信息收集:
auxiliary/sniffer/psnuffle 嗅探抓包
auxiliary/scanner/http/dir_scanner 扫描网站目录
auxiliary/gather/search_email_collector 搜索网站中的E-mail
|
服务扫描及利用模块:
auxiliary/scanner/portscan/syn SYN端口扫描
auxiliary/scanner/portscan/tcp TCP端口扫描
auxiliary/scanner/portscan/xmas TCP
"XMas"端口扫描
auxiliary/scanner/portscan/syn 端口探测
auxiliary/scanner/portscan/ack ACK防火墙扫描
auxiliary/scanner/discovery/arp_sweep 探测网段中存活主机
|
21端口:FTP
auxiliary/scanner/ftp/ftp_version FTP主机扫描
auxiliary/scanner/ftp/anonymos FTP匿名登录
|
22端口:SSH
auxiliary/scanner/ssh/ssh_version SSH服务扫描
auxiliary/scanner/ssh/ssh_login SSH口令猜测
|
23端口:Telnet
auxiliary/scanner/telnet/telnet_version Telnet服务扫描
auxiliary/scanner/telnet/telnet_version Telnet口令猜测
|
25端口:SMTP
auxiliary/scanner/smtp/smtp_version SMTP版本扫描
auxiliary/scanner/smtp/smtp_enum SMTP枚举
|
69端口:TFTP
auxiliary/scanner/tftp/tftpbrute FTP文件扫描
auxiliary/scanner/ftp/anonymous FTP匿名登录
|
139、445端口:SMB
auxiliary/scanner/smb/smb_version 扫描操作系统版本
auxiliary/scanner/smb/smb_lookupsid 扫描组的用户
windows/smb/psexec 用于登录
auxiliary/scanner/smb/smb_login 用于登录
auxiliary/scanner/smb/smb_enumusers 枚举系统上的用户
|
161端口:SNMP
auxiliary/scanner/snmp/snmp_enum 批量检测SNMP
auxiliary/scanner/snmp/snmp_login 扫描SNMP主机
|
1521端口:oracle
auxiliary/scanner/oracle/tnslsnr_version oracle服务扫描
|
1433端口:mssql
auxiliary/scanner/mssql/mssql_ping 扫描开放mssql主机
|
3306端口:mysql
auxiliary/scanner/mysql/mysql_login mysql口令猜测
|
5432端口:postgres
auxiliary/scanner/postgres/postgres_login postgres口令猜测
|
8080端口:tomcat
auxiliary/scanner/http/tomcat_mgr_login tomcat口令猜测
|
漏洞利用:
exploit/linux/samba/chain_reply SAMBA渗透攻击
exploit/windows/oracle/tns_auth_sesskey ORACLe渗透攻击