| Chapter 6: Owning Metasploit




Download 22,59 Mb.
Pdf ko'rish
bet162/225
Sana14.05.2024
Hajmi22,59 Mb.
#232856
1   ...   158   159   160   161   162   163   164   165   ...   225
Bog'liq
learningkalilinux

176 | Chapter 6: Owning Metasploit

There is an instance of Metasploitable 3 on my network. This is a Windows server, as
opposed to the Linux system we had targeted previously in Metasploitable 2. Because
I know the IP address from a separate scan, I’m going to focus on getting the list of
ports that are open on this system rather than scanning the entire network. To do
this, I’ll use the TCP scan module, shown in 
Example 6-2
. You’ll see from the output
that after using the module, I set the 
RHOSTS
parameter to just a single IP address.
Because it’s expecting a range or a CIDR block, I have appended the 
/32
to indicate
that we are looking at a single IP address. Leaving that off would have worked just as
well, but including it perhaps clarifies that I meant a single host rather than just for‐
getting the end of the range of IP addresses.
Example 6-2. Port scanning using Metasploit module
msf > use auxiliary/scanner/portscan/tcp
msf auxiliary
(
scanner/portscan/tcp
)
> show options
Module options 
(
auxiliary/scanner/portscan/tcp
)
:
Name Current Setting Required Description
---- --------------- -------- -----------
CONCURRENCY
10
yes The number of concurrent ports to check
per host
DELAY
0
yes The delay between connections, per thread,
in milliseconds
JITTER
0
yes The delay jitter factor 
(
maximum value by
which to +/- DELAY
)
in milliseconds.
PORTS 1-10000 yes Ports to scan 
(
e.g. 22-25,80,110-900
)
RHOSTS yes The target address range or CIDR identifier
THREADS
1
yes The number of concurrent threads
TIMEOUT
1000
yes The socket connect timeout in milliseconds
msf auxiliary
(
scanner/portscan/tcp
)

set 
RHOSTS 192.168.86.48/32
RHOSTS
=
> 192.168.86.48/32
msf auxiliary
(
scanner/portscan/tcp
)

set 
THREADS 10
THREADS
=
> 10
msf auxiliary
(
scanner/portscan/tcp
)

set 
CONCURRENCY 20
CONCURRENCY
=
> 20
msf auxiliary
(
scanner/portscan/tcp
)
> run
[
+
]
192.168.86.48: - 192.168.86.48:22 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:135 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:139 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:445 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:1617 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:3000 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:3306 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:3389 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:3700 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:4848 - TCP OPEN

Download 22,59 Mb.
1   ...   158   159   160   161   162   163   164   165   ...   225




Download 22,59 Mb.
Pdf ko'rish