Metasploit scanning
Some quick notes :)
to be continued...
Importing from nmap (ol skul)
- db_status (make sure that your postgres is connected)
- hosts (it should be empty)
- nmap -sT -P0 -O --open -oX 10.1.87-range.xml 10.1.87.1/24 (on the command line)
- db_import /root/10.1.87-range.xml (or you can cd and ls to find the exact location and filename from your msf> console)
- hosts (you should be able to see the hosts nmap has found)
- services (it will show you the open ports on the found systems)
- services -s ssh (break it down using the service name)
- services -p 22 (break it down using the port number)
- services -p 22 -R (When attacking multiple hosts or enumerating try this to load all the matching hosts to your RHOST option automagically)
- hosts -d (to clear all imported hosts)
Using nmap through msfconsole (for the itchy junkie)
- db_nmap -sT -P0 -O --open 10.1.87.1/24
- hosts (the itch stops)
The extra-quick way (usually == sloppy)
- search portscan
- use auxiliary/scanner/portscan/tcp
- set rhosts 10.1.87.1/24
- set threads 100
- set ports 445 80 21-25 110 139 143 8080 9090 8443 443 135 3389
- run
to be continued...
