سلام عليكم
كيفكم شباب
يوم شرح بسيط
ومهم جدا
اي بورت مفتوح يظهر
تابعو شرح
ندخل الى ميتاسبلوت
اقتباس:
bt ~ # cd /pentest/exploits/framework3/
bt framework3 # msfconsole
_ _ _ _
| | | | (_) |
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ _| |_
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
| | | | | | __/ || (_| \__ \ |_) | | (_) | | |_
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
| |
|_|
=¦ msf v3.2-testing
+ -- --=¦ 294 exploits - 124 payloads
+ -- --=¦ 17 encoders - 6 nops
=¦ 58 aux
msf >
نكتب
show auxiliary
:z03:
اقتباس:
msf > show auxiliary
Auxiliary
=========
Name Description
---- -----------
admin/backupexec/dump Veritas Backup Exec Windows Remote File Access
admin/backupexec/registry Veritas Backup Exec Server Registry Access
admin/cisco/ios_http_auth_bypass Cisco IOS HTTP Unauthorized Administrative Access
admin/emc/alphastor_devicemanager_exec EMC AlphaStor Device Manager Arbitrary Command Execution
admin/emc/alphastor_librarymanager_exec EMC AlphaStor Library Manager Arbitrary Command Execution
admin/maxdb/maxdb_cons_exec SAP MaxDB cons.exe Remote Command Injection
admin/motorola/wr850g_cred Motorola WR850G v4.03 Credentials
admin/ms/ms08_059_his2006 Microsoft Host Integration Server 2006 Command Execution Vulnerability.
admin/pop2/uw_fileretrieval UoW pop2d Remote File Retrieval Vulnerability
admin/serverprotect/file TrendMicro ServerProtect File Access
admin/webmin/file_disclosure Webmin file disclosure
dos/cisco/ios_http_percentpercent Cisco IOS HTTP GET /%% request Denial of Service
dos/freebsd/nfsd/nfsd_mount FreeBSD Remote NFS RPC Request Denial of Service
dos/ftp/guildftp_cwdlist Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
dos/ftp/titan626_site Titan FTP Server 6.26.630 SITE WHO DoS
dos/ftp/vicftps50_list Victory FTP Server 5.0 LIST DoS
dos/ftp/xmeasy560_nlst XM Easy Personal FTP Server 5.6.0 NLST DoS
dos/http/webrick_regex Ruby WEBrick::HTTP::DefaultFileHandler DoS
dos/samba/lsa_addprivs_heap Samba lsa_io_privilege_set Heap Overflow
dos/samba/lsa_transnames_heap Samba lsa_io_trans_names Heap Overflow
dos/solaris/lpd/cascade_delete Solaris LPD Arbitrary File Delete
dos/tftp/pt360_write PacketTrap TFTP Server 2.2.5459.0 DoS
dos/windows/appian/appian_bpm Appian Enterprise Business Suite 5.6 SP1 DoS
dos/windows/ftp/winftp230_nlst WinFTP 2.3.0 NLST Denial of Service
dos/windows/nat/nat_helper Microsoft Windows NAT Helper Denial of Service
dos/windows/smb/ms05_047_pnp Microsoft Plug and Play Service Registry Overflow
dos/windows/smb/ms06_035_mailslot Microsoft SRV.SYS Mailslot Write Corruption
dos/windows/smb/ms06_063_trans Microsoft SRV.SYS Pipe Transaction No Null
dos/windows/smb/rras_vls_null_deref Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference
dos/windows/smtp/ms06_019_exchange MS06-019 Exchange MODPROP Heap Overflow
dos/wireless/cts_rts_flood Wireless CTS/RTS Flooder
dos/wireless/daringphucball Apple Airport 802.11 Probe Response Kernel Memory Corruption
dos/wireless/deauth Wireless DEAUTH Flooder
dos/wireless/fakeap Wireless Fake Access Point Beacon Flood
dos/wireless/file2air Wireless Frame (File) Injector
dos/wireless/fuzz_beacon Wireless Beacon Frame Fuzzer
dos/wireless/fuzz_proberesp Wireless Probe Response Frame Fuzzer
dos/wireless/netgear_ma521_rates NetGear MA521 Wireless Driver Long Rates Overflow
dos/wireless/netgear_wg311pci NetGear WG311v1 Wireless Driver Long SSID Overflow
dos/wireless/probe_resp_null_ssid Multiple Wireless Vendor NULL SSID Probe Response
dos/wireless/wifun Wireless Test Module
dos/wireshark/ldap Wireshark LDAP dissector DOS
scanner/dcerpc/endpoint_mapper Endpoint Mapper Service Discovery
scanner/dcerpc/hidden Hidden DCERPC Service Discovery
scanner/dcerpc/management Remote Management Interface Discovery
scanner/discovery/sweep_udp UDP Service Sweeper
scanner/emc/alphastor_devicemanager EMC AlphaStor Device Manager Service.
scanner/emc/alphastor_librarymanager EMC AlphaStor Library Manager Service.
scanner/ftp/anonymous Anonymous FTP Access Detection
scanner/http/frontpage FrontPage Server Extensions Detection
scanner/http/frontpage_login FrontPage Server Extensions Login Utility
scanner/http/lucky_punch HTTP Microsoft SQL Injection Table XSS Infection
scanner/http/version HTTP Version Detection
scanner/http/wmap_backup_file HTTP Backup File Scanner
scanner/http/wmap_blind_sql_query HTTP Blind SQL Injection GET QUERY Scanner
scanner/http/wmap_brute_dirs HTTP Directory Brute Force Scanner
scanner/http/wmap_dir_listing HTTP Directory Listing Scanner
scanner/http/wmap_dir_scanner HTTP Directory Scanner
scanner/http/wmap_files_dir HTTP Interesting File Scanner
scanner/http/wmap_replace_ext HTTP File Extension Scanner
scanner/http/wmap_sqlmap SQLMAP SQL Injection External Module
scanner/http/wmap_ssl_vhost HTTP SSL Certificate VHOST Detection
scanner/http/wmap_vhost_scanner HTTP Virtual Host Brute Force Scanner
scanner/http/writable HTTP Writable Path PUT/DELETE File Access
scanner/misc/ib_service_mgr_info Borland InterBase Services Manager Information
scanner/mssql/mssql_login MSSQL Login Utility
scanner/mssql/mssql_ping MSSQL Ping Utility
scanner/portscan/tcp TCP Port Scanner
scanner/smb/ms08_067_netapi Microsoft Server Service MS08-067 Patch Scanner
scanner/smb/pipe_auditor SMB Session Pipe Auditor
scanner/smb/pipe_dcerpc_auditor SMB Session Pipe DCERPC Auditor
scanner/smb/version SMB Version Detection
scanner/vnc/vnc_none_auth VNC Authentication None Detection
scanner/x11/open_x11 X11 No-Auth Scanner
server/browser_autopwn HTTP Client Automatic Exploiter
server/capture/ftp Authentication Capture: FTP
server/capture/http Authentication Capture: HTTP
server/capture/imap Authentication Capture: IMAP
server/capture/pop3 Authentication Capture: POP3
server/capture/smb Authentication Capture: SMB
server/capture/smtp Authentication Capture: SMTP
...
spoof/dns/bailiwicked_host DNS BailiWicked Host Attack
spoof/dns/compare_results DNS Lookup Result Comparison
test/capture Simple Network Capture Tester
test/ip_spoof Simple IP Spoofing Tester
test/recon_passive Simple Recon Module Tester
test/scanner_batch Simple Recon Module Tester
test/scanner_host Simple Recon Module Tester
test/scanner_range Simple Recon Module Tester
voip/sip_invite_spoof SIP Invite Spoof
اقتباس:
msf > use scanner/portscan/tcp
msf auxiliary(tcp) > set RHOSTS 192.168.1.63
RHOSTS => 192.168.1.63
msf auxiliary(tcp) > run
¦*¦ TCP OPEN 192.168.1.63:135
¦*¦ TCP OPEN 192.168.1.63:139
¦*¦ TCP OPEN 192.168.1.63:445
¦*¦ Auxiliary module execution completed
بورتات مفتوحة 135.139.445:ndm:
:z05:
شرح واضح
ياجماعة تعبت في موضوع لاتخرج من موضوع بدون رد
:z08:
:ndm: