本文简单介绍如何使用Metasploit从文件中读取目标地址,来执行检测。
以检测MS17-010漏洞为例,在设定RHOSTS参数时,可设定目标地址范围和CIDR地址块,设定单个IP的目标也是可以的。
msf > use auxiliary/scanner/smb/smb_ms17_010 msf auxiliary(smb_ms17_010) > show options Module options (auxiliary/scanner/smb/smb_ms17_010): Name Current Setting Required Description ---- --------------- -------- ----------- CHECK_DOPU true yes Check for DOUBLEPULSAR on vulnerable hosts RHOSTS yes The target address range or CIDR identifier RPORT 445 yes The SMB service port (TCP) SMBDomain . no The Windows domain to use for authentication SMBPass no The password for the specified username SMBUser no The username to authenticate as THREADS 1 yes The number of concurrent threads
但如何设定从文件中读取目标地址呢?
其实可以使用file指定读取的目标文件...如下: