!!!笔记仅供学习交流使用,请勿进行其他用途!!!
CONTENTS
使用nmap的脚本进行漏洞扫描:
参考网址【 http://nmap.org/nsedoc/categories/vuln.html 】
使用metasploit内部的wamp模块:
参考网址【 http://www.offensive-security.com/metasploit-unleashed/WMAP_Web_Scanner 】
msf > load wmap #载入wmap命令模块 .-.-.-..-.-.-..---..---. | | | || | | || | || |-' `-----'`-'-'-'`-^-'`-' [WMAP 1.5.1] === et [ ] metasploit.com 2012 [*] Successfully loaded plugin: wmap msf > help wmap Commands ============= Command Description ------- ----------- wmap_modules Manage wmap modules wmap_nodes Manage nodes wmap_run Test targets wmap_sites Manage sites wmap_targets Manage targets wmap_vulns Display web vulns 。。。。。。 。。。。。。 msf > wmap_modules -h [*] Usage: wmap_modules [options] -h Display this help text -l List all wmap enabled modules -r Reload wmap modules msf > wmap_modules -l #查看可以利用的模块 [*] Loading wmap modules... [*] 39 wmap enabled modules loaded. [*] wmap_ssl 。。。。。 。。。。。 msf > wmap_sites -h [*] Usage: wmap_sites [options] -h Display this help text -a [url] Add site (vhost,url) -d [ids] Delete sites (separate ids with space) -l List all available sites -s [id] Display site structure (vhost,url|ids) (level) msf > wmap_sites -a http://10.10.10.128 #添加一个目标IP地址 [*] Site created. msf > wmap_sites -l #查看所有的目标IP地址 [*] Available sites =============== Id Host Vhost Port Proto # Pages # Forms -- ---- ----- ---- ----- ------- ------- 0 10.10.10.128 10.10.10.128 80 http 0 0 1 108.166.213.104 108.166.213.104 80 http 0 0 msf > wmap_sites -d 1 #删掉不用的目标IP [*] Deleted 108.166.213.104 on 108.166.213.104 at index 1 msf > wmap_targets -h [*] Usage: wmap_targets [options] -h Display this help text -t [urls] Define target sites (vhost1,url[space]vhost2,url) -d [ids] Define target sites (id1, id2, id3 ...) -c Clean target sites list -l List all target sites msf > wmap_targets -d 0 #指定目标URL,可以使用 -d -t两种方法添加 [*] Loading 10.10.10.128,http://10.10.10.128:80/. msf > wmap_targets -l #查看所有的目标URL [*] Defined targets =============== Id Vhost Host Port SSL Path -- ----- ---- ---- --- ---- 0 10.10.10.128 10.10.10.128 80 false / msf > wmap_run -h [*] Usage: wmap_run [options] -h Display this help text -t Show all enabled modules -m [regex] Launch only modules that name match provided regex. -p [regex] Only test path defined by regex. -e [/path/to/profile] Launch profile modules against all matched targets. (No profile file runs all enabled modules.) msf > wmap_run -t #查看可用的模块 [*] Testing target: 。。。。。 msf > wmap_run -e #exploit 。。。。。。 msf > vulns 。。。。。。
发表评论