zoukankan      html  css  js  c++  java
  • Matasploit主机扫描 之 使用辅助模块进行端口扫描

    使用辅助模块进行端口扫描

    root@kali:~# msfconsole #进入msf
    
    ...
    
    msf5 > search portscan #搜索有哪些可用端口模块
    
    Matching Modules
    ================
    
       #  Name                                              Disclosure Date  Rank    Check  Description
       -  ----                                              ---------------  ----    -----  -----------
       0  auxiliary/scanner/http/wordpress_pingback_access                   normal  No     Wordpress Pingback Locator
       1  auxiliary/scanner/natpmp/natpmp_portscan                           normal  No     NAT-PMP External Port Scanner
       2  auxiliary/scanner/portscan/ack                                     normal  No     TCP ACK Firewall Scanner
       3  auxiliary/scanner/portscan/ftpbounce                               normal  No     FTP Bounce Port Scanner
       4  auxiliary/scanner/portscan/syn                                     normal  No     TCP SYN Port Scanner
       5  auxiliary/scanner/portscan/tcp                                     normal  No     TCP Port Scanner
       6  auxiliary/scanner/portscan/xmas                                    normal  No     TCP "XMas" Port Scanner
       7  auxiliary/scanner/sap/sap_router_portscanner                       normal  No     SAPRouter Port Scanner
    
    msf5 > use auxiliary/scanner/portscan/tcp #以TCP扫描模块为例,输入use即可使用该漏洞利用模块
    msf5 auxiliary(scanner/portscan/tcp) > show options     #查看需要设置的参数                                       
                                                                                                   
    Module options (auxiliary/scanner/portscan/tcp):                                               
                                                                                                   
       Name         Current Setting  Required  Description
       ----         ---------------  --------  -----------
       CONCURRENCY  10               yes       The number of concurrent ports to check per host
       DELAY        0                yes       The delay between connections, per thread, in milliseconds
       JITTER       0                yes       The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.
       PORTS        1-10000          yes       Ports to scan (e.g. 22-25,80,110-900)
       RHOSTS                        yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
       THREADS      1                yes       The number of concurrent threads (max one per host)
       TIMEOUT      1000             yes       The socket connect timeout in milliseconds
    
    msf5 auxiliary(scanner/portscan/tcp) > set RHOST 192.168.43.101 #set/unset命令 设置/取消参数值设置
    RHOST => 192.168.43.101
    msf5 auxiliary(scanner/portscan/tcp) > set PORTS 1-1000
    PORTS => 1-1000
    msf5 auxiliary(scanner/portscan/tcp) > set THREADS 20
    THREADS => 20
    msf5 auxiliary(scanner/portscan/tcp) > show options
    
    Module options (auxiliary/scanner/portscan/tcp):
    
       Name         Current Setting  Required  Description
       ----         ---------------  --------  -----------
       CONCURRENCY  10               yes       The number of concurrent ports to check per host
       DELAY        0                yes       The delay between connections, per thread, in milliseconds
       JITTER       0                yes       The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.
       PORTS        1-1000           yes       Ports to scan (e.g. 22-25,80,110-900)
       RHOSTS       192.168.43.101   yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
       THREADS      20               yes       The number of concurrent threads (max one per host)
       TIMEOUT      1000             yes       The socket connect timeout in milliseconds
    
    sf5 auxiliary(scanner/portscan/tcp) > run #运行,可以看到,目标机上开放了139和135两个端口
    [+] 192.168.43.101:       - 192.168.43.101:139 - TCP OPEN
    [+] 192.168.43.101:       - 192.168.43.101:135 - TCP OPEN
    [*] 192.168.43.101:       - Scanned 1 of 1 hosts (100% complete)
    [*] Auxiliary module execution completed
  • 相关阅读:
    iOS开发开辟线程总结--NSThread
    iOS开发GCD的简单使用
    iOS开发本地通知
    iOS开发JOSNModel<optional>,<convertondemand>,<index>
    开发iOS百度地图大头针可以重复点击
    iOS开发跳转指定页面
    iOS开发解决 jsonModel 属性跟系统的重复
    检测是否IE浏览器
    String.prototype运用
    C#读写XML
  • 原文地址:https://www.cnblogs.com/zhengna/p/12856305.html
Copyright © 2011-2022 走看看