| Prochaine révision | Révision précédente |
| informatique:scanners_de_vulnerabilites [10/07/2021 13:44] – créée cyrille | informatique:scanners_de_vulnerabilites [10/07/2021 14:31] (Version actuelle) – [Metasploit framework] cyrille |
|---|
| On trouve des choses comme https://framagit.org/Cyrille37/fail2ban-tools#d%C3%A9tecter-httpd-scanner mais aussi https://github.com/sullo/nikto/issues/474. | On trouve des choses comme https://framagit.org/Cyrille37/fail2ban-tools#d%C3%A9tecter-httpd-scanner mais aussi https://github.com/sullo/nikto/issues/474. |
| |
| | ===== Metasploit framework ===== |
| | |
| | * https://github.com/rapid7/metasploit-framework/ |
| | |
| | * https://tools.kali.org/exploitation-tools/metasploit-framework |
| | |
| | ==== Run with docker ==== |
| | |
| | * https://github.com/rapid7/metasploit-framework/tree/master/docker |
| | |
| | Les fichiers de données sont dans ''/usr/src/metasploit-framework/data/''. |
| | |
| | Une fois msfconsole lancé: |
| | <code> |
| | msf6 auxiliary(scanner/ssh/ssh_version) > search ssh_version |
| | |
| | Matching Modules |
| | ================ |
| | |
| | # Name Disclosure Date Rank Check Description |
| | - ---- --------------- ---- ----- ----------- |
| | 0 auxiliary/fuzzers/ssh/ssh_version_15 normal No SSH 1.5 Version Fuzzer |
| | 1 auxiliary/fuzzers/ssh/ssh_version_2 normal No SSH 2.0 Version Fuzzer |
| | 2 auxiliary/fuzzers/ssh/ssh_version_corrupt normal No SSH Version Corruption |
| | 3 auxiliary/scanner/ssh/ssh_version normal No SSH Version Scanner |
| | |
| | |
| | Interact with a module by name or index. For example info 3, use 3 or use auxiliary/scanner/ssh/ssh_version |
| | |
| | msf6 auxiliary(scanner/ssh/ssh_version) > use auxiliary/scanner/ssh/ssh_version |
| | msf6 auxiliary(scanner/ssh/ssh_version) > show options |
| | |
| | Module options (auxiliary/scanner/ssh/ssh_version): |
| | |
| | Name Current Setting Required Description |
| | ---- --------------- -------- ----------- |
| | RHOSTS 146.59.178.83 yes The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>' |
| | RPORT 22 yes The target port (TCP) |
| | THREADS 1 yes The number of concurrent threads (max one per host) |
| | TIMEOUT 30 yes Timeout for the SSH probe |
| | |
| | msf6 auxiliary(scanner/ssh/ssh_version) > set RHOSTS 146.59.178.83 |
| | RHOSTS => 146.59.178.83 |
| | msf6 auxiliary(scanner/ssh/ssh_version) > run |
| | |
| | [+] 146.59.178.83:22 - SSH server version: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7 ( service.version=7.4p1 openssh.comment=Debian-10+deb9u7 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH service.cpe23=cpe:/a:openbsd:openssh:7.4p1 os.vendor=Debian os.family=Linux os.product=Linux os.version=9.0 os.cpe23=cpe:/o:debian:debian_linux:9.0 service.protocol=ssh fingerprint_db=ssh.banner ) |
| | [*] 146.59.178.83:22 - Scanned 1 of 1 hosts (100% complete) |
| | [*] Auxiliary module execution completed |
| | msf6 auxiliary(scanner/ssh/ssh_version) > |
| | </code> |
| |
