Metasploit
Metasploit is an exploitation and vulnerability validation tool that helps you divide the penetration testing workflow into smaller and more manageable tasks. With Metasploit Pro, you can leverage the power of the Metasploit Framework and its exploit database through a web based user interface to perform security assessments and vulnerability validation. READ MORE
Lab Setup
When your target systems are located on the same network as your attacking machine, you can enumerate system by performing and ARP scan
Open the Metasploit
** Open terminal **
** Run Command **
$sudo msfdb init && sudo msfconsole
// ---- ARP Sweep ----//
> search arp_sweep
To perform the ARP scanning we need to pass our MAC address and source IP address to the scanner for it to function properly.
> set RHOSTS 192.168.56.100-200
> set SHOST 192.168.1.105
> set SMAC 08:00:27:a6:1f:86
> set thread 50
> run
// ---- UDP Sweep ----//
The udp_sweep module scans across a give range of hosts to detect commonly available UDP services.
Open the Metasploit
** Open terminal **
** Run Command **
$sudo msfdb init && sudo msfconsole
> search udp_sweep
> use auxiliary/scanner/discovery/udp_sweep
> show options
> set RHOSTS 192.168.56.100-200
> set thread 250
> run
// ---- IMAP Version ----//
The imap_version auxiliary module is relatively simple banner grabber for IMAP servers. To configure the module, we will only set the RHOST and THREADS values and let it run.
Open the Metasploit
** Open terminal **
** Run Command **
$sudo msfdb init && sudo msfconsole
> search imap_version
> use auxiliary/scanner/imap/imap_version
> show options
> set RHOSTS 192.168.56.100-200
> set thread 40
> run
The latest tips and news from the industry straight to your inbox!
Join subscription for execlusive access to our monthly newsletter with insight to the cyber security.
