记录一下msf的学习使用
刚刚用Metasploit Pro scan了一下云端服务器。RHOST直接输IP就好。
SRE实战 互联网时代守护先锋,助力企业售后服务体系运筹帷幄!一键直达领取阿里云限量特价优惠。
得到反馈如下:
[*] [2019.04.04-14:27:35] Scan initiated: Speed: 5, Max: 300m (Portscanning) (UDP probes) (Finger enumeration) (H.323 probes) [+] [2019.04.04-14:27:35] Workspace:default Progress:1/177 (0%) Sweeping 10.0.165.30 with Nmap4 probes [*] [2019.04.04-14:27:35] Scanning 1 hosts... [*] [2019.04.04-14:27:51] Nmap Command (data:/opt/metasploit/common/share/nmap): /opt/metasploit/common/bin/nmap -sS -T5 -PP -PE -PM -PI -PA20,53,80,113,443,5060,10043 --host-timeout=300m -O --max-rtt-timeout=3000ms --initial-rtt-timeout=1000ms --min-rtt-timeout=1000ms --max-retries=2 --stats-every 10s --traceroute --min-hostgroup=64 -PS1,7,9,13,19,21-23,25,37,42,49,53,69-70,79-81,85,88,105,109-111,113,119,123,135,137-139,143,161,179,222,264,384,389,402,407,443-446,465,500,502,512-515,523-524,540,548,554,587,617,623,631,655,689,705,771,783,831,873,888,902,910,912,921,993,995,998-1000,1024-1025,1030,1035,1090,1098-1103,1128-1129,1158,1199,1211,1220,1234,1241,1300,1311,1352,1414,1433-1435,1440,1471,1494,1521,1530,1533,1581-1582,1604,1720,1723,1743,1755,1811,1883,1900,2000-2001,2049,2067,2100,2103,2121,2199,2207,2222,2323,2362,2375,2379-2381,2404,2480,2525,2533,2598,2638,2809-2810,2947,2967,2990,3000-3001,3037,3050,3057,3128,3181,3200,3217,3273,3299,3306,3310,3333,3389,3460,3465,3500,3628,3632,3690,3702,3780,3790,3817,3900,4000,4070,4322,4433,4444-4445,4592,4659,4672,4679,4750,4786,4800,4848,5000,5009,5038,5040,5051,5060-5061,5093,5168,5180,5227,5247,5250,5351,5353,5355,5400,5405,5432-5433,5466,5498,5520-5521,5554-5555,5560,5580,5631-5632,5666,5800,5814,5858,5900-5910,5920,5984-5986,5999-6000,6050,6060,6066,6070,6080,6082,6101,6106,6112,6161,6262,6379,6405,6502-6504,6542,6660-6661,6667,6789,6905,6988,6996,7000-7001,7021,7071,7080,7144,7181,7210,7272,7414,7426,7443,7510,7547,7579-7580,7700,7770,7777-7778,7787,7800-7801,7878-7879,7890,7902,8000-8001,8008,8014,8020,8023,8028,8030,8050-8051,8080-8082,8085-8088,8090-8091,8095,8101,8161,8180-8181,8205,8222,8300,8303,8333,8400,8443-8445,8500,8503,8642,8686,8701,8787,8800,8812,8834,8880,8883,8888-8890,8899,8901-8903,8980,8999-9005,9010,9050,9080-9081,9084,9090,9099-9100,9111,9124,9152,9200,9251,9256,9300,9390-9391,9495,9500,9711,9788,9809-9815,9855,9875-9876,9910,9991,9999-10001,10008,10050-10051,10080,10098-10099,10162,10202-10203,10333,10443,10616,10628,11000-11001,11099,11211,11234,11333,11460,12000,12174,12203,12221,12345,12397,12401,13003,13013,13364,13500,13579,13838,14000,14330,15000-15001,15200,16000,16102,16992,17185,17200,18881,18980,19300,19810,20000,20010,20031,20034,20101,20111,20171,20222,20256,22006,22222,23423,23472,23791,23943,25000,25025,25672,26000,26122,26256,27000,27015,27017,27888,27960,28222,28784,30000,30718,31001,31099,32022,32764,32913,33000,34205,34443,37718,37777,38080,38292,40007,41025,41080,41523-41524,44334,44818,45230,46823-46824,47001-47002,48080,48899,49152,50000-50004,50013,50050,50500-50504,52302,52869,53413,54345,55552-55554,57772,62078,62514,65535 --min-rate=500 -PU40830 -iL /tmp/nmap20190404-355-oh4ldn -p1,7,9,13,19,21-23,25,37,42,49,53,69-70,79-81,85,88,105,109-111,113,119,123,135,137-139,143,161,179,222,264,384,389,402,407,443-446,465,500,502,512-515,523-524,540,548,554,587,617,623,631,655,689,705,771,783,831,873,888,902,910,912,921,993,995,998-1000,1024-1025,1030,1035,1090,1098-1103,1128-1129,1158,1199,1211,1220,1234,1241,1300,1311,1352,1414,1433-1435,1440,1471,1494,1521,1530,1533,1581-1582,1604,1720,1723,1743,1755,1811,1883,1900,2000-2001,2049,2067,2100,2103,2121,2199,2207,2222,2323,2362,2375,2379-2381,2404,2480,2525,2533,2598,2638,2809-2810,2947,2967,2990,3000-3001,3037,3050,3057,3128,3181,3200,3217,3273,3299,3306,3310,3333,3389,3460,3465,3500,3628,3632,3690,3702,3780,3790,3817,3900,4000,4070,4322,4433,4444-4445,4592,4659,4672,4679,4750,4786,4800,4848,5000,5009,5038,5040,5051,5060-5061,5093,5168,5180,5227,5247,5250,5351,5353,5355,5400,5405,5432-5433,5466,5498,5520-5521,5554-5555,5560,5580,5631-5632,5666,5800,5814,5858,5900-5910,5920,5984-5986,5999-6000,6050,6060,6066,6070,6080,6082,6101,6106,6112,6161,6262,6379,6405,6502-6504,6542,6660-6661,6667,6789,6905,6988,6996,7000-7001,7021,7071,7080,7144,7181,7210,7272,7414,7426,7443,7510,7547,7579-7580,7700,7770,7777-7778,7787,7800-7801,7878-7879,7890,7902,8000-8001,8008,8014,8020,8023,8028,8030,8050-8051,8080-8082,8085-8088,8090-8091,8095,8101,8161,8180-8181,8205,8222,8300,8303,8333,8400,8443-8445,8500,8503,8642,8686,8701,8787,8800,8812,8834,8880,8883,8888-8890,8899,8901-8903,8980,8999-9005,9010,9050,9080-9081,9084,9090,9099-9100,9111,9124,9152,9200,9251,9256,9300,9390-9391,9495,9500,9711,9788,9809-9815,9855,9875-9876,9910,9991,9999-10001,10008,10050-10051,10080,10098-10099,10162,10202-10203,10333,10443,10616,10628,11000-11001,11099,11211,11234,11333,11460,12000,12174,12203,12221,12345,12397,12401,13003,13013,13364,13500,13579,13838,14000,14330,15000-15001,15200,16000,16102,16992,17185,17200,18881,18980,19300,19810,20000,20010,20031,20034,20101,20111,20171,20222,20256,22006,22222,23423,23472,23791,23943,25000,25025,25672,26000,26122,26256,27000,27015,27017,27888,27960,28222,28784,30000,30718,31001,31099,32022,32764,32913,33000,34205,34443,37718,37777,38080,38292,40007,41025,41080,41523-41524,44334,44818,45230,46823-46824,47001-47002,48080,48899,49152,50000-50004,50013,50050,50500-50504,52302,52869,53413,54345,55552-55554,57772,62078,62514,65535 [*] [2019.04.04-14:27:51] Nmap Output: [*] [2019.04.04-14:27:51] Nmap Output: Starting Nmap 7.01 ( https://nmap.org ) at 2019-04-04 14:27 CST [*] [2019.04.04-14:27:57] Nmap Output: Nmap scan report for 10.0.165.30 [*] [2019.04.04-14:27:57] Nmap Output: Host is up (0.011s latency). [*] [2019.04.04-14:27:57] Nmap Output: Not shown: 501 closed ports [*] [2019.04.04-14:27:57] Nmap Output: PORT STATE SERVICE [*] [2019.04.04-14:27:57] Nmap Output: 22/tcp open ssh [*] [2019.04.04-14:27:57] Nmap Output: 80/tcp open http [*] [2019.04.04-14:27:57] Nmap Output: 443/tcp open https [*] [2019.04.04-14:27:57] Nmap Output: 1883/tcp open unknown [*] [2019.04.04-14:27:57] Nmap Output: 3306/tcp open mysql [*] [2019.04.04-14:27:57] Nmap Output: 5000/tcp open upnp [*] [2019.04.04-14:27:57] Nmap Output: 8000/tcp open http-alt [*] [2019.04.04-14:27:57] Nmap Output: 9100/tcp open jetdirect [*] [2019.04.04-14:27:57] Nmap Output: 10050/tcp open unknown [*] [2019.04.04-14:27:57] Nmap Output: Device type: general purpose [*] [2019.04.04-14:27:57] Nmap Output: Running: Linux 3.X|4.X [*] [2019.04.04-14:27:57] Nmap Output: OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 [*] [2019.04.04-14:27:57] Nmap Output: OS details: Linux 3.2 - 4.0 [*] [2019.04.04-14:27:57] Nmap Output: Network Distance: 2 hops [*] [2019.04.04-14:27:57] Nmap Output: [*] [2019.04.04-14:27:57] Nmap Output: TRACEROUTE (using port 110/tcp) [*] [2019.04.04-14:27:57] Nmap Output: HOP RTT ADDRESS [*] [2019.04.04-14:27:57] Nmap Output: 1 10.55 ms 10.0.176.1 [*] [2019.04.04-14:27:57] Nmap Output: 2 3.06 ms 10.0.165.30 [*] [2019.04.04-14:27:57] Nmap Output: [*] [2019.04.04-14:27:57] Nmap Output: OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . [*] [2019.04.04-14:27:57] Nmap Output: Nmap done: 1 IP address (1 host up) scanned in 5.74 seconds [*] [2019.04.04-14:27:57] Nmap Results: Importing scan data. [+] [2019.04.04-14:27:57] Workspace:default Progress:3/177 (1%) Sweeping 10.0.165.30 with UDP probes [*] [2019.04.04-14:27:57] Sending 13 probes to 10.0.165.30->10.0.165.30 (1 hosts) [+] [2019.04.04-14:28:12] Workspace:default Progress:5/177 (2%) Sweeping 10.0.165.30 with HTTP probes [+] [2019.04.04-14:28:12] 10.0.165.30:80 nginx/1.10.3 (Ubuntu) [+] [2019.04.04-14:28:13] 10.0.165.30:443 nginx/1.10.3 (Ubuntu) [+] [2019.04.04-14:28:13] 10.0.165.30:8000 nginx/1.10.3 (Ubuntu) [+] [2019.04.04-14:28:13] Workspace:default Progress:45/177 (25%) Sweeping 10.0.165.30 with SSH probes [+] [2019.04.04-14:28:13] 10.0.165.30:22 - SSH server version: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7 ( service.version=7.2p2 openssh.comment=Ubuntu-4ubuntu2.7 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.cpe23=cpe:/a:openbsd:openssh:7.2p2 os.vendor=Ubuntu os.family=Linux os.product=Linux os.certainty=0.75 os.cpe23=cpe:/o:canonical:ubuntu_linux:- service.protocol=ssh fingerprint_db=ssh.banner ) [+] [2019.04.04-14:28:13] Workspace:default Progress:57/177 (32%) Sweeping 10.0.165.30 with MySQL probes [*] [2019.04.04-14:28:13] 10.0.165.30:3306 - 10.0.165.30:3306 is running MySQL, but responds with an error: \x04Host '10.0.176.101' is not allowed to connect to this MySQL server [+] [2019.04.04-14:28:13] Workspace:default Progress:63/177 (35%) Sweeping 10.0.165.30 with VxWorks probes [+] [2019.04.04-14:28:23] Workspace:default Progress:168/177 (94%) Sweeping 10.0.165.30 with WinRM probes [-] [2019.04.04-14:28:23] 10.0.165.30:80 Does not appear to be a WinRM server [-] [2019.04.04-14:28:23] 10.0.165.30:443 Does not appear to be a WinRM server [+] [2019.04.04-14:28:23] Workspace:default Progress:172/177 (97%) Normalizing system information [+] [2019.04.04-14:28:24] Workspace:default Progress:1/2 (50%) Normalizing 10.0.165.30 [+] [2019.04.04-14:28:24] Workspace:default Progress:2/2 (100%) Normalization complete [+] [2019.04.04-14:28:24] Workspace:default Progress:173/177 (97%) Identifying unknown services [+] [2019.04.04-14:28:24] Workspace:default Progress:174/177 (98%) Normalizing system information for newly identified services [+] [2019.04.04-14:28:24] Workspace:default Progress:1/2 (50%) Normalizing 10.0.165.30 [+] [2019.04.04-14:28:24] Workspace:default Progress:2/2 (100%) Normalization complete [+] [2019.04.04-14:28:24] Workspace:default Progress:175/177 (98%) Sweeping newly found services [+] [2019.04.04-14:28:24] Workspace:default Progress:176/177 (99%) Normalizing system information for newly identified services [+] [2019.04.04-14:28:24] Workspace:default Progress:1/2 (50%) Normalizing 10.0.165.30 [+] [2019.04.04-14:28:24] Workspace:default Progress:2/2 (100%) Normalization complete [+] [2019.04.04-14:28:24] Discovered Host: 10.0.165.30 (10.0.165.30) [+] [2019.04.04-14:28:24] Workspace:default Progress:177/177 (100%) Sweep of 10.0.165.30-10.0.165.30 complete (1 new host, 9 new services)
更多精彩
