Metasploit基本用法

【参考博客地址】

【启动msf】

#msfconsolemsf >

【搜索模块】

msf > search portscan

【使用对应模块】

msf > use scanner/portscan/syn

【查看当前模块的配置参数】

msf auxiliary(hashcollision_dos) > show options   Module options (auxiliary/dos/http/hashcollision_dos):   Name     Current Setting  Required  Description   ----     ---------------  --------  -----------   Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]   RHOST    114.55.4.213     yes       The target address   RLIMIT   50               yes       Number of requests to send   RPORT    80               yes       The target port   TARGET   java             yes       Target to attack (Accepted: PHP, Java)【主意大小写】   URL      /                yes       The request URI   VHOST                     no        HTTP server virtual host

【设置相应参数】

msf auxiliary(mssql_ping) > set RHOSTS 192.168.1.0/24RHOSTS => 192.168.1.0/24msf auxiliary(mssql_ping) > set THREADS 255THREADS => 255

【运行已设置好的模块】

msf auxiliary(mssql_ping) > run

【查看msf的当前工作目录】

root@kali:/root/# msfconsolemsf > pwd[*] exec: pwd/root                           【在哪个目录下启动的msf，msf的工作目录就在哪个目录下】

【查看扫描结果】

msf > services Services========host             port   proto  name             state     info----             ----   -----  ----             -----     ----114.55.4.213     7070   tcp    http             open      Jetty 9.2.z-SNAPSHOT114.55.4.213     8009   tcp    ajp13            open      Apache Jserv Protocol v1.3114.55.4.213     7777   tcp    socks5           open      No authentication; connection failed114.55.4.213     7443   tcp    ssl/http         open      Jetty 9.2.z-SNAPSHOT114.55.4.213     8080   tcp    http             open      Apache Tomcat/Coyote JSP engine 1.1114.55.4.213     8010   tcp    xmpp             open      114.55.4.213     5902   tcp    vnc              open      VNC protocol 3.8114.55.4.213     5901   tcp    vnc              open      VNC protocol 3.8114.55.4.213     5269   tcp    xmpp             open      Wildfire XMPP Client114.55.4.213     5222   tcp    xmpp-client      open      114.55.4.213     4444   tcp    krb524           filtered  114.55.4.213     80     tcp    http             open      Jetty 8.1.3.v20120522114.55.4.213     1521   tcp    oracle-tns       open      Oracle TNS Listener 10.2.0.1.0 for Linux114.55.4.213     1099   tcp    java-rmi         open      Java RMI Registry114.55.4.213     8090   tcp    http             open      Apache Tomcat/Coyote JSP engine 1.1114.55.4.213     22     tcp    ssh              open      OpenSSH 6.4 protocol 2.0114.55.4.213     9090   tcp    http             open      Jetty114.55.4.213     9091   tcp    ssl/http         open      Jetty114.55.4.213     445    tcp    microsoft-ds     filtered  114.55.4.213     3306   tcp    mysql            open      MySQL 5.7.11

【nmap扫描结果xml保存】

nmap -oX Target 192.168.20.0/24         【Target是xml格式的扫描结果】msf > db_import Target                  【导入扫描结果】