Author: Magic @freebuf.com
0x1 Automatic attack
Terminal Boot Metasploit because I'm now source
Code, so start this!
Connecting to a database
Installation method, execute the following command (please use root).
Deb http://Ubuntu.Mirror.Cambrium.nl/ubuntu/ precise main universe add software source sudo apt-get install Postgresqlsudo apt-get install RubyGems libpq-devapt- get install Libreadline-devapt- get install Libssl-devapt- get install Libpq5apt-get install Ruby-< Span class= "PLN" >devsudo apt-get install Libpq- devsudo gem install pg
Configuration database
passwd postgres Modify postgres password su postgres into the database CreateUser xxx-p create a XXX user (then enter the password, y/n always select n can) Createdb-- Owner=user xxx Create a XXX database psql xxx into XXX database psql-l list database dropuser Delete user dropdb Delete database
Start scanning the TCP scan module and view module configuration information
Set scan IP and scan thread modifications, I'm using 8 threads here.
Start scanning and scanning results
Exit scan module and query database records
Load automatic attack module and boot attack (because the new version of MSF cancels the DB_AUTOPWN so there is a red part)
The red part of the attack message is a session that has been successfully connected
End of attack, show active session
Establish session, execute command to verify attack success
0x2 Select module attack
Search for the attack module we need
Launch attack module and view module configuration information
Set the attack target and select the TCP bounce mode connection
Start attack and attack success
The egg doesn't hurt, so stop it, when the egg hurts and then write Metasploit+xssf+beef
I am a rookie, Daniel met please bypass, thank you for your cooperation
Metasploit automatic attack and select module attack detailed