!!!笔记仅供学习交流使用,请勿进行其他用途!!!
CONTENTS
ssh密码猜测:
使用Metasploit自带扫描模块:
msf> search ssh_login Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- auxiliary/scanner/ssh/ssh_login normal SSH Login Check Scanner 。。。。。
ssh_login模块:
路径:auxiliary/scanner/ssh/ssh_login
msf> use auxiliary/scanner/ssh/ssh_login msf auxiliary(ssh_login) > show options Module options (auxiliary/scanner/ssh/ssh_login): Name Current Setting Required Description ---- --------------- -------- ----------- BLANK_PASSWORDS false no Try blank passwords for all users BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5 DB_ALL_CREDS false no Try each user/password couple stored in the current database DB_ALL_PASS false no Add all passwords in the current database to the list DB_ALL_USERS false no Add all users in the current database to the list PASSWORD no A specific password to authenticate with #某个特定的密码 PASS_FILE no File containing passwords, one per line #密码文件 RHOSTS yes The target address range or CIDR identifier #目标IP地址 RPORT 22 yes The target port STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host THREADS 1 yes The number of concurrent threads USERNAME no A specific username to authenticate as #某个特定的用户名 USERPASS_FILE no File containing users and passwords separated by space, one pair per line #用户名:密码文件 USER_AS_PASS false no Try the username as the password for all users USER_FILE no File containing usernames, one per line #用户名文件 VERBOSE true yes Whether to print output for all attempts msf auxiliary(ssh_login) > cd /usr/share/metasploit-framework/data/wordlists msf auxiliary(ssh_login) > set USERNAME root USERNAME => root msf auxiliary(ssh_login) > head unix_passwords.txt [*] exec: head unix_passwords.txt 123456 12345 123456789 password iloveyou princess 1234567 12345678 abc123 nicole msf auxiliary(ssh_login) > set PASS_FILE /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt PASS_FILE => /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt msf auxiliary(ssh_login) > set THREADS 50 THREADS => 50 msf auxiliary(ssh_login) > exploit 。。。 。。。
telnet密码猜测:
使用Metasploit自带扫描模块:
telnet_login模块:
路径:auxiliary/scanner/ssh/telnet_login
msf> use auxiliary/scanner/telnet/telnet_login msf auxiliary(telnet_login) > show options Module options (auxiliary/scanner/telnet/telnet_login): Name Current Setting Required Description ---- --------------- -------- ----------- BLANK_PASSWORDS false no Try blank passwords for all users BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5 DB_ALL_CREDS false no Try each user/password couple stored in the current database DB_ALL_PASS false no Add all passwords in the current database to the list DB_ALL_USERS false no Add all users in the current database to the list PASSWORD no A specific password to authenticate with PASS_FILE no File containing passwords, one per line RHOSTS yes The target address range or CIDR identifier RPORT 23 yes The target port STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host THREADS 1 yes The number of concurrent threads USERNAME no A specific username to authenticate as USERPASS_FILE no File containing users and passwords separated by space, one pair per line USER_AS_PASS false no Try the username as the password for all users USER_FILE no File containing usernames, one per line VERBOSE true yes Whether to print output for all attempts
后面和ssh_login类似,就不笔记了。
发表评论