Metasploit辅助模块

  1. msf > show auxiliary
  2. Auxiliary
  3. =========
  4. Name                                                  Disclosure Date  Rank       Description
  5. ----                                                  ---------------  ----       -----------
  6. admin/2wire/xslt_password_reset                       2007-08-15       normal     2Wire Cross-Site Request Forgery Password Reset Vulnerability
  7. admin/backupexec/dump                                                  normal     Veritas Backup Exec Windows Remote File Access
  8. admin/backupexec/registry                                              normal     Veritas Backup Exec Server Registry Access
  9. admin/cisco/vpn_3000_ftp_bypass                       2006-08-23       normal     Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access
  10. admin/db2/db2rcmd                                     2004-03-04       normal     IBM DB2 db2rcmd.exe Command Execution Vulnerability
  11. admin/edirectory/edirectory_dhost_cookie                               normal     Novell eDirectory DHOST Predictable Session Cookie
  12. admin/emc/alphastor_devicemanager_exec                2008-05-27       normal     EMC AlphaStor Device Manager Arbitrary Command Execution
  13. admin/emc/alphastor_librarymanager_exec               2008-05-27       normal     EMC AlphaStor Library Manager Arbitrary Command Execution
  14. admin/ftp/titanftp_xcrc_traversal                     2010-06-15       normal     Titan FTP XCRC Directory Traversal Information Disclosure
  15. admin/http/contentkeeper_fileaccess                                    normal     ContentKeeper Web Appliance mimencode File Access
  16. admin/http/hp_web_jetadmin_exec                       2004-04-27       normal     HP Web JetAdmin 6.5 Server Arbitrary Command Execution
  17. admin/http/iomega_storcenterpro_sessionid                              normal     Iomega StorCenter Pro NAS Web Authentication Bypass
  18. admin/http/tomcat_administration                                       normal     Tomcat Administration Tool Default Access
  19. admin/http/tomcat_utf8_traversal                                       normal     Tomcat UTF-8 Directory Traversal Vulnerability
  20. admin/http/typo3_sa_2009_002                          2009-02-10       normal     Typo3 sa-2009-002 File Disclosure
  21. admin/maxdb/maxdb_cons_exec                           2008-01-09       normal     SAP MaxDB cons.exe Remote Command Injection
  22. admin/motorola/wr850g_cred                            2004-09-24       normal     Motorola WR850G v4.03 Credentials
  23. admin/ms/ms08_059_his2006                             2008-10-14       normal     Microsoft Host Integration Server 2006 Command Execution Vulnerability
  24. admin/mssql/mssql_enum                                                 normal     Microsoft SQL Server Configuration Enumerator
  25. admin/mssql/mssql_exec                                                 normal     Microsoft SQL Server xp_cmdshell Command Execution
  26. admin/mssql/mssql_idf                                                  normal     Microsoft SQL Server - Interesting Data Finder
  27. admin/mssql/mssql_sql                                                  normal     Microsoft SQL Server Generic Query
  28. admin/mysql/mysql_enum                                                 normal     MySQL Enumeration Module
  29. admin/mysql/mysql_sql                                                  normal     MySQL SQL Generic Query
  30. admin/officescan/tmlisten_traversal                                    normal     TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
  31. admin/oracle/ora_ntlm_stealer                         2009-04-07       normal     Oracle SMB Relay Code Execution
  32. admin/oracle/oracle_login                             2008-11-20       normal     Oracle Account Discovery
  33. admin/oracle/oracle_sql                               2007-12-07       normal     Oracle SQL Generic Query
  34. admin/oracle/oraenum                                                   normal     Oracle Database Enumeration
  35. admin/oracle/osb_execqr                               2009-01-14       normal     Oracle Secure Backup exec_qr() Command Injection Vulnerability
  36. admin/oracle/osb_execqr2                              2009-08-18       normal     Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
  37. admin/oracle/osb_execqr3                              2010-07-13       normal     Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
  38. admin/oracle/post_exploitation/win32exec              2007-12-07       normal     Oracle Java execCommand (Win32)
  39. admin/oracle/post_exploitation/win32upload            2005-02-10       normal     Oracle URL Download
  40. admin/oracle/sid_brute                                2009-01-07       normal     Oracle TNS Listener SID Brute Forcer
  41. admin/oracle/tnscmd                                   2009-02-01       normal     Oracle TNS Listener Command Issuer
  42. admin/pop2/uw_fileretrieval                           2000-07-14       normal     UoW pop2d Remote File Retrieval Vulnerability
  43. admin/postgres/postgres_readfile                                       normal     PostgreSQL Server Generic Query
  44. admin/postgres/postgres_sql                                            normal     PostgreSQL Server Generic Query
  45. admin/scada/igss_exec_17                              2011-03-21       normal     Interactive Graphical SCADA System Remote Command Injection
  46. admin/serverprotect/file                                               normal     TrendMicro ServerProtect File Access
  47. admin/smb/samba_symlink_traversal                                      normal     Samba Symlink Directory Traversal
  48. admin/smb/upload_file                                                  normal     SMB File Upload Utility
  49. admin/sunrpc/solaris_kcms_readfile                    2003-01-22       normal     Solaris KCMS + TTDB Arbitrary File Read
  50. admin/symantec/ams_hndlrsvc                           2010-07-26       excellent  Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution
  51. admin/symantec/ams_xfr                                2009-04-28       excellent  Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
  52. admin/tikiwiki/tikidblib                              2006-11-01       normal     TikiWiki information disclosure
  53. admin/vxworks/apple_airport_extreme_password                           normal     Apple Airport Extreme Password Extraction (WDBRPC)
  54. admin/vxworks/dlink_i2eye_autoanswer                                   normal     D-Link i2eye Video Conference AutoAnswer (WDBRPC)
  55. admin/vxworks/wdbrpc_memory_dump                                       normal     VxWorks WDB Agent Remote Memory Dump
  56. admin/vxworks/wdbrpc_reboot                                            normal     VxWorks WDB Agent Remote Reboot
  57. admin/webmin/file_disclosure                          2006-06-30       normal     Webmin file disclosure
  58. admin/zend/java_bridge                                2011-03-28       normal     Zend Server Java Bridge Design Flaw Remote Code Execution
  59. analyze/jtr_crack_fast                                                 normal     John the Ripper Password Cracker (Fast Mode)
  60. client/smtp/emailer                                                    normal     Generic Emailer (SMTP)
  61. crawler/msfcrawler                                                     normal     Metasploit Web Crawler
  62. dos/cisco/ios_http_percentpercent                     2000-04-26       normal     Cisco IOS HTTP GET /%% request Denial of Service
  63. dos/dhcp/isc_dhcpd_clientid                                            normal     ISC DHCP Zero Length ClientID Denial of Service Module
  64. dos/freebsd/nfsd/nfsd_mount                                            normal     FreeBSD Remote NFS RPC Request Denial of Service
  65. dos/hp/data_protector_rds                             2011-01-08       normal     HP Data Protector Manager RDS DOS
  66. dos/http/3com_superstack_switch                       2004-06-24       normal     3Com SuperStack Switch Denial of Service
  67. dos/http/apache_mod_isapi                             2010-03-05       normal     Apache mod_isapi <= 2.2.14 Dangling Pointer
  68. dos/http/apache_tomcat_transfer_encoding              2010-07-09       normal     Apache Tomcat Transfer-Encoding Information Disclosure and DoS
  69. dos/http/dell_openmanage_post                         2004-02-26       normal     Dell OpenManage POST Request Heap Overflow (win32)
  70. dos/http/sonicwall_ssl_format                         2009-05-29       normal     SonicWALL SSL-VPN Format String Vulnerability
  71. dos/http/webrick_regex                                2008-08-08       normal     Ruby WEBrick::HTTP::DefaultFileHandler DoS
  72. dos/mdns/avahi_portzero                               2008-11-14       normal     Avahi < 0.6.24 Source Port 0 DoS
  73. dos/ntp/ntpd_reserved_dos                             2009-10-04       normal     NTP.org ntpd Reserved Mode Denial of Service
  74. dos/pptp/ms02_063_pptp_dos                            2002-09-26       normal     MS02-063 PPTP Malformed Control Data Kernel Denial of Service
  75. dos/samba/lsa_addprivs_heap                                            normal     Samba lsa_io_privilege_set Heap Overflow
  76. dos/samba/lsa_transnames_heap                                          normal     Samba lsa_io_trans_names Heap Overflow
  77. dos/smtp/sendmail_prescan                             2003-09-17       normal     Sendmail SMTP Address prescan <= 8.12.8 Memory Corruption
  78. dos/solaris/lpd/cascade_delete                                         normal     Solaris LPD Arbitrary File Delete
  79. dos/ssl/dtls_changecipherspec                         2000-04-26       normal     OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
  80. dos/tcp/junos_tcp_opt                                                  low        Juniper JunOS Malformed TCP Option
  81. dos/tcp/synflood                                                       normal     TCP SYN Flooder
  82. dos/wifi/apple_orinoco_probe_response                                  normal     Apple Airport 802.11 Probe Response Kernel Memory Corruption
  83. dos/wifi/cts_rts_flood                                                 normal     Wireless CTS/RTS Flooder
  84. dos/wifi/deauth                                                        normal     Wireless DEAUTH Flooder
  85. dos/wifi/fakeap                                                        normal     Wireless Fake Access Point Beacon Flood
  86. dos/wifi/file2air                                                      normal     Wireless Frame (File) Injector
  87. dos/wifi/netgear_ma521_rates                                           normal     NetGear MA521 Wireless Driver Long Rates Overflow
  88. dos/wifi/netgear_wg311pci                                              normal     NetGear WG311v1 Wireless Driver Long SSID Overflow
  89. dos/wifi/probe_resp_null_ssid                                          normal     Multiple Wireless Vendor NULL SSID Probe Response
  90. dos/wifi/ssidlist_beacon                                               normal     Wireless Beacon SSID Emulator
  91. dos/wifi/wifun                                                         normal     Wireless Test Module
  92. dos/windows/appian/appian_bpm                         2007-12-17       normal     Appian Enterprise Business Suite 5.6 SP1 DoS
  93. dos/windows/browser/ms09_065_eot_integer              2009-11-10       normal     Microsoft Windows EOT Font Table Directory Integer Overflow
  94. dos/windows/ftp/filezilla_admin_user                  2005-11-07       normal     FileZilla FTP Server Admin Interface Denial of Service
  95. dos/windows/ftp/filezilla_server_port                 2006-12-11       normal     FileZilla FTP Server <=0.9.21 Malformed PORT Denial of Service
  96. dos/windows/ftp/guildftp_cwdlist                      2008-10-12       normal     Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
  97. dos/windows/ftp/iis75_ftpd_iac_bof                    2010-12-21       normal     Microsoft IIS FTP Server Encoded Response Overflow Trigger
  98. dos/windows/ftp/solarftp_user                         2011-02-22       normal     Solar FTP Server <= 2.1.1 Malformed (User) Denial of Service
  99. dos/windows/ftp/titan626_site                         2008-10-14       normal     Titan FTP Server 6.26.630 SITE WHO DoS
  100. dos/windows/ftp/vicftps50_list                        2008-10-24       normal     Victory FTP Server 5.0 LIST DoS
  101. dos/windows/ftp/winftp230_nlst                        2008-09-26       normal     WinFTP 2.3.0 NLST Denial of Service
  102. dos/windows/ftp/xmeasy560_nlst                        2008-10-13       normal     XM Easy Personal FTP Server 5.6.0 NLST DoS
  103. dos/windows/ftp/xmeasy570_nlst                        2009-03-27       normal     XM Easy Personal FTP Server 5.7.0 NLST DoS
  104. dos/windows/games/kaillera                            2011-07-02       normal     Kaillera 0.86 Server Denial of Service
  105. dos/windows/http/ms10_065_ii6_asp_dos                 2010-09-14       normal     Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
  106. dos/windows/http/pi3web_isapi                         2008-11-13       normal     Pi3Web <=2.0.13 ISAPI DoS
  107. dos/windows/llmnr/ms11_030_dnsapi                     2011-04-12       normal     Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS
  108. dos/windows/nat/nat_helper                            2006-10-26       normal     Microsoft Windows NAT Helper Denial of Service
  109. dos/windows/smb/ms05_047_pnp                                           normal     Microsoft Plug and Play Service Registry Overflow
  110. dos/windows/smb/ms06_035_mailslot                     2006-07-11       normal     Microsoft SRV.SYS Mailslot Write Corruption
  111. dos/windows/smb/ms06_063_trans                                         normal     Microsoft SRV.SYS Pipe Transaction No Null
  112. dos/windows/smb/ms09_001_write                                         normal     Microsoft SRV.SYS WriteAndX Invalid DataOffset
  113. dos/windows/smb/ms09_050_smb2_negotiate_pidhigh                        normal     Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
  114. dos/windows/smb/ms09_050_smb2_session_logoff                           normal     Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference
  115. dos/windows/smb/ms10_006_negotiate_response_loop                       normal     Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop
  116. dos/windows/smb/ms10_054_queryfs_pool_overflow                         normal     Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS
  117. dos/windows/smb/ms11_xxx_electbowser                                   normal     Microsoft Windows MRXSMB.SYS _BowserWriteErrorLogEntry Pool Overflow DoS
  118. dos/windows/smb/rras_vls_null_deref                   2006-06-14       normal     Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference
  119. dos/windows/smb/vista_negotiate_stop                                   normal     Microsoft Vista SP0 SMB Negotiate Protocol DoS
  120. dos/windows/smtp/ms06_019_exchange                    2004-11-12       normal     MS06-019 Exchange MODPROP Heap Overflow
  121. dos/windows/tftp/pt360_write                          2008-10-29       normal     PacketTrap TFTP Server 2.2.5459.0 DoS
  122. dos/windows/tftp/solarwinds                           2010-05-21       normal     SolarWinds TFTP Server 10.4.0.10 Denial of Service
  123. dos/wireshark/chunked                                 2007-02-22       normal     Wireshark chunked_encoding_dissector function DOS
  124. dos/wireshark/cldap                                   2011-03-01       normal     Wireshark CLDAP Dissector DOS
  125. dos/wireshark/ldap                                    2008-03-28       normal     Wireshark LDAP dissector DOS
  126. fuzzers/ftp/client_ftp                                                 normal     Simple FTP Client Fuzzer
  127. fuzzers/ftp/ftp_pre_post                                               normal     Simple FTP Fuzzer
  128. fuzzers/http/http_form_field                                           normal     HTTP Form field fuzzer
  129. fuzzers/http/http_get_uri_long                                         normal     HTTP GET Request URI Fuzzer (Incrementing Lengths)
  130. fuzzers/http/http_get_uri_strings                                      normal     HTTP GET Request URI Fuzzer (Fuzzer Strings)
  131. fuzzers/smb/smb2_negotiate_corrupt                                     normal     SMB Negotiate SMB2 Dialect Corruption
  132. fuzzers/smb/smb_create_pipe                                            normal     SMB Create Pipe Request Fuzzer
  133. fuzzers/smb/smb_create_pipe_corrupt                                    normal     SMB Create Pipe Request Corruption
  134. fuzzers/smb/smb_negotiate_corrupt                                      normal     SMB Negotiate Dialect Corruption
  135. fuzzers/smb/smb_ntlm1_login_corrupt                                    normal     SMB NTLMv1 Login Request Corruption
  136. fuzzers/smb/smb_tree_connect                                           normal     SMB Tree Connect Request Fuzzer
  137. fuzzers/smb/smb_tree_connect_corrupt                                   normal     SMB Tree Connect Request Corruption
  138. fuzzers/smtp/smtp_fuzzer                                               normal     SMTP Simple Fuzzer
  139. fuzzers/ssh/ssh_kexinit_corrupt                                        normal     SSH Key Exchange Init Corruption
  140. fuzzers/ssh/ssh_version_15                                             normal     SSH 1.5 Version Fuzzer
  141. fuzzers/ssh/ssh_version_2                                              normal     SSH 2.0 Version Fuzzer
  142. fuzzers/ssh/ssh_version_corrupt                                        normal     SSH Version Corruption
  143. fuzzers/tds/tds_login_corrupt                                          normal     TDS Protocol Login Request Corruption Fuzzer
  144. fuzzers/tds/tds_login_username                                         normal     TDS Protocol Login Request Username Fuzzer
  145. fuzzers/wifi/fuzz_beacon                                               normal     Wireless Beacon Frame Fuzzer
  146. fuzzers/wifi/fuzz_proberesp                                            normal     Wireless Probe Response Frame Fuzzer
  147. gather/android_htmlfileprovider                                        normal     Android Content Provider File Disclosure
  148. gather/citrix_published_applications                                   normal     Citrix MetaFrame ICA Published Applications Scanner
  149. gather/citrix_published_bruteforce                                     normal     Citrix MetaFrame ICA Published Applications Bruteforcer
  150. gather/dns_enum                                                        normal     DNS Enumeration Module
  151. gather/search_email_collector                                          normal     Search Engine Domain Email Address Collector
  152. pdf/foxit/authbypass                                  2009-03-09       normal     Foxit Reader Authorization Bypass
  153. scanner/backdoor/energizer_duo_detect                                  normal     Energizer DUO Trojan Scanner
  154. scanner/db2/db2_auth                                                   normal     DB2 Authentication Brute Force Utility
  155. scanner/db2/db2_version                                                normal     DB2 Probe Utility
  156. scanner/db2/discovery                                                  normal     DB2 Discovery Service Detection
  157. scanner/dcerpc/endpoint_mapper                                         normal     Endpoint Mapper Service Discovery
  158. scanner/dcerpc/hidden                                                  normal     Hidden DCERPC Service Discovery
  159. scanner/dcerpc/management                                              normal     Remote Management Interface Discovery
  160. scanner/dcerpc/tcp_dcerpc_auditor                                      normal     DCERPC TCP Service Auditor
  161. scanner/dect/call_scanner                                              normal     DECT Call Scanner
  162. scanner/dect/station_scanner                                           normal     DECT Base Station Scanner
  163. scanner/discovery/arp_sweep                                            normal     ARP Sweep Local Network Discovery
  164. scanner/discovery/ipv6_multicast_ping                                  normal     IPv6 Link Local/Node Local Ping Discovery
  165. scanner/discovery/ipv6_neighbor                                        normal     IPv6 Local Neighbor Discovery
  166. scanner/discovery/ipv6_neighbor_router_advertisement                   normal     IPv6 Local Neighbor Discovery Using Router Advertisment
  167. scanner/discovery/udp_probe                                            normal     UDP Service Prober
  168. scanner/discovery/udp_sweep                                            normal     UDP Service Sweeper
  169. scanner/emc/alphastor_devicemanager                                    normal     EMC AlphaStor Device Manager Service
  170. scanner/emc/alphastor_librarymanager                                   normal     EMC AlphaStor Library Manager Service
  171. scanner/finger/finger_users                                            normal     Finger Service User Enumerator
  172. scanner/ftp/anonymous                                                  normal     Anonymous FTP Access Detection
  173. scanner/ftp/ftp_login                                                  normal     FTP Authentication Scanner
  174. scanner/ftp/ftp_version                                                normal     FTP Version Scanner
  175. scanner/http/adobe_xml_inject                                          normal     Adobe XML External Entity Injection
  176. scanner/http/axis_local_file_include                                   normal     Apache Axis2 v1.4.1 Local File Inclusion
  177. scanner/http/axis_login                                                normal     Apache Axis2 v1.4.1 Brute Force Utility
  178. scanner/http/backup_file                                               normal     HTTP Backup File Scanner
  179. scanner/http/barracuda_directory_traversal            2010-10-08       normal     Barracuda Multiple Product "locale" Directory Traversal
  180. scanner/http/blind_sql_query                                           normal     HTTP Blind SQL Injection GET QUERY Scanner
  181. scanner/http/brute_dirs                                                normal     HTTP Directory Brute Force Scanner
  182. scanner/http/cert                                                      normal     HTTP SSL Certificate Checker
  183. scanner/http/cisco_device_manager                     2000-10-26       normal     Cisco Device HTTP Device Manager Access
  184. scanner/http/cisco_ios_auth_bypass                    2001-06-27       normal     Cisco IOS HTTP Unauthorized Administrative Access
  185. scanner/http/coldfusion_locale_traversal                               normal     ColdFusion Server Check
  186. scanner/http/copy_of_file                                              normal     HTTP Copy File Scanner
  187. scanner/http/crawler                                                   normal     Web Site Crawler
  188. scanner/http/dir_listing                                               normal     HTTP Directory Listing Scanner
  189. scanner/http/dir_scanner                                               normal     HTTP Directory Scanner
  190. scanner/http/dir_webdav_unicode_bypass                                 normal     MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner
  191. scanner/http/enum_delicious                                            normal     Pull Del.icio.us Links (URLs) for a domain
  192. scanner/http/enum_wayback                                              normal     Pull Archive.org stored URLs for a domain
  193. scanner/http/error_sql_injection                                       normal     HTTP Error Based SQL Injection Scanner
  194. scanner/http/file_same_name_dir                                        normal     HTTP File Same Name Directory Scanner
  195. scanner/http/files_dir                                                 normal     HTTP Interesting File Scanner
  196. scanner/http/frontpage_login                                           normal     FrontPage Server Extensions Login Utility
  197. scanner/http/http_login                                                normal     HTTP Login Utility
  198. scanner/http/http_version                                              normal     HTTP Version Detection
  199. scanner/http/httpbl_lookup                                             normal     Http:BL lookup
  200. scanner/http/jboss_vulnscan                                            normal     JBoss Vulnerability Scanner
  201. scanner/http/litespeed_source_disclosure                               normal     LiteSpeed Source Code Disclosure/Download
  202. scanner/http/lucky_punch                                               normal     HTTP Microsoft SQL Injection Table XSS Infection
  203. scanner/http/majordomo2_directory_traversal           2011-03-08       normal     Majordomo2 _list_file_get() Directory Traversal
  204. scanner/http/mod_negotiation_brute                                     normal     Apache HTTPD mod_negotiation Filename Bruter
  205. scanner/http/mod_negotiation_scanner                                   normal     Apache HTTPD mod_negotiation scanner
  206. scanner/http/ms09_020_webdav_unicode_bypass                            normal     MS09-020 IIS6 WebDAV Unicode Auth Bypass
  207. scanner/http/nginx_source_disclosure                                   normal     Nginx Source Code Disclosure/Download
  208. scanner/http/open_proxy                                                normal     HTTP Open Proxy Detection
  209. scanner/http/options                                                   normal     HTTP Options Detection
  210. scanner/http/prev_dir_same_name_file                                   normal     HTTP Previous Directory File Scanner
  211. scanner/http/replace_ext                                               normal     HTTP File Extension Scanner
  212. scanner/http/robots_txt                                                normal     HTTP Robots.txt Content Scanner
  213. scanner/http/sap_businessobjects_user_brute                            normal     SAP BusinessObjects User Bruteforcer
  214. scanner/http/sap_businessobjects_user_brute_web                        normal     SAP BusinessObjects Web User Bruteforcer
  215. scanner/http/sap_businessobjects_user_enum                             normal     SAP BusinessObjects User Enumeration
  216. scanner/http/sap_businessobjects_version_enum                          normal     SAP BusinessObjects Version Detection
  217. scanner/http/soap_xml                                                  normal     HTTP SOAP Verb/Noun Brute Force Scanner
  218. scanner/http/sqlmap                                                    normal     SQLMAP SQL Injection External Module
  219. scanner/http/ssl                                                       normal     HTTP SSL Certificate Information
  220. scanner/http/svn_scanner                                               normal     HTTP Subversion Scanner
  221. scanner/http/tomcat_enum                                               normal     Apache Tomcat User Enumeration
  222. scanner/http/tomcat_mgr_login                                          normal     Tomcat Application Manager Login Utility
  223. scanner/http/trace_axd                                                 normal     HTTP trace.axd Content Scanner
  224. scanner/http/verb_auth_bypass                                          normal     HTTP Verb Authentication Bypass Scanner
  225. scanner/http/vhost_scanner                                             normal     HTTP Virtual Host Brute Force Scanner
  226. scanner/http/vmware_server_dir_trav                                    normal     VMware Server Directory Transversal Vulnerability
  227. scanner/http/web_vulndb                                                normal     HTTP Vuln scanner
  228. scanner/http/webdav_internal_ip                                        normal     HTTP WebDAV Internal IP Scanner
  229. scanner/http/webdav_scanner                                            normal     HTTP WebDAV Scanner
  230. scanner/http/webdav_website_content                                    normal     HTTP WebDAV Website Content Scanner
  231. scanner/http/wordpress_login_enum                                      normal     Wordpress Brute Force and User Enumeration Utility
  232. scanner/http/writable                                                  normal     HTTP Writable Path PUT/DELETE File Access
  233. scanner/http/xpath                                                     normal     HTTP Blind XPATH 1.0 Injector
  234. scanner/imap/imap_version                                              normal     IMAP4 Banner Grabber
  235. scanner/ip/ipidseq                                                     normal     IPID Sequence Scanner
  236. scanner/lotus/lotus_domino_hashes                                      normal     Lotus Domino Password Hash Collector
  237. scanner/lotus/lotus_domino_login                                       normal     Lotus Domino Brute Force Utility
  238. scanner/lotus/lotus_domino_version                                     normal     Lotus Domino Version
  239. scanner/misc/ib_service_mgr_info                                       normal     Borland InterBase Services Manager Information
  240. scanner/misc/rosewill_rxs3211_passwords                                normal     Rosewill RXS-3211 IP Camera Password Retriever
  241. scanner/misc/sunrpc_portmapper                                         normal     SunRPC Portmap Program Enumerator
  242. scanner/motorola/timbuktu_udp                         2009-09-25       normal     Motorola Timbuktu Service Detection
  243. scanner/mssql/mssql_hashdump                                           normal     MSSQL Password Hashdump
  244. scanner/mssql/mssql_login                                              normal     MSSQL Login Utility
  245. scanner/mssql/mssql_ping                                               normal     MSSQL Ping Utility
  246. scanner/mysql/mysql_login                                              normal     MySQL Login Utility
  247. scanner/mysql/mysql_version                                            normal     MySQL Server Version Enumeration
  248. scanner/netbios/nbname                                                 normal     NetBIOS Information Discovery
  249. scanner/netbios/nbname_probe                                           normal     NetBIOS Information Discovery Prober
  250. scanner/nfs/nfsmount                                                   normal     NFS Mount Scanner
  251. scanner/ntp/ntp_monlist                                                normal     NTP Monitor List Scanner
  252. scanner/oracle/emc_sid                                                 normal     Oracle Enterprise Manager Control SID Discovery
  253. scanner/oracle/isqlplus_login                                          normal     Oracle iSQL*Plus Login Utility
  254. scanner/oracle/isqlplus_sidbrute                                       normal     Oracle isqlplus SID Check
  255. scanner/oracle/oracle_login                                            normal     Oracle RDBMS Login Utility
  256. scanner/oracle/sid_brute                                               normal     Oracle TNS Listener SID Bruteforce
  257. scanner/oracle/sid_enum                               2009-01-07       normal     Oracle TNS Listener SID Enumeration
  258. scanner/oracle/spy_sid                                                 normal     Oracle Application Server Spy Servlet SID Enumeration
  259. scanner/oracle/tnslsnr_version                        2009-01-07       normal     Oracle TNS Listener Service Version Query
  260. scanner/oracle/xdb_sid                                                 normal     Oracle XML DB SID Discovery
  261. scanner/oracle/xdb_sid_brute                                           normal     Oracle XML DB SID Discovery via Brute Force
  262. scanner/pop3/pop3_version                                              normal     POP3 Banner Grabber
  263. scanner/portscan/ack                                                   normal     TCP ACK Firewall Scanner
  264. scanner/portscan/ftpbounce                                             normal     FTP Bounce Port Scanner
  265. scanner/portscan/syn                                                   normal     TCP SYN Port Scanner
  266. scanner/portscan/tcp                                                   normal     TCP Port Scanner
  267. scanner/portscan/xmas                                                  normal     TCP "XMas" Port Scanner
  268. scanner/postgres/postgres_login                                        normal     PostgreSQL Login Utility
  269. scanner/postgres/postgres_version                                      normal     PostgreSQL Version Probe
  270. scanner/rogue/rogue_recv                                               normal     Rogue Gateway Detection: Receiver
  271. scanner/rogue/rogue_send                                               normal     Rogue Gateway Detection: Sender
  272. scanner/rservices/rexec_login                                          normal     rexec Authentication Scanner
  273. scanner/rservices/rlogin_login                                         normal     rlogin Authentication Scanner
  274. scanner/rservices/rsh_login                                            normal     rsh Authentication Scanner
  275. scanner/sap/sap_mgmt_con_abaplog                                       normal     SAP Management Console ABAP syslog
  276. scanner/sap/sap_mgmt_con_brute_login                                   normal     SAP Management Console Brute Force
  277. scanner/sap/sap_mgmt_con_extractusers                                  normal     SAP Management Console Extract Users
  278. scanner/sap/sap_mgmt_con_getenv                                        normal     SAP Management Console getEnvironment
  279. scanner/sap/sap_mgmt_con_getlogfiles                                   normal     SAP Management Console Get Logfile
  280. scanner/sap/sap_mgmt_con_instanceproperties                            normal     SAP Management Console Instance Properties
  281. scanner/sap/sap_mgmt_con_listlogfiles                                  normal     SAP Management Console List Logfiles
  282. scanner/sap/sap_mgmt_con_startprofile                                  normal     SAP Management Console getStartProfile
  283. scanner/sap/sap_mgmt_con_version                                       normal     SAP Management Console Version Detection
  284. scanner/sap/sap_service_discovery                                      normal     SAP Service Discovery
  285. scanner/sip/enumerator                                                 normal     SIP Username Enumerator (UDP)
  286. scanner/sip/enumerator_tcp                                             normal     SIP Username Enumerator (TCP)
  287. scanner/sip/options                                                    normal     SIP Endpoint Scanner (UDP)
  288. scanner/sip/options_tcp                                                normal     SIP Endpoint Scanner (TCP)
  289. scanner/sip/sipdroid_ext_enum                                          normal     SIPDroid Extension Grabber
  290. scanner/smb/pipe_auditor                                               normal     SMB Session Pipe Auditor
  291. scanner/smb/pipe_dcerpc_auditor                                        normal     SMB Session Pipe DCERPC Auditor
  292. scanner/smb/smb2                                                       normal     SMB 2.0 Protocol Detection
  293. scanner/smb/smb_enumshares                                             normal     SMB Share Enumeration
  294. scanner/smb/smb_enumusers                                              normal     SMB User Enumeration (SAM EnumUsers)
  295. scanner/smb/smb_enumusers_domain                                       normal     SMB Domain User Enumeration
  296. scanner/smb/smb_login                                                  normal     SMB Login Check Scanner
  297. scanner/smb/smb_lookupsid                                              normal     SMB Local User Enumeration (LookupSid)
  298. scanner/smb/smb_version                                                normal     SMB Version Detection
  299. scanner/smtp/smtp_enum                                                 normal     SMTP User Enumeration Utility
  300. scanner/smtp/smtp_version                                              normal     SMTP Banner Grabber
  301. scanner/snmp/aix_version                                               normal     AIX SNMP Scanner Auxiliary Module
  302. scanner/snmp/cisco_config_tftp                                         normal     Cisco IOS SNMP Configuration Grabber (TFTP)
  303. scanner/snmp/cisco_upload_file                                         normal     Cisco IOS SNMP File Upload (TFTP)
  304. scanner/snmp/snmp_enum                                                 normal     SNMP Enumeration Module
  305. scanner/snmp/snmp_enumshares                                           normal     SNMP Windows SMB Share Enumeration
  306. scanner/snmp/snmp_enumusers                                            normal     SNMP Windows Username Enumeration
  307. scanner/snmp/snmp_login                                                normal     SNMP Community Scanner
  308. scanner/snmp/snmp_set                                                  normal     SNMP Set Module
  309. scanner/snmp/xerox_workcentre_enumusers                                normal     Xerox WorkCentre User Enumeration (SNMP)
  310. scanner/ssh/ssh_login                                                  normal     SSH Login Check Scanner
  311. scanner/ssh/ssh_login_pubkey                                           normal     SSH Public Key Login Scanner
  312. scanner/ssh/ssh_version                                                normal     SSH Version Scanner
  313. scanner/telephony/wardial                                              normal     Wardialer
  314. scanner/telnet/telnet_login                                            normal     Telnet Login Check Scanner
  315. scanner/telnet/telnet_version                                          normal     Telnet Service Banner Detection
  316. scanner/tftp/tftpbrute                                                 normal     TFTP Brute Forcer
  317. scanner/upnp/ssdp_msearch                                              normal     SSDP M-SEARCH Gateway Information Discovery
  318. scanner/vnc/vnc_login                                                  normal     VNC Authentication Scanner
  319. scanner/vnc/vnc_none_auth                                              normal     VNC Authentication None Detection
  320. scanner/vxworks/wdbrpc_bootline                                        normal     VxWorks WDB Agent Boot Parameter Scanner
  321. scanner/vxworks/wdbrpc_version                                         normal     VxWorks WDB Agent Version Scanner
  322. scanner/x11/open_x11                                                   normal     X11 No-Auth Scanner
  323. server/browser_autopwn                                                 normal     HTTP Client Automatic Exploiter
  324. server/capture/ftp                                                     normal     Authentication Capture: FTP
  325. server/capture/http                                                    normal     Authentication Capture: HTTP
  326. server/capture/http_ntlm                                               normal     HTTP Client MS Credential Catcher
  327. server/capture/imap                                                    normal     Authentication Capture: IMAP
  328. server/capture/pop3                                                    normal     Authentication Capture: POP3
  329. server/capture/smb                                                     normal     Authentication Capture: SMB
  330. server/capture/smtp                                                    normal     Authentication Capture: SMTP
  331. server/capture/telnet                                                  normal     Authentication Capture: Telnet
  332. server/dhcp                                                            normal     DHCP Server
  333. server/dns/spoofhelper                                                 normal     DNS Spoofing Helper Service
  334. server/fakedns                                                         normal     Fake DNS Service
  335. server/file_autopwn                                                    normal     File Format Exploit Generator
  336. server/ftp                                                             normal     FTP File Server
  337. server/pxexploit                                                       normal     PXE exploit server
  338. server/socks4a                                                         normal     Socks4a Proxy Server
  339. server/socks_unc                                                       normal     SOCKS Proxy UNC Path Redirection
  340. server/tftp                                                            normal     TFTP File Server
  341. sniffer/psnuffle                                                       normal     pSnuffle Packet Sniffer
  342. spoof/arp/arp_poisoning                               1999-12-22       normal     ARP Spoof
  343. spoof/dns/bailiwicked_domain                          2008-07-21       normal     DNS BailiWicked Domain Attack
  344. spoof/dns/bailiwicked_host                            2008-07-21       normal     DNS BailiWicked Host Attack
  345. spoof/dns/compare_results                             2008-07-21       normal     DNS Lookup Result Comparison
  346. spoof/nbns/nbns_response                                               normal     NetBIOS Name Service Spoofer
  347. spoof/replay/pcap_replay                                               normal     Pcap replay utility
  348. spoof/wifi/airpwn                                                      normal     Airpwn TCP hijack
  349. spoof/wifi/dnspwn                                                      normal     DNSpwn DNS hijack
  350. sqli/oracle/dbms_cdc_ipublish                         2008-10-22       normal     Oracle DB SQL Injection via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
  351. sqli/oracle/dbms_cdc_publish                          2008-10-22       normal     Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
  352. sqli/oracle/dbms_cdc_publish2                         2010-04-26       normal     Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE
  353. sqli/oracle/dbms_cdc_publish3                         2010-10-13       normal     Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
  354. sqli/oracle/dbms_export_extension                     2006-04-26       normal     Oracle DB SQL Injection via DBMS_EXPORT_EXTENSION
  355. sqli/oracle/dbms_metadata_get_granted_xml             2008-01-05       normal     Oracle DB SQL Injection via SYS.DBMS_METADATA.GET_GRANTED_XML
  356. sqli/oracle/dbms_metadata_get_xml                     2008-01-05       normal     Oracle DB SQL Injection via SYS.DBMS_METADATA.GET_XML
  357. sqli/oracle/dbms_metadata_open                        2008-01-05       normal     Oracle DB SQL Injection via SYS.DBMS_METADATA.OPEN
  358. sqli/oracle/droptable_trigger                         2009-01-13       normal     Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger
  359. sqli/oracle/jvm_os_code_10g                           2010-02-01       normal     Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution
  360. sqli/oracle/jvm_os_code_11g                           2010-02-01       normal     Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution
  361. sqli/oracle/lt_compressworkspace                      2008-10-13       normal     Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE
  362. sqli/oracle/lt_findricset_cursor                      2007-10-17       normal     Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method
  363. sqli/oracle/lt_mergeworkspace                         2008-10-22       normal     Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE
  364. sqli/oracle/lt_removeworkspace                        2008-10-13       normal     Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE
  365. sqli/oracle/lt_rollbackworkspace                      2009-05-04       normal     Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE
  366. voip/sip_invite_spoof
时间: 2024-09-29 00:41:49

Metasploit辅助模块的相关文章

metasploit使用模块

反弹的shell,这里介绍两种payload: Windows/meterpreter/reverse_tcp Windows/meterpreter/reverse_https windows/meterpreter/reverse_http 生成反弹后门: msfpayload windows/meterpreter/reverse_tcp lhost=192.168.1.1 lport=443 R | \msfencode –b ‘’ -t exe -o root/Desktop/sx.e

Metasploit 渗透测试魔鬼训练营读书笔记(连续更新一)

1.1 什么是渗透测试 1.1.1 渗透测试的起源与定义 如果大家对军事感兴趣,会知道各国军队每年都会组织一些军事演习来锻炼军队的攻防战术与作战能力.在信息科技的发源地--美国的军事演习中,将美军称为"蓝军",将假想敌称为"红军",而这种军事演习的方式也在20世纪90年代时,由美国军方与国家安全局引入到对信息网络与信息安全基础设施的实际攻防测试过程中.由一群受过职业训练的安全专家作为"红队"(Red Team),对接受测试的防御方"蓝队

20154309 【网络对抗技术】Exp5:MSF基础应用

20154309 [网络对抗技术]Exp5:MSF基础应用 一.原理与实践说明 1.实践内容 本实践目标是掌握metasploit的基本应用方式,掌握重点常用的三种攻击方式的思路.具体需要完成: · 一个主动攻击实践,如ms08-067; (1分) · 一个针对浏览器的攻击,如ms11-050:(1分) · 一个针对客户端的攻击,如Adobe:(1分) · 成功应用任何一个辅助模块.(0.5分) 以上四个小实践可不限于以上示例,并要求至少有一个是和其他所有同学不一样的,否则扣除0.5分. 2.预

metasploit模块字典爆破tomcat

祭出神器MSF 再用auxiliary/scanner/http/tomcat_mgr_login 这个辅助模块爆破下弱口令 这里就用模块自带的字典吧   然后简单配置下.RUN 需要自己定义字典的话,set看变量路径,然后show options ,然后下图 参考http://www.2cto.com/Article/201310/253205.html

metasploit快速入门

今天没上班,在小黑屋里看了一个一百多页的书<metasploit新手指南>,在此将笔记分享给大家.欢迎大家批评指正,共同学习进步.   metasploit新手指南 笔记 kali 0x01 metapoit基本文件结构如下: config metasploit的环境配置信息,数据库配置信息 data渗透后模块的一些工具及payload,第三方小工具集合,用户字典等数据信息 Db rails编译生成msf的web框架的数据库信息 Documentation 用户说明文档及开发文档 Extern

Metasploit渗透测试魔鬼训练营

首本中文原创Metasploit渗透测试著作,国内信息安全领域布道者和资深Metasploit渗透测试专家领衔撰写,极具权威性.以实践为导向,既详细讲解了Metasploit渗透测试的技术.流程.方法和技巧,又深刻阐释了渗透测试平台背后蕴含的思想. 本书是Metasploit渗透测试领域难得的经典佳作,由国内信息安全领域的资深Metasploit渗透测试专家领衔撰写.内容系统.广泛.有深度,不仅详细讲解了Metasploit渗透测试的技术.流程.方法和技巧,而且深刻揭示了渗透测试平台背后蕴含的思

Metasploit 学习

知识准备:CCNA/CCNP基础计算机知识框架:操作系统.汇编.数据库.网络.安全 木马.灰鸽子.口令破解.用后门拷贝电脑文件 渗透测试工程师 penetration test engineer <Metasploit渗透测试指南>肯尼<Metasploit渗透测试魔鬼训练营>诸葛建伟<网络攻防技术与实践><黑客大曝光> linux下使用Metasploit用NAT模式 工具:BT5: 操作系统,包含各种各校不同作者编写的黑客攻击(安全审计)工具,从渗透前期

Metasploit 笔记

一.名词解释 exploit 测试者利用它来攻击一个系统 ,程序,或服务,以获得开发者意料之外的结果 .常见的 有内存溢出,网站程序漏洞利用,配置错误 exploit. payload 我们想让被攻击系统执行的程序,如 reverse shell 可以从目标机器与测试者之间建立一 个反响连接,bind shell 绑定一个执行命令的通道至测试者的机器 .payload 也可以是只 能在目标机器上执行有限命令的程序. shellcode 是进行攻击时的一系列被当作 payload 的指令,通常在目

《metasploit渗透测试魔鬼训练营》学习笔记第四章—web应用渗透

继续来学习metasploit...记好笔记是很重要的,下面开始正文: 二.WEB应用渗透技术 1.WEB应用渗透基础知识 先介绍WEB应用攻击的主要类型(大致介绍,具体请自行查询) Sql注入攻击:大致分为 普通注入和盲注 跨站脚本(XSS): 分为存储型XSS,反射性XSS以及DOM型XSS 跨站伪造请求(CSRF):以XSS方式注入一段脚本,受害者点击该脚本时,脚本伪造受害者发出请求. 会话认证管理缺陷:验证身份的功能存在缺陷. 安全误配置:开发和管理人员的失误导致存在漏洞. 不安全密码存