198269823 metasploit the penetration testers guide

Page 154

RHOSTS => 192.168.1.242, 192.168.13.242.252, 192.168.13.242.254, 192.168.4.116, 192.168.4.118, 192.168.4.122, 192.168.13.242.251, 192.168.13.242.234, 192.168.8.67, 192.168.6.113, 192.168.13.242.231, 192.168.13.242.249, 192.168.4.115, 192.168.8.66, 192.168.8.68, 192.168.6.62 msf auxiliary(webdav_scanner) > run [*] 192.168.1.242 (Microsoft-IIS/6.0) WebDAV disabled. [*] 192.168.13.242.252 (Apache/2.2.9 (Debian) proxy_html/3.0.0 mod_ssl/2.2.9 OpenSSL/0.9.8g) WebDAV disabled. [*] Scanned 04 of 31 hosts (012% complete) [*] Scanned 07 of 31 hosts (022% complete) [*] 192.168.4.116 (Apache/2.2.3 (Red Hat)) WebDAV disabled. [*] Scanned 10 of 31 hosts (032% complete) [*] 192.168.4.122 (Apache/2.2.3 (Red Hat)) WebDAV disabled. [*] Scanned 13 of 31 hosts (041% complete) [*] 192.168.13.242.251 (Microsoft-IIS/6.0) WebDAV disabled. [*] 192.168.13.242.234 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 16 of 31 hosts (051% complete) [*] 192.168.8.67 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 19 of 31 hosts (061% complete) [*] 192.168.6.113 (Microsoft-IIS/5.0) has WEBDAV ENABLED [*] 192.168.13.242.231 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 22 of 31 hosts (070% complete) [*] 192.168.13.242.249 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 25 of 31 hosts (080% complete) [*] 192.168.4.115 (Microsoft-IIS/6.0) WebDAV disabled. [*] 192.168.8.66 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 28 of 31 hosts (090% complete) [*] 192.168.8.68 (Microsoft-IIS/6.0) WebDAV disabled. [*] Scanned 31 of 31 hosts (100% complete) [*] Auxiliary module execution completed

As you can see in this example, a number of HTTP servers have been scanned in the search for WebDAV , and only one happens to have WebDAV enabled . This module has quickly identified a specific system against which you can launch further attacks. NOTE

Auxiliary module functionality goes far beyond scanning. As you will see in Chapter 14 auxiliary modules also work great as fuzzers with a little modification. A number of denial-of-service modules are also available for Wi-Fi (including dos/wifi/deauth), which can prove quite disruptive when used properly.

Anatomy of an Auxiliary Module Let’s look at the makeup of an auxiliary module in a fun little example not currently in the Metasploit repository (because it does not pertain to penetration testing). This example will demonstrate how easy it is to offload a great deal of programming to the Framework, allowing us to focus on the specifics of a module.

128

Chapter 9

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.