admin管理员组文章数量:1660603
其实MSF大部分都用来用ms17_010,其实MSF还有很多功能,比如用他来打打CMS的exp呀,还有对端口的攻击,生成payload,在此,我也记一个笔记,供大家分享。
1.首先基于MSF的资产收集
网络主机收集:
use auxiliary/scanner/discovery/udp_probe
use auxiliary/scanner/discovery/udp_sweep
use auxiliary/scanner/discovery/arp_sweep
use auxiliary/scanner/dns/dns_amp 基于DNS找存活主机,端口为53
use auxiliary/scanner/netbios/nbname 基于nbname找存活主机,端口为137
use auxiliary/scanner/http/title 端口为80
use auxiliary/scanner/portscan/ack
use auxiliary/scanner/portscan/tcp 指定网段探寻端口
use auxiliary/scanner/portscan/syn
use auxiliary/scanner/portscan/ftpbounce
use auxiliary/scanner/portscan/xmas
内网服务收集:
搜寻http服务:use auxiliary/scanner/http/http_version 端口80
搜寻smb服务:use auxiliary/scanner/smb/smb_version 端口445
搜寻ftp服务: use auxiliary/scanner/ftp/ftp_version 端口21
搜寻ssh服务: use auxiliary/scanner/ssh/ssh_version 端口22
搜寻talnet服务: use auxiliary/scanner/telnet/telnet_version 端口23
搜寻mysql服务: use auxiliary/scanner/mysql/mysql_version 端口3306
搜寻db2服务: use auxiliary/scanner/db2/db2_version 端口50000
搜寻rdp服务:use auxiliary/scanner/rdp/rdp_scanner 端口3389
搜寻smtp服务:use auxiliary/scanner/smtp/smtp_version 端口25
2.关于MSF攻击的命令
1.首先关于msf常用的payload
windows:
windows/meterpreter/reverse_tcp
windows/meterpreter/bind_tcp
windows/meterpreter/reverse_hop_http
windows/meterpreter/reverse_http
windows/meterpreter/reverse_http_proxy_pstore
windows/meterpreter/reverse_https
windows/meterpreter/reverse_https_proxy
windows/shell_reverse_tcp
windows/shell_bind_tcp
windows/x64/meterpreter/reverse_tcp
windows/x64/meterpreter/bind_tcp
windows/x64/shell_reverse_tcp
windows
本文标签: MSF
版权声明:本文标题:MSF的利用 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://m.elefans.com/dianzi/1729867895a1215662.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论