Metasploit的攻击实例讲解----辅助扫描工具
不多说,直接上干货!
怎么弹出来这个呢,连续按两次tab。
msf > use auxiliary/scanner/ Display all 485 possibilities? (y or n) use auxiliary/scanner/acpp/login use auxiliary/scanner/afp/afp_login use auxiliary/scanner/afp/afp_server_info use auxiliary/scanner/backdoor/energizer_duo_detect use auxiliary/scanner/chargen/chargen_probe use auxiliary/scanner/couchdb/couchdb_enum use auxiliary/scanner/couchdb/couchdb_login use auxiliary/scanner/db2/db2_auth use auxiliary/scanner/db2/db2_version use auxiliary/scanner/db2/discovery use auxiliary/scanner/dcerpc/endpoint_mapper use auxiliary/scanner/dcerpc/hidden use auxiliary/scanner/dcerpc/management use auxiliary/scanner/dcerpc/tcp_dcerpc_auditor use auxiliary/scanner/dcerpc/windows_deployment_services use auxiliary/scanner/dect/call_scanner use auxiliary/scanner/dect/station_scanner use auxiliary/scanner/discovery/arp_sweep use auxiliary/scanner/discovery/empty_udp use auxiliary/scanner/discovery/ipv6_multicast_ping use auxiliary/scanner/discovery/ipv6_neighbor use auxiliary/scanner/discovery/ipv6_neighbor_router_advertisement use auxiliary/scanner/discovery/udp_probe use auxiliary/scanner/discovery/udp_sweep use auxiliary/scanner/dlsw/dlsw_leak_capture use auxiliary/scanner/dns/dns_amp use auxiliary/scanner/elasticsearch/indices_enum use auxiliary/scanner/emc/alphastor_devicemanager use auxiliary/scanner/emc/alphastor_librarymanager use auxiliary/scanner/finger/finger_users use auxiliary/scanner/ftp/anonymous use auxiliary/scanner/ftp/bison_ftp_traversal use auxiliary/scanner/ftp/colorado_ftp_traversal use auxiliary/scanner/ftp/ftp_login use auxiliary/scanner/ftp/ftp_version use auxiliary/scanner/ftp/konica_ftp_traversal use auxiliary/scanner/ftp/pcman_ftp_traversal use auxiliary/scanner/ftp/titanftp_xcrc_traversal use auxiliary/scanner/h323/h323_version use auxiliary/scanner/http/a10networks_ax_directory_traversal use auxiliary/scanner/http/accellion_fta_statecode_file_read use auxiliary/scanner/http/adobe_xml_inject use auxiliary/scanner/http/allegro_rompager_misfortune_cookie use auxiliary/scanner/http/apache_activemq_source_disclosure use auxiliary/scanner/http/apache_activemq_traversal use auxiliary/scanner/http/apache_mod_cgi_bash_env use auxiliary/scanner/http/apache_userdir_enum use auxiliary/scanner/http/appletv_login use auxiliary/scanner/http/atlassian_crowd_fileaccess use auxiliary/scanner/http/axis_local_file_include use auxiliary/scanner/http/axis_login use auxiliary/scanner/http/backup_file use auxiliary/scanner/http/barracuda_directory_traversal use auxiliary/scanner/http/bitweaver_overlay_type_traversal use auxiliary/scanner/http/blind_sql_query use auxiliary/scanner/http/bmc_trackit_passwd_reset use auxiliary/scanner/http/brute_dirs use auxiliary/scanner/http/buffalo_login use auxiliary/scanner/http/caidao_bruteforce_login use auxiliary/scanner/http/canon_wireless use auxiliary/scanner/http/cert use auxiliary/scanner/http/chef_webui_login use auxiliary/scanner/http/chromecast_webserver use auxiliary/scanner/http/cisco_asa_asdm use auxiliary/scanner/http/cisco_device_manager use auxiliary/scanner/http/cisco_ios_auth_bypass use auxiliary/scanner/http/cisco_ironport_enum use auxiliary/scanner/http/cisco_nac_manager_traversal use auxiliary/scanner/http/cisco_ssl_vpn use auxiliary/scanner/http/cisco_ssl_vpn_priv_esc use auxiliary/scanner/http/clansphere_traversal use auxiliary/scanner/http/coldfusion_locale_traversal use auxiliary/scanner/http/coldfusion_version use auxiliary/scanner/http/concrete5_member_list use auxiliary/scanner/http/copy_of_file use auxiliary/scanner/http/crawler use auxiliary/scanner/http/dell_idrac use auxiliary/scanner/http/dir_listing use auxiliary/scanner/http/dir_scanner use auxiliary/scanner/http/dir_webdav_unicode_bypass use auxiliary/scanner/http/dlink_dir_300_615_http_login use auxiliary/scanner/http/dlink_dir_615h_http_login use auxiliary/scanner/http/dlink_dir_session_cgi_http_login use auxiliary/scanner/http/dlink_user_agent_backdoor use auxiliary/scanner/http/dolibarr_login use auxiliary/scanner/http/drupal_views_user_enum use auxiliary/scanner/http/ektron_cms400net use auxiliary/scanner/http/elasticsearch_traversal use auxiliary/scanner/http/enum_wayback use auxiliary/scanner/http/error_sql_injection use auxiliary/scanner/http/etherpad_duo_login use auxiliary/scanner/http/f5_bigip_virtual_server use auxiliary/scanner/http/f5_mgmt_scanner use auxiliary/scanner/http/file_same_name_dir use auxiliary/scanner/http/files_dir use auxiliary/scanner/http/frontpage_login use auxiliary/scanner/http/git_scanner use auxiliary/scanner/http/gitlab_login use auxiliary/scanner/http/gitlab_user_enum use auxiliary/scanner/http/glassfish_login use auxiliary/scanner/http/goahead_traversal use auxiliary/scanner/http/groupwise_agents_http_traversal use auxiliary/scanner/http/host_header_injection use auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal use auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal use auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal use auxiliary/scanner/http/hp_imc_reportimgservlt_traversal use auxiliary/scanner/http/hp_imc_som_file_download use auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess use auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration use auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess use auxiliary/scanner/http/hp_sys_mgmt_login use auxiliary/scanner/http/http_header use auxiliary/scanner/http/http_hsts use auxiliary/scanner/http/http_login use auxiliary/scanner/http/http_put use auxiliary/scanner/http/http_traversal use auxiliary/scanner/http/http_version use auxiliary/scanner/http/httpbl_lookup use auxiliary/scanner/http/iis_internal_ip use auxiliary/scanner/http/influxdb_enum use auxiliary/scanner/http/infovista_enum use auxiliary/scanner/http/ipboard_login use auxiliary/scanner/http/jboss_status use auxiliary/scanner/http/jboss_vulnscan use auxiliary/scanner/http/jenkins_command use auxiliary/scanner/http/jenkins_enum use auxiliary/scanner/http/jenkins_login use auxiliary/scanner/http/joomla_bruteforce_login use auxiliary/scanner/http/joomla_ecommercewd_sqli_scanner use auxiliary/scanner/http/joomla_gallerywd_sqli_scanner use auxiliary/scanner/http/joomla_pages use auxiliary/scanner/http/joomla_plugins use auxiliary/scanner/http/joomla_version use auxiliary/scanner/http/linknat_vos_traversal use auxiliary/scanner/http/linksys_e1500_traversal use auxiliary/scanner/http/litespeed_source_disclosure use auxiliary/scanner/http/lucky_punch use auxiliary/scanner/http/majordomo2_directory_traversal use auxiliary/scanner/http/manageengine_desktop_central_login use auxiliary/scanner/http/manageengine_deviceexpert_traversal use auxiliary/scanner/http/manageengine_deviceexpert_user_creds use auxiliary/scanner/http/manageengine_securitymanager_traversal use auxiliary/scanner/http/mediawiki_svg_fileaccess use auxiliary/scanner/http/mod_negotiation_brute use auxiliary/scanner/http/mod_negotiation_scanner use auxiliary/scanner/http/ms09_020_webdav_unicode_bypass use auxiliary/scanner/http/ms15_034_http_sys_memory_dump use auxiliary/scanner/http/mybook_live_login use auxiliary/scanner/http/netdecision_traversal use auxiliary/scanner/http/netgear_sph200d_traversal use auxiliary/scanner/http/nginx_source_disclosure use auxiliary/scanner/http/novell_file_reporter_fsfui_fileaccess use auxiliary/scanner/http/novell_file_reporter_srs_fileaccess use auxiliary/scanner/http/novell_mdm_creds use auxiliary/scanner/http/ntlm_info_enumeration use auxiliary/scanner/http/octopusdeploy_login use auxiliary/scanner/http/open_proxy use auxiliary/scanner/http/openmind_messageos_login use auxiliary/scanner/http/options use auxiliary/scanner/http/oracle_demantra_database_credentials_leak use auxiliary/scanner/http/oracle_demantra_file_retrieval use auxiliary/scanner/http/oracle_ilom_login use auxiliary/scanner/http/owa_ews_login use auxiliary/scanner/http/owa_iis_internal_ip use auxiliary/scanner/http/owa_login use auxiliary/scanner/http/pocketpad_login use auxiliary/scanner/http/prev_dir_same_name_file use auxiliary/scanner/http/radware_appdirector_enum use auxiliary/scanner/http/rails_json_yaml_scanner use auxiliary/scanner/http/rails_mass_assignment use auxiliary/scanner/http/rails_xml_yaml_scanner use auxiliary/scanner/http/replace_ext use auxiliary/scanner/http/rewrite_proxy_bypass use auxiliary/scanner/http/rfcode_reader_enum use auxiliary/scanner/http/rips_traversal use auxiliary/scanner/http/robots_txt use auxiliary/scanner/http/s40_traversal use auxiliary/scanner/http/sap_businessobjects_user_brute use auxiliary/scanner/http/sap_businessobjects_user_brute_web use auxiliary/scanner/http/sap_businessobjects_user_enum use auxiliary/scanner/http/sap_businessobjects_version_enum use auxiliary/scanner/http/scraper use auxiliary/scanner/http/sentry_cdu_enum use auxiliary/scanner/http/servicedesk_plus_traversal use auxiliary/scanner/http/sevone_enum use auxiliary/scanner/http/simple_webserver_traversal use auxiliary/scanner/http/smt_ipmi_49152_exposure use auxiliary/scanner/http/smt_ipmi_cgi_scanner use auxiliary/scanner/http/smt_ipmi_static_cert_scanner use auxiliary/scanner/http/smt_ipmi_url_redirect_traversal use auxiliary/scanner/http/soap_xml use auxiliary/scanner/http/sockso_traversal use auxiliary/scanner/http/splunk_web_login use auxiliary/scanner/http/squid_pivot_scanning use auxiliary/scanner/http/squiz_matrix_user_enum use auxiliary/scanner/http/ssl use auxiliary/scanner/http/ssl_version use auxiliary/scanner/http/support_center_plus_directory_traversal use auxiliary/scanner/http/svn_scanner use auxiliary/scanner/http/svn_wcdb_scanner use auxiliary/scanner/http/sybase_easerver_traversal use auxiliary/scanner/http/symantec_brightmail_ldapcreds use auxiliary/scanner/http/symantec_brightmail_logfile use auxiliary/scanner/http/symantec_web_gateway_login use auxiliary/scanner/http/titan_ftp_admin_pwd use auxiliary/scanner/http/title use auxiliary/scanner/http/tomcat_enum use auxiliary/scanner/http/tomcat_mgr_login use auxiliary/scanner/http/tplink_traversal_noauth use auxiliary/scanner/http/trace use auxiliary/scanner/http/trace_axd use auxiliary/scanner/http/typo3_bruteforce use auxiliary/scanner/http/vcms_login use auxiliary/scanner/http/verb_auth_bypass use auxiliary/scanner/http/vhost_scanner use auxiliary/scanner/http/wangkongbao_traversal use auxiliary/scanner/http/web_vulndb use auxiliary/scanner/http/webdav_internal_ip use auxiliary/scanner/http/webdav_scanner use auxiliary/scanner/http/webdav_website_content use auxiliary/scanner/http/webpagetest_traversal use auxiliary/scanner/http/wildfly_traversal use auxiliary/scanner/http/wordpress_cp_calendar_sqli use auxiliary/scanner/http/wordpress_ghost_scanner use auxiliary/scanner/http/wordpress_login_enum use auxiliary/scanner/http/wordpress_multicall_creds use auxiliary/scanner/http/wordpress_pingback_access use auxiliary/scanner/http/wordpress_scanner use auxiliary/scanner/http/wordpress_xmlrpc_login use auxiliary/scanner/http/wp_contus_video_gallery_sqli use auxiliary/scanner/http/wp_dukapress_file_read use auxiliary/scanner/http/wp_gimedia_library_file_read use auxiliary/scanner/http/wp_mobile_pack_info_disclosure use auxiliary/scanner/http/wp_mobileedition_file_read use auxiliary/scanner/http/wp_nextgen_galley_file_read use auxiliary/scanner/http/wp_simple_backup_file_read use auxiliary/scanner/http/wp_subscribe_comments_file_read use auxiliary/scanner/http/xpath use auxiliary/scanner/http/yaws_traversal use auxiliary/scanner/http/zabbix_login use auxiliary/scanner/http/zenworks_assetmanagement_fileaccess use auxiliary/scanner/http/zenworks_assetmanagement_getconfig use auxiliary/scanner/ike/cisco_ike_benigncertain use auxiliary/scanner/imap/imap_version use auxiliary/scanner/ip/ipidseq use auxiliary/scanner/ipmi/ipmi_cipher_zero use auxiliary/scanner/ipmi/ipmi_dumphashes use auxiliary/scanner/ipmi/ipmi_version use auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum use auxiliary/scanner/kademlia/server_info use auxiliary/scanner/llmnr/query use auxiliary/scanner/lotus/lotus_domino_hashes use auxiliary/scanner/lotus/lotus_domino_login use auxiliary/scanner/lotus/lotus_domino_version use auxiliary/scanner/mdns/query use auxiliary/scanner/misc/cctv_dvr_login use auxiliary/scanner/misc/clamav_control use auxiliary/scanner/misc/dahua_dvr_auth_bypass use auxiliary/scanner/misc/dvr_config_disclosure use auxiliary/scanner/misc/easycafe_server_fileaccess use auxiliary/scanner/misc/ib_service_mgr_info use auxiliary/scanner/misc/java_rmi_server use auxiliary/scanner/misc/oki_scanner use auxiliary/scanner/misc/poisonivy_control_scanner use auxiliary/scanner/misc/raysharp_dvr_passwords use auxiliary/scanner/misc/rosewill_rxs3211_passwords use auxiliary/scanner/misc/sercomm_backdoor_scanner use auxiliary/scanner/misc/sunrpc_portmapper use auxiliary/scanner/misc/zenworks_preboot_fileaccess use auxiliary/scanner/mongodb/mongodb_login use auxiliary/scanner/motorola/timbuktu_udp use auxiliary/scanner/msf/msf_rpc_login use auxiliary/scanner/msf/msf_web_login use auxiliary/scanner/mssql/mssql_hashdump use auxiliary/scanner/mssql/mssql_login use auxiliary/scanner/mssql/mssql_ping use auxiliary/scanner/mssql/mssql_schemadump use auxiliary/scanner/mysql/mysql_authbypass_hashdump use auxiliary/scanner/mysql/mysql_file_enum use auxiliary/scanner/mysql/mysql_hashdump use auxiliary/scanner/mysql/mysql_login use auxiliary/scanner/mysql/mysql_schemadump use auxiliary/scanner/mysql/mysql_version use auxiliary/scanner/mysql/mysql_writable_dirs use auxiliary/scanner/natpmp/natpmp_portscan use auxiliary/scanner/nessus/nessus_ntp_login use auxiliary/scanner/nessus/nessus_rest_login use auxiliary/scanner/nessus/nessus_xmlrpc_login use auxiliary/scanner/nessus/nessus_xmlrpc_ping use auxiliary/scanner/netbios/nbname use auxiliary/scanner/nexpose/nexpose_api_login use auxiliary/scanner/nfs/nfsmount use auxiliary/scanner/ntp/ntp_monlist use auxiliary/scanner/ntp/ntp_nak_to_the_future use auxiliary/scanner/ntp/ntp_peer_list_dos use auxiliary/scanner/ntp/ntp_peer_list_sum_dos use auxiliary/scanner/ntp/ntp_readvar use auxiliary/scanner/ntp/ntp_req_nonce_dos use auxiliary/scanner/ntp/ntp_reslist_dos use auxiliary/scanner/ntp/ntp_unsettrap_dos use auxiliary/scanner/openvas/openvas_gsad_login use auxiliary/scanner/openvas/openvas_omp_login use auxiliary/scanner/openvas/openvas_otp_login use auxiliary/scanner/oracle/emc_sid use auxiliary/scanner/oracle/isqlplus_login use auxiliary/scanner/oracle/isqlplus_sidbrute use auxiliary/scanner/oracle/oracle_hashdump use auxiliary/scanner/oracle/oracle_login use auxiliary/scanner/oracle/sid_brute use auxiliary/scanner/oracle/sid_enum use auxiliary/scanner/oracle/spy_sid use auxiliary/scanner/oracle/tnslsnr_version use auxiliary/scanner/oracle/tnspoison_checker use auxiliary/scanner/oracle/xdb_sid use auxiliary/scanner/oracle/xdb_sid_brute use auxiliary/scanner/pcanywhere/pcanywhere_login use auxiliary/scanner/pcanywhere/pcanywhere_tcp use auxiliary/scanner/pcanywhere/pcanywhere_udp use auxiliary/scanner/pop3/pop3_login use auxiliary/scanner/pop3/pop3_version use auxiliary/scanner/portmap/portmap_amp use auxiliary/scanner/portscan/ack use auxiliary/scanner/portscan/ftpbounce use auxiliary/scanner/portscan/syn use auxiliary/scanner/portscan/tcp use auxiliary/scanner/portscan/xmas use auxiliary/scanner/postgres/postgres_dbname_flag_injection use auxiliary/scanner/postgres/postgres_hashdump use auxiliary/scanner/postgres/postgres_login use auxiliary/scanner/postgres/postgres_schemadump use auxiliary/scanner/postgres/postgres_version use auxiliary/scanner/printer/canon_iradv_pwd_extract use auxiliary/scanner/printer/printer_delete_file use auxiliary/scanner/printer/printer_download_file use auxiliary/scanner/printer/printer_env_vars use auxiliary/scanner/printer/printer_list_dir use auxiliary/scanner/printer/printer_list_volumes use auxiliary/scanner/printer/printer_ready_message use auxiliary/scanner/printer/printer_upload_file use auxiliary/scanner/printer/printer_version_info use auxiliary/scanner/quake/server_info use auxiliary/scanner/rdp/ms12_020_check use auxiliary/scanner/redis/file_upload use auxiliary/scanner/redis/redis_login use auxiliary/scanner/redis/redis_server use auxiliary/scanner/rogue/rogue_recv use auxiliary/scanner/rogue/rogue_send use auxiliary/scanner/rservices/rexec_login use auxiliary/scanner/rservices/rlogin_login use auxiliary/scanner/rservices/rsh_login use auxiliary/scanner/rsync/modules_list use auxiliary/scanner/sap/sap_ctc_verb_tampering_user_mgmt use auxiliary/scanner/sap/sap_hostctrl_getcomputersystem use auxiliary/scanner/sap/sap_icf_public_info use auxiliary/scanner/sap/sap_icm_urlscan use auxiliary/scanner/sap/sap_mgmt_con_abaplog use auxiliary/scanner/sap/sap_mgmt_con_brute_login use auxiliary/scanner/sap/sap_mgmt_con_extractusers use auxiliary/scanner/sap/sap_mgmt_con_getaccesspoints use auxiliary/scanner/sap/sap_mgmt_con_getenv use auxiliary/scanner/sap/sap_mgmt_con_getlogfiles use auxiliary/scanner/sap/sap_mgmt_con_getprocesslist use auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter use auxiliary/scanner/sap/sap_mgmt_con_instanceproperties use auxiliary/scanner/sap/sap_mgmt_con_listlogfiles use auxiliary/scanner/sap/sap_mgmt_con_startprofile use auxiliary/scanner/sap/sap_mgmt_con_version use auxiliary/scanner/sap/sap_router_info_request use auxiliary/scanner/sap/sap_router_portscanner use auxiliary/scanner/sap/sap_service_discovery use auxiliary/scanner/sap/sap_smb_relay use auxiliary/scanner/sap/sap_soap_bapi_user_create1 use auxiliary/scanner/sap/sap_soap_rfc_brute_login use auxiliary/scanner/sap/sap_soap_rfc_dbmcli_sxpg_call_system_command_exec use auxiliary/scanner/sap/sap_soap_rfc_dbmcli_sxpg_command_exec use auxiliary/scanner/sap/sap_soap_rfc_eps_get_directory_listing use auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence use auxiliary/scanner/sap/sap_soap_rfc_ping use auxiliary/scanner/sap/sap_soap_rfc_read_table use auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir use auxiliary/scanner/sap/sap_soap_rfc_susr_rfc_user_interface use auxiliary/scanner/sap/sap_soap_rfc_sxpg_call_system_exec use auxiliary/scanner/sap/sap_soap_rfc_sxpg_command_exec use auxiliary/scanner/sap/sap_soap_rfc_system_info use auxiliary/scanner/sap/sap_soap_th_saprel_disclosure use auxiliary/scanner/sap/sap_web_gui_brute_login use auxiliary/scanner/scada/digi_addp_reboot use auxiliary/scanner/scada/digi_addp_version use auxiliary/scanner/scada/digi_realport_serialport_scan use auxiliary/scanner/scada/digi_realport_version use auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess use auxiliary/scanner/scada/koyo_login use auxiliary/scanner/scada/modbus_findunitid use auxiliary/scanner/scada/modbusclient use auxiliary/scanner/scada/modbusdetect use auxiliary/scanner/scada/profinet_siemens use auxiliary/scanner/scada/sielco_winlog_fileaccess use auxiliary/scanner/sip/enumerator use auxiliary/scanner/sip/enumerator_tcp use auxiliary/scanner/sip/options use auxiliary/scanner/sip/options_tcp use auxiliary/scanner/sip/sipdroid_ext_enum use auxiliary/scanner/smb/pipe_auditor use auxiliary/scanner/smb/pipe_dcerpc_auditor use auxiliary/scanner/smb/psexec_loggedin_users use auxiliary/scanner/smb/smb2 use auxiliary/scanner/smb/smb_enum_gpp use auxiliary/scanner/smb/smb_enumshares use auxiliary/scanner/smb/smb_enumusers use auxiliary/scanner/smb/smb_enumusers_domain use auxiliary/scanner/smb/smb_login use auxiliary/scanner/smb/smb_lookupsid use auxiliary/scanner/smb/smb_uninit_cred use auxiliary/scanner/smb/smb_version use auxiliary/scanner/smtp/smtp_enum use auxiliary/scanner/smtp/smtp_ntlm_domain use auxiliary/scanner/smtp/smtp_relay use auxiliary/scanner/smtp/smtp_version use auxiliary/scanner/snmp/aix_version use auxiliary/scanner/snmp/arris_dg950 use auxiliary/scanner/snmp/brocade_enumhash use auxiliary/scanner/snmp/cisco_config_tftp use auxiliary/scanner/snmp/cisco_upload_file use auxiliary/scanner/snmp/netopia_enum use auxiliary/scanner/snmp/sbg6580_enum use auxiliary/scanner/snmp/snmp_enum use auxiliary/scanner/snmp/snmp_enum_hp_laserjet use auxiliary/scanner/snmp/snmp_enumshares use auxiliary/scanner/snmp/snmp_enumusers use auxiliary/scanner/snmp/snmp_login use auxiliary/scanner/snmp/snmp_set use auxiliary/scanner/snmp/ubee_ddw3611 use auxiliary/scanner/snmp/xerox_workcentre_enumusers use auxiliary/scanner/ssh/apache_karaf_command_execution use auxiliary/scanner/ssh/cerberus_sftp_enumusers use auxiliary/scanner/ssh/detect_kippo use auxiliary/scanner/ssh/fortinet_backdoor use auxiliary/scanner/ssh/juniper_backdoor use auxiliary/scanner/ssh/karaf_login use auxiliary/scanner/ssh/ssh_enumusers use auxiliary/scanner/ssh/ssh_identify_pubkeys use auxiliary/scanner/ssh/ssh_login use auxiliary/scanner/ssh/ssh_login_pubkey use auxiliary/scanner/ssh/ssh_version use auxiliary/scanner/ssl/openssl_ccs use auxiliary/scanner/ssl/openssl_heartbleed use auxiliary/scanner/steam/server_info use auxiliary/scanner/telephony/wardial use auxiliary/scanner/telnet/brocade_enable_login use auxiliary/scanner/telnet/lantronix_telnet_password use auxiliary/scanner/telnet/lantronix_telnet_version use auxiliary/scanner/telnet/telnet_encrypt_overflow use auxiliary/scanner/telnet/telnet_login use auxiliary/scanner/telnet/telnet_ruggedcom use auxiliary/scanner/telnet/telnet_version use auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp use auxiliary/scanner/tftp/netdecision_tftp use auxiliary/scanner/tftp/tftpbrute use auxiliary/scanner/udp/udp_amplification use auxiliary/scanner/udp_scanner_template use auxiliary/scanner/upnp/ssdp_amp use auxiliary/scanner/upnp/ssdp_msearch use auxiliary/scanner/vmware/esx_fingerprint use auxiliary/scanner/vmware/vmauthd_login use auxiliary/scanner/vmware/vmauthd_version use auxiliary/scanner/vmware/vmware_enum_permissions use auxiliary/scanner/vmware/vmware_enum_sessions use auxiliary/scanner/vmware/vmware_enum_users use auxiliary/scanner/vmware/vmware_enum_vms use auxiliary/scanner/vmware/vmware_host_details use auxiliary/scanner/vmware/vmware_http_login use auxiliary/scanner/vmware/vmware_screenshot_stealer use auxiliary/scanner/vmware/vmware_server_dir_trav use auxiliary/scanner/vmware/vmware_update_manager_traversal use auxiliary/scanner/vnc/vnc_login use auxiliary/scanner/vnc/vnc_none_auth use auxiliary/scanner/voice/recorder use auxiliary/scanner/vxworks/wdbrpc_bootline use auxiliary/scanner/vxworks/wdbrpc_version use auxiliary/scanner/winrm/winrm_auth_methods use auxiliary/scanner/winrm/winrm_cmd use auxiliary/scanner/winrm/winrm_login use auxiliary/scanner/winrm/winrm_wql use auxiliary/scanner/x11/open_x11 msf > use auxiliary/scanner/
use auxiliary/scanner/portscan/syn
受害机器ip是192.168.1.103
这里,选择好模块后,如果我们只需要扫描一台机器的话,则直接写一个ip既可。
msf > set RHOSTS 192.168.1.0/24 即扫描整个网段的机器。
msf > set RHOSTS 192.168.1.103 即扫描这一台机器(受害机器)。
设置好远程机器(受害机器)的ip和线程数。
use auxiliary/scanner/smb/smb_version
受害机器ip是192.168.1.103
设置好远程机器(受害机器)的ip和线程数。
use auxiliary/scanner/ftp/ftp_login
受害机器ip是192.168.1.103
一般,对于这样的登录扫描的话,则会有一个字典参数。
use auxiliary/scanner/mssql/mssql_login
受害机器ip是192.168.1.106
设置好远程机器(受害机器)的ip和线程数、用户字典。
这个字典,可以包括单独的用户字典,也可以是用户和密码的字典。一般要用到字典的话,则就需要我们自己先生成一个。如下(另外开一个窗口)
比如,我们在/etc下(这里,用到密码字典)
use auxiliary/scanner/mysql/mysql_hashdump
受害机器ip是192.168.1.106
这里,作为攻击者,是随便输入用户名和密码。压根不知道受害机器上SQL Server的用户名和密码。(当然作为测试,其实,它那边的用户名和密码均为sa)
即,可以提取到受害机器的SQL Server上的所有用户名和密码。前面是用户名,后面是加密的密码,hash值。
那,得到这样的hash值密码,该怎么破解呢?教大家!
http://www.cmd5.com/
作者:大数据和人工智能躺过的坑
出处:http://www.cnblogs.com/zlslch/
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文链接,否则保留追究法律责任的权利。
如果您认为这篇文章还不错或者有所收获,您可以通过右边的“打赏”功能 打赏我一杯咖啡【物质支持】,也可以点击右下角的【好文要顶】按钮【精神支持】,因为这两种支持都是我继续写作,分享的最大动力!
