当前位置:网站首页>Intranet information collection of Intranet penetration (4)
Intranet information collection of Intranet penetration (4)
2022-07-06 14:17:00 【Unknown white hat】
Catalog
Metasploit Intranet information collection
12 Service scanning and checking
Metasploit Intranet information collection
attack kali 192.168.0.103
Drone aircraft win7 192.168.0.105
09scraper
run scraper( Collect the common information on the target machine, download and save it locally )
/root/.msf4/logs/scripts/scraper
09winenum
run winenum( Collect some current systems , User group related information )
/root/.msf4/logs/scripts/winenum
10msf The host found
The module is located in the source code path modules/auxiliary/scanner/discovery/
There are mainly :
arp_sweep
ipv6_mulitcast_ping
ipv6_neighbor
ipv6_neighbor_router_advertisement
udp_probe
udp_sweep
11msf Port scanning
msf> search portscan
auxiliary/scanner/portscan/ack // adopt ACK Scan the way on the firewall is not shielded port detection
auxiliary/scanner/portscan/ftpbounce // adopt FTP bounce The principle of attack is right TCP Services , Some new software can prevent this attack well , But it can still be used on the old system
auxiliary/scanner/portscan/syn // Use send TCP SYN Flag to detect open ports
auxiliary/scanner/portscan/tcp // Through a complete TCP Connect to determine whether the port is open , The most accurate but the slowest
auxiliary/scanner/portscan/xmas // A more secretive scanning method , By sending FIN·PSH·URG sign , Can avoid some advanced TCP Filtering of tag detector
In general, it is recommended to use syn Port scanner · Faster · The results are accurate · Not easy to be noticed by the other party
syn The use of scanners
use auxiliary/scanner/portscan/syn
set rhosts 192.168.0.105/24
set threads 20
exploit
12 Service scanning and checking
After determining the open port , Mining the service information running on the corresponding port
stay Metasploit Of Scanner In auxiliary module , Tools for service scanning and enumeration are often used in [service_name]_version and [service_name]_login name
[service_name]_version It can be used to traverse hosts that contain certain services in the network , And further determine the version of the service
[service_name]_login Password detection attacks can be carried out on certain services
stay msf The terminal can input
search name:_version
View all available service enumeration modules
边栏推荐
- [MySQL table structure and integrity constraint modification (Alter)]
- What language should I learn from zero foundation. Suggestions
- "Gold, silver and four" job hopping needs to be cautious. Can an article solve the interview?
- Attach the simplified sample database to the SQLSERVER database instance
- Canvas foundation 1 - draw a straight line (easy to understand)
- 2022华中杯数学建模思路
- Nuxtjs quick start (nuxt2)
- 网络基础之路由详解
- 7-7 7003 组合锁(PTA程序设计)
- 7-15 h0161. 求最大公约数和最小公倍数(PTA程序设计)
猜你喜欢
Internet Management (Information Collection)
Low income from doing we media? 90% of people make mistakes in these three points
captcha-killer验证码识别插件
HackMyvm靶机系列(3)-visions
Hackmyvm target series (5) -warez
xray與burp聯動 挖掘
Hackmyvm target series (3) -visions
Strengthen basic learning records
Experiment 6 inheritance and polymorphism
Meituan dynamic thread pool practice ideas, open source
随机推荐
Network layer - simple ARP disconnection
Experiment 9 input and output stream (excerpt)
7-7 7003 combination lock (PTA program design)
【MySQL数据库的学习】
强化学习基础记录
JDBC事务、批处理以及连接池(超详细)
Matlab opens M file garbled solution
Yugu p1012 spelling +p1019 word Solitaire (string)
7-3 construction hash table (PTA program design)
【头歌educoder数据表中数据的插入、修改和删除】
. How to upload XMIND files to Jinshan document sharing online editing?
小程序web抓包-fiddler
[VMware abnormal problems] problem analysis & Solutions
Mixlab unbounded community white paper officially released
网络基础详解
Strengthen basic learning records
记一次edu,SQL注入实战
Record a penetration of the cat shed from outside to inside. Library operation extraction flag
7-7 7003 组合锁(PTA程序设计)
Experiment 7 use of common classes (correction post)