上QQ阅读APP看书,第一时间看更新
How to do it...
Now that we are connected with our server, we can scan our target and generate reports. There are two scan commands supported by NeXpose. One is nexpose_scan and the other is nexpose_discover. The former will scan a range of IP addresses and import the results, whereas the latter will scan only to discover hosts and services running on them.
- Let's perform a quick scan on our target using NeXpose:
msf > nexpose_discover 192.168.216.10
[*] Scanning 1 addresses with template aggressive-discovery in sets of 32
[*] Completed the scan of 1 addresses
msf >
The nexpose_discover command launches a scan but only performs host and minimal service discovery.
- To display the help for the nexpose_scan command, we can use the -h option:
msf > nexpose_scan -h
Usage: nexpose_scan [options] <Target IP Ranges>
OPTIONS:
-E <opt> Exclude hosts in the specified range from the scan
-I <opt> Only scan systems with an address within the specified range
-P Leave the scan data on the server when it completes (this counts against the maximum licensed IPs)
-c <opt> Specify credentials to use against these targets (format is type:user:pass
-d Scan hosts based on the contents of the existing database
-h This help menu
-n <opt> The maximum number of IPs to scan at a time (default is 32)
...
msf >
- To scan our target, we will use the nexpose_scan command, the full-audit scan template:
msf > nexpose_scan -t full-audit 192.168.216.10
[*] Scanning 1 addresses with template full-audit in sets of 32
[*] Completed the scan of 1 addresses
msf >
- To import the scan results, we will use the nexpose_site_import command:
msf > nexpose_site_import 1
[*] Generating the export data file...
[*] Downloading the export data...
[*] Importing Nexpose data...
msf >
With the scan results imported into Metasploit, we can use the msfconsole database commands to display the hosts, services, and vulnerabilities found.