metasploit---信息收集

最新推荐文章于 2023-06-11 16:58:15 发布

孤君

最新推荐文章于 2023-06-11 16:58:15 发布

阅读量486

点赞数 1

分类专栏： Metasploit笔记

本文链接：https://blog.csdn.net/Wu000999/article/details/83621267

版权

Metasploit笔记专栏收录该内容

15 篇文章 3 订阅

订阅专栏

域名信息收集

msf > whois  域名

用辅助模块收集邮件

msf > use auxiliary/gather/search_email_collector
msf auxiliary(gather/search_email_collector) > show options

Module options (auxiliary/gather/search_email_collector):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   DOMAIN                          yes       The domain name to locate email addresses for
   OUTFILE                         no        A filename to store the generated email list
   SEARCH_BING    true             yes       Enable Bing as a backend search engine
   SEARCH_GOOGLE  true             yes       Enable Google as a backend search engine
   SEARCH_YAHOO   true             yes       Enable Yahoo! as a backend search engine

设置域名

msf auxiliary(gather/search_email_collector) > set  domain xxxxxx
domain => xxxxxx

开始收集

msf auxiliary(gather/search_email_collector) > run

[*] Harvesting emails .....
[*] Searching Google for email addresses from xupt.edu.cn

用辅助模块查看Telnet服务

msf auxiliary(gather/search_email_collector) > use auxiliary/scanner/telnet/telnet_version 
msf auxiliary(scanner/telnet/telnet_version) > show options

Module options (auxiliary/scanner/telnet/telnet_version):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD                   no        The password for the specified username
   RHOSTS                     yes       The target address range or CIDR identifier
   RPORT     23               yes       The target port (TCP)
   THREADS   1                yes       The number of concurrent threads
   TIMEOUT   30               yes       Timeout for the Telnet probe
   USERNAME                   no        The username to authenticate as

设置

msf auxiliary(scanner/telnet/telnet_version) > set RHOSTS 172.19.107.190
RHOSTS => 172.19.107.190
msf auxiliary(scanner/telnet/telnet_version) > run

用辅助模块扫描远程连接 (RDP) 是否可用

msf auxiliary(scanner/rdp/ms12_020_check) > show options 

Module options (auxiliary/scanner/rdp/ms12_020_check):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOSTS                    yes       The target address range or CIDR identifier
   RPORT    3389             yes       Remote port running RDP (TCP)
   THREADS  1                yes       The number of concurrent threads

msf auxiliary(scanner/rdp/ms12_020_check) > set RHOSTS 169.254.190.211
RHOSTS => 169.254.190.211
msf auxiliary(scanner/rdp/ms12_020_check) > run

[*] 169.254.190.211:3389  - 169.254.190.211:3389 - Cannot reliably check exploitability.
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed