Operating environment for Kali virtual machines
| 1 |
[Email protected]:~# apt-get Install PostgreSQL |
Start the service
| 12 |
[Email protected]:~# service PostgreSQL start[OK] starting PostgreSQL 9.1 database Server:main. |
Modify the PostgreSQL password to Toor:
| 123 |
[Email protected]:~# sudo-u postgres psql postgrespostgres=# alter user postgres with password ' toor '; ALTER ROLE |
Start MSF:
| 1 |
[Email protected]:~# msfconsole |
Link to PostgreSQL using MSF:
| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 66676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 |
MSF > db_status[*] PostgreSQL connected to POSTGRESMSF > DB_DISCONNECTMSF >msf > db_status[*] PostgreSQL selec Ted, no connectionmsf > db_connect[*] usage:db_connect <user:pass>@ Run Nmap in the MSF terminal,
| 1234 |
MSF > Db_connect postgres:[email protected]/postgres[*] Rebuilding the module cache in the BACKGROUND...MSF > Db_nma P[*] usage:db_nmap [nmap options] |
After successfully linking to the database, you can use the Db_nmap command, which runs Nmap in the MSF terminal and automatically stores the NMAP results in the database.
| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
MSF > Db_nmap-ss-a 192.168.119.132[*] nmap:starting nmap 6.25 (http://nmap.org) at 2014-07-12 10:42 edt[*] Nmap:n Map Scan report for 192.168.119.132[*] Nmap:host Is up (0.00051s latency). [*] Nmap:not shown:993 closed ports[*] nmap:port state service version[*] nmap:80/tcp open http Apache httpd 2.2.21 ((Win32) php/5.3.10) [*] Nmap: |_http-methods:no allow or public header in options Response (stat US Code 403) [*] Nmap: |_http-title:403 forbidden[*] nmap:135/tcp open msrpc & nbsp; Microsoft Windows rpc[*] nmap:139/tcp open netbios-ssn[*] nmap:1433/tcp open ms-sql -s Microsoft SQL Server 2005 9.00.1399.00; Rtm[*] nmap:2383/tcp open MS-OLAP4? [*] Nmap:3306/tcp open mysql MySQL (Unauthorized) [*] nmap:3389/tcp open ms-wbt-server Microsoft Terminal service[*] Nmap:mac address:00:0c:29 : 5d:f3:e7 (VMware) [*] nmap:no exact OS matches for host (If you know what OS is running on it, see http:// nmap.org/submit/). [*] NMAP:TCP/IP fingerprint:[*] Nmap:OS:SCAN (v=6.25%e=4%d=7/12%ot=80%ct=1%cu=32534%pv=y%ds=1%dc=d%g=y%m=000c29%t[*] NMAP:OS:M=53C14991%P=I686-PC-LINUX-GNU) SEQ (sp=108%gcd=1%isr=10d%ti=i%ci=i%ii=i%s[*] nmap:os:s=s%ts=0) OPS (O1= M5b4nw3nnt00nns%o2=m5b4nw3nnt00nns%o3=m5b4nw3nnt00%o4=m5[*] Nmap:os:b4nw3nnt00nns%o5=m5b4nw3nnt00nns%o6= M5b4nnt00nns) WIN (w1=ffff%w2=ffff%w3=[*] nmap:os:ffff%w4=ffff%w5=ffff%w6=ffff) ECN (r=y%df=n%t=40%w=ffff%o= M5b4nw3nns%cc=n%[*] nmap:os:q=) T1 (r=y%df=n%t=40%s=o%a=s+%f=as%rd=0%q=) T2 (r=y%df=n%t=40%w=0%s=z%a=s%f[*] Nmap:os: =ar%o=%rd=0%q=) T3 (r=y%df=n%t=40%w=ffff%s=o%a=s+%f=as%o=m5b4nw3nnt00nns%r[*] nmap:os:d=0%q=) T4 (R=Y%DF=N%T=40%W=0 %s=a%a=o%f=r%o=%rd=0%q=) T5 (r=y%df=n%t=40%w=0%[*] Nmap:os:s=z%a=s+%f=ar%o=%rd=0%q=) T6 (r=y%df=n%t=40%w=0%s=a%a=o%f=r%o=%rd=0%q=) T7 ([*] nmap:os:r=y%df=n%t=40%w=0%s=z%a=s+%f=ar%o=%rd=0%q= ) U1 (r=y%df=n%t=40%ipl=b0%un=0%[*] nmap:os:ripl=g%rid=g%ripck=g%ruck=g%rud=g) IE (R=Y%DFI=S%T=40%CD=Z) [*] Nmap: Network distance:1 hop[*] Nmap:service Info:OS:Windows; cpe:cpe:/o:microsoft:windows[*] nmap:host script results:[*] Nmap: | Ms-sql-info:[*] Nmap: | [192.168.119.132:1433][*] nmap: | version:microsoft sql Server 2005 rtm[*] Nmap: | Version number:9.00.1399.00[*] Nmap: | Product:microsoft SQL Server 2005[*] Nmap: | Service Pack Level:rtm[*] Nmap: | post-sp patches applied:no[*] Nmap: |_ TCP P Ort:1433[*] Nmap: |_nbstat:netbios name:pc-201403241103, NetBIOS User: <unknown>, NetBIOS Mac:00:0c:29:5d:f3:e7 (VMware) [*] Nmap: | Smb-os-discovery:[*] Nmap: | os:windows XP (Windows $ LAN Manager) [*] Nmap: | OS cpe:cpe:/o:microsoft:windows_xp::-[*] Nmap: | computer name:pc-201403241103[*] Nmap: | NetBIOS computer name:pc-201403241103[*] Nmap: |  ; workgroup:workgroup[*] Nmap: |_ System time:2014-07-12t22:43:29+08:00[*] Nmap: | Smb-security-mode:[*] Nmap: | account The was used FOR&NBSP;SMB scripts:guest[*] Nmap: | User-le Vel authentication[*] Nmap: | SMB security:challenge/response passwords supported[*] Nmap: |_ Message S Igning Disabled (dangerous, but default) [*] Nmap: |_smbv2-enabled:server doesn ' t support SMBv2 protocol[*] Nmap:tracerou Te[*] Nmap:hop rtt address[*] nmap:1 0.51 Ms 192.168.119.132[*] Nmap:os and Service Detection performed. Incorrect results at http://nmap.org/submit/. [*] Nmap:nmap done:1 IP Address (1 host up) scanned in 45.97 seconds |
We will notice that the scan results include a series of open ports, software versions, guesses about the target system type, System time MAC address, and so on |
