1. DCRRPC kita gunakan untuk melihat bentuk layanan apa saja yang tersedia di berbagai server ,
msf auxiliary(endpoint_mapper)
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS yes The target address range or CIDR identifier
RPORT 135 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(endpoint_mapper)
RHOSTS => 173.236.56.106-120
msf auxiliary(endpoint_mapper)
THREADS => 55
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
...[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Scanned 07 of 15 hosts (046% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Scanned 10 of 15 hosts (066% complete)
[*] Scanned 13 of 15 hosts (086% complete)
[*] Could not connect to the endpoint mapper service
[*] Scanned 14 of 15 hosts (093% complete)
[*] Could not connect to the endpoint mapper service
[*] Scanned 15 of 15 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(endpoint_mapper)
msf auxiliary(hidden) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS yes The target address range or CIDR identifier
THREADS 1 yes The number of concurrent threads
msf auxiliary(hidden) > set RHOSTS 173.236.56.106-120
RHOSTS => 173.236.56.106-120
msf auxiliary(hidden) > set THREADS 55
THREADS => 55
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
...[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Connecting to the endpoint mapper service...
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.114
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.115
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.113
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.116
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.117
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.118
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.106
[*] Could not contact the endpoint mapper on 173.236.56.107
[*] Scanned 07 of 15 hosts (046% complete)
[*] Scanned 08 of 15 hosts (053% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.108
[*] Scanned 09 of 15 hosts (060% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.109
[*] Scanned 10 of 15 hosts (066% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.110
[*] Could not contact the endpoint mapper on 173.236.56.111
[*] Scanned 11 of 15 hosts (073% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.112
[*] Scanned 12 of 15 hosts (080% complete)
[*] Scanned 13 of 15 hosts (086% complete)
[*] Could not connect to the endpoint mapper service
[*] Could not connect to the endpoint mapper service
[*] Could not contact the endpoint mapper on 173.236.56.119
[*] Could not contact the endpoint mapper on 173.236.56.120
[*] Scanned 14 of 15 hosts (093% complete)
[*] Scanned 15 of 15 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(hidden) >
msf auxiliary(management) > set RHOSTS 173.236.56.106-120
RHOSTS => 173.236.56.106-120
msf auxiliary(management) > set THREADS 55
THREADS => 55
msf auxiliary(management) > run
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.113:135).
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.114:13...5).
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.116:135).
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.115:135).
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.118:135).
[*] Remote Management Interface Error: The connection was refused by the remote host (173.236.56.117:135).
[*] Remote Management Interface Error: The connection timed out (173.236.56.106:135).
[*] Scanned 07 of 15 hosts (046% complete)
[*] Remote Management Interface Error: The connection timed out (173.236.56.107:135).
[*] Scanned 08 of 15 hosts (053% complete)
[*] Remote Management Interface Error: The connection timed out (173.236.56.108:135).
[*] Scanned 09 of 15 hosts (060% complete)
[*] Remote Management Interface Error: The connection timed out (173.236.56.109:135).
[*] Remote Management Interface Error: The connection timed out (173.236.56.110:135).
[*] Scanned 10 of 15 hosts (066% complete)
[*] Scanned 11 of 15 hosts (073% complete)
[*] Remote Management Interface Error: The connection timed out (173.236.56.112:135).
[*] Remote Management Interface Error: The connection timed out (173.236.56.111:135).
[*] Scanned 13 of 15 hosts (086% complete)
[*] Remote Management Interface Error: The connection timed out (173.236.56.120:135).
[*] Remote Management Interface Error: The connection timed out (173.236.56.119:135).
[*] Scanned 15 of 15 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(management) >
kita lihat tidak ada kan fasilitas remote drcp di server.....
bila ada kita bisa melakukan audit lho dengan metode seperti ini:
msf > use auxiliary/scanner/dcerpc/t
msf auxiliary(tcp_dcerpc_audit
RHOSTS => 173.236.56.106-120
msf auxiliary(tcp_dcerpc_audit
THREADS => 55
...msf auxiliary(tcp_dcerpc_audit
The connection was refused by the remote host (173.236.56.114:135).
The connection was refused by the remote host (173.236.56.113:135).
The connection was refused by the remote host (173.236.56.117:135).
The connection was refused by the remote host (173.236.56.115:135).
The connection was refused by the remote host (173.236.56.116:135).
The connection was refused by the remote host (173.236.56.118:135).
The connection timed out (173.236.56.107:135).
The connection timed out (173.236.56.106:135).
[*] Scanned 08 of 15 hosts (053% complete)
The connection timed out (173.236.56.108:135).
[*] Scanned 09 of 15 hosts (060% complete)
The connection timed out (173.236.56.109:135).
[*] Scanned 10 of 15 hosts (066% complete)
The connection timed out (173.236.56.110:135).
[*] Scanned 11 of 15 hosts (073% complete)
The connection timed out (173.236.56.111:135).
[*] Scanned 12 of 15 hosts (080% complete)
The connection timed out (173.236.56.112:135).
[*] Scanned 13 of 15 hosts (086% complete)
The connection timed out (173.236.56.119:135).
[*] Scanned 14 of 15 hosts (093% complete)
The connection timed out (173.236.56.120:135).
[*] Scanned 15 of 15 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(tcp_dcerpc_audit
kita lanjutkan ke scanning Discovery...
msf > use auxiliary/scanner/discover
msf auxiliary(arp_sweep) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
INTERFACE no The name of the interface
PCAPFILE no The name of the PCAP capture file to process
RHOSTS yes The target address range or CIDR identifier
SHOST yes Source IP Address
SMAC yes Source MAC Address
THREADS 1 yes The number of concurrent threads
TIMEOUT 500 yes The number of seconds to wait for new data
msf auxiliary(arp_sweep) > set RHOSTS 180.246.53.204-255
RHOSTS => 180.246.53.204-255
msf auxiliary(arp_sweep) > set SHOST 180.246.53.203
SHOST => 180.246.53.203
msf auxiliary(arp_sweep) > set SMAC 6c:f0:49:86:40:e6
SMAC => 6c:f0:49:86:40:e6
msf auxiliary(arp_sweep) > set THREADS 55
THREADS => 55
msf auxiliary(arp_sweep) > run
[*] The Pcaprub module is not available: no such file to load -- pcaprub
[-] Auxiliary failed: RuntimeError Pcaprub not available
[-] Call stack:
[-] /opt/framework-3.5.1/msf3/
[-] /opt/framework-3.5.1/msf3/
[-] /opt/framework-3.5.1/msf3/
[*] Auxiliary module execution completed
msf auxiliary(arp_sweep) >
Untuk IPv6 jg sama nie.. caranya..
use auxiliary/scanner/discover
msf auxiliary(udp_probe) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
CHOST no The local client address
RHOSTS yes The target address range or CIDR identifier
THREADS 1 yes The number of concurrent threads
VERBOSE false no Enable verbose output
msf auxiliary(udp_probe) > set RHOSTS msf > use auxiliary/scanner/discover
RHOSTS => msf > use auxiliary/scanner/discover
msf auxiliary(udp_probe) > set RHOSTS 180.246.53.203-205
RHOSTS => 180.246.53.203-205
msf auxiliary(udp_probe) > set THREADS 253
THREADS => 253
msf auxiliary(udp_probe) > run
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Scanned 1 of 3 hosts (033% complete)
[*] Scanned 2 of 3 hosts (066% complete)
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(udp_probe) >
msf auxiliary(udp_probe) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
CHOST no The local client address
RHOSTS yes The target address range or CIDR identifier
THREADS 1 yes The number of concurrent threads
VERBOSE false no Enable verbose output
msf auxiliary(udp_probe) > set RHOSTS msf > use auxiliary/scanner/discover
RHOSTS => msf > use auxiliary/scanner/discover
msf auxiliary(udp_probe) > set RHOSTS 180.246.53.203-205
RHOSTS => 180.246.53.203-205
msf auxiliary(udp_probe) > set THREADS 253
THREADS => 253
msf auxiliary(udp_probe) > run
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Scanned 1 of 3 hosts (033% complete)
[*] Scanned 2 of 3 hosts (066% complete)
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(udp_probe) > back
msf > set RHOSTS msf > use auxiliary/scanner/discover
RHOSTS => msf > use auxiliary/scanner/discover
msf > use auxiliary/scanner/discover
msf auxiliary(udp_sweep) > set RHOSTS 180.246.53.203-205
RHOSTS => 180.246.53.203-205
msf auxiliary(udp_sweep) > set THREADS 253
THREADS => 253
msf auxiliary(udp_sweep) > run
[*] Sending 10 probes to 180.246.53.203->180.246.53
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Discovered SNMP on 180.246.53.203:161 (TD-8817)
[*] Discovered DNS on 192.168.1.1:53 (d18c850000010000000100000
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(udp_sweep) >
msf auxiliary(anonymous) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
FTPPASS mozilla@example.com no The password for the specified username
FTPUSER anonymous no The username to authenticate as
RHOSTS msf > use auxiliary/scanner/discover
RPORT 21 yes The target port
THREADS 1 yes The number of concurrent threads
msf auxiliary(anonymous) > set RHOSTS 180.246.53.203-205
RHOSTS => 180.246.53.203-205
msf auxiliary(anonymous) > set THREADS 55
THREADS => 55
msf auxiliary(anonymous) > run
[*] Scanned 1 of 3 hosts (033% complete)
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(anonymous) >
RHOSTS => 180.246.53.203-205
msf auxiliary(ftp_version) > set THREADS 55
THREADS => 55
msf auxiliary(ftp_version) > run
...
[*] 180.246.53.203:21 FTP Banner: '220 TP-LINK FTP version 1.0 ready at Tue Mar 22 16:45:27 2011\x0d\x0a'
[*] Scanned 1 of 3 hosts (033% complete)
[*] Scanned 2 of 3 hosts (066% complete)
[*] Scanned 3 of 3 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ftp_version) >
http/cert - http/dir_listing - http/dir_scanner - http/dir_webdav_unicode_by
msf > use auxiliary/scanner/http/cer
msf auxiliary(cert) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
ISSUER .* yes Show a warning if the Issuer doesn't match this regex
RHOSTS msf > use auxiliary/scanner/discover
RPORT 443 yes The target port
SHOWALL false no Show all certificates (issuer,time) regardless of match
THREADS 1 yes The number of concurrent threads
msf auxiliary(cert) > set RHOSTS 173.236.56.106
RHOSTS => 173.236.56.106
msf auxiliary(cert) > set THREADS 254
THREADS => 254
kita lihat berapa server yang satu jaringan .....
kita lakukan run
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(cert) > set RHOSTS 173.236.56.106/24
...RHOSTS => 173.236.56.106/24
msf auxiliary(cert) > set THREADS 254
THREADS => 254
msf auxiliary(cert) > run
[*] 173.236.56.11 - 'madelynsclassicbedding.co
[*] 173.236.56.13 - 'www.vvskivvys.com' : 'Mon Nov 08 00:00:00 UTC 2010' - 'Tue Nov 15 23:59:59 UTC 2011'
[*] 173.236.56.14 - 'www.tagshopstuff.com' : 'Wed Dec 15 00:00:00 UTC 2010' - 'Fri Dec 30 23:59:59 UTC 2011'
[*] 173.236.56.74 - 'xiaomenkou.info' : 'Tue Nov 16 18:24:20 UTC 2010' - 'Sat Nov 19 07:01:24 UTC 2011'
[*] 173.236.56.12 - 'www.hummul.com' : 'Wed Sep 15 00:00:00 UTC 2010' - 'Wed Sep 21 23:59:59 UTC 2011'
[*] 173.236.56.77 - 'vps.funkymunks.com' : 'Tue Oct 12 12:53:11 UTC 2010' - 'Wed Oct 12 12:53:11 UTC 2011'
[*] 173.236.56.188 - 'lum-tec.com' : 'Fri Mar 11 00:37:28 UTC 2011' - 'Sat Mar 10 03:04:49 UTC 2012'
[*] 173.236.56.246 - 'server.rnweb.com.br' : 'Mon Jul 12 12:55:06 UTC 2010' - 'Tue Jul 12 12:55:06 UTC 2011'
[*] 173.236.56.245 - 'server.rnweb.com.br' : 'Mon Jul 12 12:55:06 UTC 2010' - 'Tue Jul 12 12:55:06 UTC 2011'
[*] 173.236.56.108 - 'www.myclientzone.co.uk' : 'Thu Nov 04 00:00:00 UTC 2010' - 'Fri Nov 04 23:59:59 UTC 2011'
[*] 173.236.56.174 - 'tweople.com' : 'Fri Jan 07 20:39:26 UTC 2011' - 'Sat Jan 07 20:39:26 UTC 2012'
[*] 173.236.56.171 - 'www.yakkingheads.com' : 'Mon Sep 20 22:47:23 UTC 2010' - 'Tue Sep 20 21:59:06 UTC 2011'
[*] 173.236.56.76 - 'www.gospelreggae.com' : 'Fri Jan 21 05:29:38 UTC 2011' - 'Fri Jul 08 00:48:44 UTC 2011'
[+] 173.236.56.173 - 'tinywebpeople.com' : 'Fri Mar 12 18:57:11 UTC 2010' - 'Sat Mar 12 18:57:11 UTC 2011' (EXPIRED)'
[*] 173.236.56.98 - 'www.candlelightsolutions.c
[*] 173.236.56.150 - 'jghelectronicsstore.com' : 'Sat Aug 28 14:28:53 UTC 2010' - 'Wed Aug 31 07:39:04 UTC 2011'
[*] 173.236.56.244 - 'server.rnweb.com.br' : 'Mon Jul 12 12:55:06 UTC 2010' - 'Tue Jul 12 12:55:06 UTC 2011'
[+] 173.236.56.203 - 'www.postclicks.net' : 'Thu Feb 25 00:00:00 UTC 2010' - 'Sat Feb 26 23:59:59 UTC 2011' (EXPIRED)'
[*] 173.236.56.172 - 'yourvideopartner.com' : 'Fri Jan 07 20:49:23 UTC 2011' - 'Sat Jan 07 20:49:23 UTC 2012'
[*] 173.236.56.130 - 'www.countrybabyproducts.co
[*] 173.236.56.187 - 'wiegandwatches.net' : 'Tue Feb 22 06:54:28 UTC 2011' - 'Wed Feb 22 03:30:28 UTC 2012'
[*] 173.236.56.250 - 'www.musiccomputing.com' : 'Tue Oct 19 06:13:00 UTC 2010' - 'Wed Oct 19 06:13:00 UTC 2011'
[*] 173.236.56.75 - 'vps.openscope.net' : 'Thu Sep 30 18:46:23 UTC 2010' - 'Fri Sep 30 18:46:23 UTC 2011'
[*] 173.236.56.243 - 'server.rnweb.com.br' : 'Mon Jul 12 12:55:06 UTC 2010' - 'Tue Jul 12 12:55:06 UTC 2011'
[*] 173.236.56.78 - 'vps.sellmyretro.com' : 'Wed Oct 13 12:59:52 UTC 2010' - 'Thu Oct 13 12:59:52 UTC 2011'
[*] Scanned 158 of 256 hosts (061% complete)
[*] Scanned 185 of 256 hosts (072% complete)
[*] Scanned 192 of 256 hosts (075% complete)
[*] Scanned 193 of 256 hosts (075% complete)
[*] Scanned 197 of 256 hosts (076% complete)
[*] Scanned 213 of 256 hosts (083% complete)
[*] Scanned 214 of 256 hosts (083% complete)
[*] Scanned 215 of 256 hosts (083% complete)
[*] Scanned 232 of 256 hosts (090% complete)
[*] 173.236.56.242 - 'server.rnweb.com.br' : 'Mon Jul 12 12:55:06 UTC 2010' - 'Tue Jul 12 12:55:06 UTC 2011'
[*] 173.236.56.251 - 'descontos.tur.br' : 'Tue Mar 15 04:13:41 UTC 2011' - 'Thu Mar 15 04:13:41 UTC 2012'
[*] Scanned 256 of 256 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(cert) > ping madelynsclassicbedding.com
[*] exec: ping madelynsclassicbedding.com
PING madelynsclassicbedding.com
64 bytes from madelynsclassicbedding.com
64 bytes from madelynsclassicbedding.com
64 bytes from madelynsclassicbedding.com
64 bytes from madelynsclassicbedding.com
^CInterrupt: use the 'exit' command to quit
msf auxiliary(cert) >
msf auxiliary(dir_listing) > show options
Module options:
... Name Current Setting Required Description
---- --------------- -------- -----------
PATH / yes The path to identify directoy listing
Proxies no Use a proxy chain
RHOSTS msf > use auxiliary/scanner/discover
RPORT 80 yes The target port
THREADS 1 yes The number of concurrent threads
VHOST no HTTP server virtual host
msf auxiliary(dir_listing) > set RHOSTS 173.236.56.106/24
RHOSTS => 173.236.56.106/24
msf auxiliary(dir_listing) > set THREADS 55
THREADS => 55
msf auxiliary(dir_listing) > run
[*] Found Directory Listing http://173.236.56.3:80/
[*] NOT Vulnerable to directory listing http://173.236.56.27:80/
[*] NOT Vulnerable to directory listing http://173.236.56.28:80/
[*] NOT Vulnerable to directory listing http://173.236.56.29:80/
[*] NOT Vulnerable to directory listing http://173.236.56.26:80/
[*] NOT Vulnerable to directory listing http://173.236.56.30:80/
[*] NOT Vulnerable to directory listing http://173.236.56.46:80/
[*] Scanned 030 of 256 hosts (011% complete)
[*] NOT Vulnerable to directory listing http://173.236.56.66:80/
[*] NOT Vulnerable to directory listing http://173.236.56.67:80/
[*] NOT Vulnerable to directory listing http://173.236.56.68:80/
[*] NOT Vulnerable to directory listing http://173.236.56.70:80/
[*] Scanned 064 of 256 hosts (025% complete)
[*] NOT Vulnerable to directory listing http://173.236.56.69:80/
[*] NOT Vulnerable to directory listing http://173.236.56.74:80/
[*] NOT Vulnerable to directory listing http://173.236.56.84:80/
[*] NOT Vulnerable to directory listing http://173.236.56.82:80/
[*] NOT Vulnerable to directory listing http://173.236.56.90:80/
[*] NOT Vulnerable to directory listing http://173.236.56.93:80/
[*] NOT Vulnerable to directory listing http://173.236.56.86:80/
[*] NOT Vulnerable to directory listing http://173.236.56.94:80/
[*] NOT Vulnerable to directory listing http://173.236.56.108:80/
[*] Scanned 109 of 256 hosts (042% complete)
[*] Found Directory Listing http://173.236.56.125:80/
[*] NOT Vulnerable to directory listing http://173.236.56.148:80/
[*] Found Directory Listing http://173.236.56.149:80/
[*] Scanned 143 of 256 hosts (055% complete)
[*] NOT Vulnerable to directory listing http://173.236.56.171:80/
[*] NOT Vulnerable to directory listing http://173.236.56.173:80/
[*] NOT Vulnerable to directory listing http://173.236.56.174:80/
[*] NOT Vulnerable to directory listing http://173.236.56.165:80/
[*] Scanned 196 of 256 hosts (076% complete)
[*] NOT Vulnerable to directory listing http://173.236.56.203:80/
[*] NOT Vulnerable to directory listing http://173.236.56.218:80/
»
Hack
» Pelajaran terakhir dari metasploit adalah scanner !!!
Pelajaran terakhir dari metasploit adalah scanner !!!
msf > use auxiliary/scanner/dcerpc/e ndpoint_mapper > show options > set RHOSTS 173.236.56.106-120 > set THREADS 55
msf auxiliary(endpoint_mapper) > run >
msf > use auxiliary/scanner/dcerpc/h idden
msf auxiliary(hidden) > run
1.c Kita cek yuk apakah ada fasilitas remote DRPC ?
msf > use auxiliary/scanner/discover y/udp_probe y/udp_probe y/udp_probe
msf > use auxiliary/scanner/discover y/udp_probe y/udp_probe y/udp_probe y/udp_sweep y/udp_sweep y/udp_sweep .205 (3 hosts) 756455253494f4e0442494e440 000100003c00c0006000300015 1800023c00c0a686f73746d617 3746572c00c000000000000708 000001c2000093a8000015180)
msf > use auxiliary/scanner/ftp/anon ymous y/udp_sweep yes The target address range or CIDR identifier
msf auxiliary(ftp_version) > set RHOSTS 180.246.53.203-205
msf auxiliary(cert) > run m' : 'Wed Dec 22 00:00:00 UTC 2010' - 'Thu Dec 22 23:59:59 UTC 2011' om' : 'Wed Apr 07 00:51:25 UTC 2010' - 'Sat Apr 09 04:04:36 UTC 2011' m' : 'Wed May 19 18:34:58 UTC 2010' - 'Sun May 22 11:06:15 UTC 2011' (173.236.56.11) 56(84) bytes of data. (173.236.56.11): icmp_req=1 ttl=44 time=388 ms (173.236.56.11): icmp_req=2 ttl=44 time=310 ms (173.236.56.11): icmp_req=3 ttl=44 time=315 ms (173.236.56.11): icmp_req=4 ttl=44 time=310 ms
msf > use auxiliary/scanner/http/dir _listing y/udp_sweep yes The target address range or CIDR identifier
is DONE !!
Silahkan Tulis Komentar Anda ...