msf > search portscan
Matching Modules
================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- auxiliary/scanner/http/wordpress_pingback_access normal Wordpress Pingback Locator auxiliary/scanner/natpmp/natpmp_portscan normal NAT-PMP External Port Scanner auxiliary/scanner/portscan/ack normal TCP ACK Firewall Scanner auxiliary/scanner/portscan/ftpbounce normal FTP Bounce Port Scanner auxiliary/scanner/portscan/syn normal TCP SYN Port Scanner auxiliary/scanner/portscan/tcp normal TCP Port Scanner auxiliary/scanner/portscan/xmas normal TCP "XMas" Port Scanner auxiliary/scanner/sap/sap_router_portscanner normal SAPRouter Port Scanner
常见网络服务
ssh口令猜测
msf > use auxiliary/scanner/ssh/ssh_login
msf auxiliary(ssh_login) > show options
Module options (auxiliary/scanner/ssh/ssh_login):
Name Current Setting Required Description
---- --------------- -------- -----------
BLANK_PASSWORDS false no Try blank passwords for all users
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from0to5
DB_ALL_CREDS false no Try each user/password couple stored inthe current database
DB_ALL_PASS false no Add all passwords inthe current database tothe list
DB_ALL_USERS false no Add all users inthe current database tothe list
PASSWORD no A specific password to authenticate with
PASS_FILE no File containing passwords, one per line
RHOSTS yes The target address range or CIDR identifier
RPORT 22 yes The target port
STOP_ON_SUCCESS false yes Stop guessing when a credential works fora host
THREADS 1 yes The numberof concurrent threads
USERNAME no A specific username to authenticate as
USERPASS_FILE no File containing users and passwords separated byspace, one pair per line
USER_AS_PASS false no Try the username asthe password for all users
USER_FILE no File containing usernames, one per line
VERBOSE false yes Whether to print output for all attempts