliary/scanner/telnet/telnet_version
use auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp
use auxiliary/scanner/tftp/netdecision_tftp
use auxiliary/scanner/tftp/tftpbrute
use auxiliary/scanner/udp/udp_amplification
use auxiliary/scanner/udp_scanner_template
use auxiliary/scanner/upnp/ssdp_amp
use auxiliary/scanner/upnp/ssdp_msearch
use auxiliary/scanner/vmware/esx_fingerprint
use auxiliary/scanner/vmware/vmauthd_login
use auxiliary/scanner/vmware/vmauthd_version
use auxiliary/scanner/vmware/vmware_enum_permissions
use auxiliary/scanner/vmware/vmware_enum_sessions
use auxiliary/scanner/vmware/vmware_enum_users
use auxiliary/scanner/vmware/vmware_enum_vms
use auxiliary/scanner/vmware/vmware_host_details
use auxiliary/scanner/vmware/vmware_http_login
use auxiliary/scanner/vmware/vmware_screenshot_stealer
use auxiliary/scanner/vmware/vmware_server_dir_trav
use auxiliary/scanner/vmware/vmware_update_manager_traversal
use auxiliary/scanner/vnc/vnc_login
use auxiliary/scanner/vnc/vnc_none_auth
use auxiliary/scanner/voice/recorder
use auxiliary/scanner/vxworks/wdbrpc_bootline
use auxiliary/scanner/vxworks/wdbrpc_version
use auxiliary/scanner/winrm/winrm_auth_methods
use auxiliary/scanner/winrm/winrm_cmd
use auxiliary/scanner/winrm/winrm_login
use auxiliary/scanner/winrm/winrm_wql
use auxiliary/scanner/x11/open_x11
msf > use auxiliary/scanner/
use auxiliary/scanner/portscan/syn
受害机器ip是192.168.1.103
这里,选择好模块后,如果我们只需要扫描一台机器的话,则直接写一个ip既可。
msf > set RHOSTS 192.168.1.0/24 即扫描整个网段的机器。
msf > set RHOSTS 192.168.1.103 即扫描这一台机器(受害机器)。
设置好远程机器(受害机器)的ip和线程数。
use auxiliary/scanner/smb/smb_version
受害机器ip是192.168.1.103
设置好远程机器(受害机器)的ip和线程数。
use auxiliary/scanner/ftp/ftp_login
受害机器ip是192.168.1.103
一般,对于这样的登录扫描的话,则会有一个字典参数。
use auxiliary/scanner/mssql/mssql_login
受害机器ip是192.168.1.106
设置好远程机器(受害机器)的ip和线程数、用户字典。 这个字典,可以包括单独的用户字典,也可以是用户和密码的字典。一般要用到字典的话,则就需要我们自己先生成一个。如下(另外开一个窗口)
比如,我们在/etc下(这里,用到密码字典)
use auxiliary/scanner/mysql/mysql_hashdump
受害机器ip是192.168.1.106
这里,作为攻击者,是随便输入用户名和密码。压根不知道受害机器上SQL Server的用户名和密码。(当然作为测试,其实,它那边的用户名和密码均为sa)
即,可以提取到受害机器的SQL Server上的所有用户名和密码。前面是用户名,后面是加密的密码,hash值。 那,得到这样的hash值密码,该怎么破解呢?教大家!
http://www.cmd5.com/
Metasploit的攻击实例讲解----辅助扫描工具的更多相关文章
- Metasploit的攻击实例讲解----ms10_046快捷方式图标漏洞
不多说,直接上干货! 准备工具 1.Kali linux 2016.2(Rolling)系统 IP: 192.168.1.103 2.受害者机子(windows XP系统) IP: 10.10 ...
- XSS跨站脚本攻击实例讲解,新浪微博XSS漏洞过程分析
2011年6月28日晚,新浪微博遭遇到XSS蠕虫攻击侵袭,在不到一个小时的时间,超过3万微博用户受到该XSS蠕虫的攻击.此事件给严重依赖社交网络的网友们敲响了警钟.在此之前,国内多家著名的SNS网站和 ...
- MetaSploit攻击实例讲解------工具Meterpreter常用功能介绍(kali linux 2016.2(rolling))(详细)
不多说,直接上干货! 说在前面的话 注意啦:Meterpreter的命令非常之多,本篇博客下面给出了所有,大家可以去看看.给出了详细的中文 由于篇幅原因,我只使用如下较常用的命令. 这篇博客,利用下面 ...
- MetaSploit攻击实例讲解------社会工程学set攻击(kali linux 2016.2(rolling))(详细)
不多说,直接上干货! 首先,如果你是用的BT5,则set的配置文件是在 /pentest/exploits/set/set_config下. APACHE_SERVER=ONSELF_SIGNED_A ...
- MetaSploit攻击实例讲解------Metasploit自动化攻击(包括kali linux 2016.2(rolling) 和 BT5)
不多说,直接上干货! 前期博客 Kali linux 2016.2(Rolling)里Metasploit连接(包括默认和自定义)的PostgreSQL数据库 Kali linux 2016.2(Ro ...
- MetaSploit攻击实例讲解------终端下PostgreSQL数据库的使用(包括kali linux 2016.2(rolling) 和 BT5)
不多说,直接上干货! 配置msf连接postgresql数据库 我这里是使用kali linux 2016.2(rolling) 用过的博友们都知道,已经预安装好了PostgreSQL. 1. p ...
- MetaSploit攻击实例讲解------攻击445端口漏洞(kali linux 2016.2(rolling))(详细)
不多说,直接上干货! 大家,相信最近的这个事件,对于445端口已经是非常的小心了.勒索病毒 445端口是一个毁誉参半的端口,有了它我们可以在局域网中轻松访问各种共享文件夹或共享打印机,但也正是因为有了 ...
- 360在线网站安全检测,web安全测试AppScan扫描工具,XSS常用的攻击手法
360在线网站安全检测,web安全测试AppScan扫描工具,XSS常用的攻击手法 如何做好网站的安全性测试 360网站安全检测 - 在线安全检测,网站漏洞修复,网站后门检测http://websca ...
- ms17-010 利用msf的exp和一个扫描工具的复现
0x01简介 永恒之蓝漏洞是方程式组织在其漏洞利用框架中一个针对SMB服务进行攻击的漏洞,该漏洞导致攻击者在目标系统上可以执行任意代码. 攻击对象:win7及win7以下的操作系统且开启了445端口s ...
随机推荐
- 搜狗面试的经典题(C++map按值排序,class struct的差别)
一:起因 (1)java Map排序(key,value).请看还有一篇博客 java Map排序 (2)c++ map排序(key,value),能够对c++ map和java Map进行对照:之 ...
- 《深入理解Android 卷III》第五章 深入理解Android输入系统
<深入理解Android 卷III>即将公布.作者是张大伟.此书填补了深入理解Android Framework卷中的一个主要空白.即Android Framework中和UI相关的部分. ...
- Android_通过Bugtags平台,方便測试人员提交bug及整个bug系统的管理
Bugtags 是什么? Bugtags 是一款缺陷发现及管理工具. 当您的 App 集成了 Bugtags SDK 后,測试人员就可直接在 App 里所见即所得的提交 Bug. SDK 会自己主动截 ...
- 杭电3501Calculation 2 欧拉函数
Calculation 2 Time Limit: 2000/1000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others) To ...
- Android This Activity already has an action bar supplied by the window decor
This Activity already has an action bar supplied by the window decor. Do not request Window.FEATURE_ ...
- 箭头函数普通函数this
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...
- [雅礼NOIP2018集训 day1]
现在才来填坑,之后还要陆续补其他几天的,可能前几天真的太颓了 T1: 题目大意:给定一个长度为n的序列,m次询问每次询问给出l,r,询问区间l到r的元素在模k意义下的最大值 数据范围当然是你暴力写不过 ...
- Nginx访问VM虚拟机CentOS 7系统与本地Windows系统共享目录403
用VMware安装了CentOS7系统,并搭建了Nginx,MySQL,PHP的web项目运行环境,为了方便Windows本地主机进行程序调试把Windows本地项目目录共享到了虚拟机CentOS中的 ...
- 51nod 1096 距离之和最小 思维题,求中位数
题目: 在一条直线上,与两个点距离之和最小的点,是怎样的点? 很容易想到,所求的点在这两个已知点的中间,因为两点之间距离最短. 在一条直线上,与三个点距离之和最小的点,是怎样的点? 由两个点的规律,我 ...
- 【原创】Unable to read TLD "META-INF/c.tld" from JAR file 解决方法
type Exception report message description The server encountered an internal error () that prevented ...