Thursday, February 16, 2012

Import Hasil Nmap kedalam Metasploit

By kontraktor acp Thursday, February 16, 2012
Bila kita sering melakukan scanning terhadap satu jaringan yang sama, ada baik nya jika kita menyimpan hasil scanning tersebut untuk dapat digunakan untuk kegiatan penetrasi yang selanjutnya, jadi kita dapat terus melakukan penetrasi tanpa membuang waktu untuk melakukan proses scanning yang berulang-ulang dan hasil scanning tersebut dapat di Import kedalam Metasploit. Untuk meng Import hasil scanning kedalam Metasploit kita bisa menambahkan opsi -oX.

1. Lakukan Scanning terhadap jaringan dan disimpan menjadi file hasilscan.xml

root@gilakomputer:~# nmap -Pn -sS -A -oX hasilscan 192.168.0.0/24

2. Buka Metasploit dan import hasil scanning nmap menggunakan perintah db_import agar tersimpan didalam database. Untuk melihat apakah data yang kita Import berhasil gunakan perintah hosts berikut contohnya:

msf > db_import /root/hasilscan
[*] Importing 'Nmap XML' data
[*] Import: Parsing with 'Nokogiri v1.4.3.1'
[*] Importing host 192.168.0.1
[*] Importing host 192.168.0.100
[*] Importing host 192.168.0.102
[*] Successfully imported /root/hasilscan

msf > hosts

Hosts
=====

address        mac                name  os_name             os_flavor  os_sp  purpose  info  comments
-------        ---                ----  -------             ---------  -----  -------  ----  --------
192.168.0.1    B0:48:7A:E7:49:2E        Wind River VxWorks                    device         
192.168.0.100                           Linux               2.6.X             device         
192.168.0.102  00:19:21:1D:E9:C5        Microsoft Windows   XP                device         

msf > hosts -c address

Hosts
=====

address
-------
192.168.0.1
192.168.0.100
192.168.0.102

kontraktor acp

Author & Editor

Has laoreet percipitur ad. Vide interesset in mei, no his legimus verterem. Et nostrum imperdiet appellantur usu, mnesarchum referrentur id vim.

1 comments:

  1. Penetration TesterMarch 6, 2012 at 1:36 AM

    Download Free SecurityTube Metasploit Framework Expert DVD FREE Enjoy :D
    http://securitytube-training.com/certifications/securitytube-metasploit-framework-expert/?id=download

    >>>> A non-exhaustive list of topics to be taught includes <<<<

    * Metasploit Basics and Framework Organization

    * Server and Client Side Exploitation

    * Meterpreter – Extensions and Scripting

    * Database Integration and Automated Exploitation

    * Post Exploitation Kung-Fu – Exploring the system, Privilege escalation, Log deletion and AV / Firewall bypass

    * Token stealing and impersonation, Backdoors and Rootkits, Pivoting and Port forwarding, Railgun and Custom Scripting, Backdoor an Executable

    * Ruby Primer for Hackers

    * Writing Metasploit Modules – Auxiliary and Exploit

    * Exploit research with Metasploit- Buffer Overlows, SEH, DEP Bypass, Return Oriented Programming

    * Social Engineering Toolkit (SET) and Armitage

    * Scenario Based Hacking using Metasploit

    ReplyDelete

Silahkan meninggalkan pesan jika artikel diatas membantu anda,:)

Subscribe to: Post Comments (Atom)

 
biz.