MSF-弱点扫描

MSF-弱点扫描

  • 根据信息收集结果搜索漏洞利用模块
  • 结合外部漏洞扫描系统对大IP地址段进行批量扫描

  • VNC密码破解

    • 5900端口
    • use auxiliary/scanner/vnc/vnc_login
  • VNC无密码访问

    • use auxiliary/scanner/vnc/vnc_none_auth

      • 如果是无密码的,则显示supported:None,free access!
  • RDP远程桌面漏洞

    • use auxiliary/sacnner/rdp/ms12_020_check
    • 检查不会造成DoS攻击
    • use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
      • 蓝屏重启
  • 设备后门

    • use auxiliary/scanner/ssh/juniper
    • use auxiliary/scanner/ssh/fortinet_backdoor
  • VMWare ESXi密码爆破

    • use auxiliary/scanner/vmware/vmauthd_login
    • use auxiliary/scanner/vmware/vmware_enum_vms
  • 利用WEB API远程开启虚拟机

    • ues auxiliary/admin/vmware/pweron_vm

HTTP弱点扫描

  • 过期证书

    • use auxiliary/scanner/http/cert
  • 显示目录及文件

    • use auxiliary/scanner/http/dir_listing
    • use auxiliary/scanner/http/files_dir
  • WebDAV Unicode 编码身份验证绕过

    • use auxiliary/scanner/http/dir_webdav_unicode_bypass
  • Tomcat 管理登陆

    • use auxiliary/scanner/http/tomcat_mgr_login
  • 基于http方法的身份验证绕过

    • use auxiliary/scanner/http/verb_auth_bypass
  • wordpress密码爆破

    • wordpress_login_enum
  • WMAP WEB应用扫描器