MSF-弱点扫描
- 根据信息收集结果搜索漏洞利用模块
- 结合外部漏洞扫描系统对大IP地址段进行批量扫描
VNC密码破解
- 5900端口
- use auxiliary/scanner/vnc/vnc_login
VNC无密码访问
RDP远程桌面漏洞
- use auxiliary/sacnner/rdp/ms12_020_check
- 检查不会造成DoS攻击
- use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
- 蓝屏重启
设备后门
- use auxiliary/scanner/ssh/juniper
- use auxiliary/scanner/ssh/fortinet_backdoor
VMWare ESXi密码爆破
- use auxiliary/scanner/vmware/vmauthd_login
- use auxiliary/scanner/vmware/vmware_enum_vms
利用WEB API远程开启虚拟机
- ues auxiliary/admin/vmware/pweron_vm
HTTP弱点扫描
过期证书
- use auxiliary/scanner/http/cert
显示目录及文件
- use auxiliary/scanner/http/dir_listing
- use auxiliary/scanner/http/files_dir
WebDAV Unicode 编码身份验证绕过
- use auxiliary/scanner/http/dir_webdav_unicode_bypass
Tomcat 管理登陆
- use auxiliary/scanner/http/tomcat_mgr_login
基于http方法的身份验证绕过
- use auxiliary/scanner/http/verb_auth_bypass
wordpress密码爆破
- wordpress_login_enum
WMAP WEB应用扫描器
- 根据SQLMAP的工作方式开发
- load wmap
- wmap_sites -a http://192.168.8.133
- wmap_targets -t http://1.1.1.1/multilidae/index.php
- wmap_run -t
- wmap_run -e
- wmap_vulns -l
- vulns