Metasploit 辅助模块:Admin HTTP

tomcat_administration

该“tomcat_administration”模块扫描一个IP地址范围,并找到Tomcat服务器管理面板和版本;

msf > use auxiliary/admin/http/tomcat_administration
msf auxiliary(tomcat_administration) > show options

Module options (auxiliary/admin/http/tomcat_administration):

   Name         Current Setting  Required  Description
   ----         ---------------  --------  -----------
   Proxies                       no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                        yes       The target address range or CIDR identifier
   RPORT        8180             yes       The target port (TCP)
   SSL          false            no        Negotiate SSL/TLS for outgoing connections
   THREADS      1                yes       The number of concurrent threads
   TOMCAT_PASS                   no        The password for the specified username
   TOMCAT_USER                   no        The username to authenticate as
   VHOST                         no        HTTP server virtual host

 

要配置模块,我们设置RHOSTS和THREADS值,并让它运行在默认端口上。

msf auxiliary(admin/http/tomcat_administration) > set rhosts 192.168.40.129
rhosts => 192.168.40.129
msf auxiliary(admin/http/tomcat_administration) > show options 

Module options (auxiliary/admin/http/tomcat_administration):

   Name         Current Setting  Required  Description
   ----         ---------------  --------  -----------
   Proxies                       no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS       192.168.40.129   yes       The target address range or CIDR identifier
   RPORT        8180             yes       The target port (TCP)
   SSL          false            no        Negotiate SSL/TLS for outgoing connections
   THREADS      1                yes       The number of concurrent threads
   TOMCAT_PASS                   no        The password for the specified username
   TOMCAT_USER                   no        The username to authenticate as
   VHOST                         no        HTTP server virtual host

msf auxiliary(admin/http/tomcat_administration) > run

[*] http://192.168.40.129:8180/admin [Apache-Coyote/1.1] [Apache Tomcat/5.5] [Tomcat Server Administration] [tomcat/tomcat]
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(admin/http/tomcat_administration) > 

 

tomcat_administration

    A+
发布日期:2018年06月13日  所属分类:Metasploit
最后修改时间:2018-06-13 20:22
评分: (1 票;平均数5.00 ;最高评分 5 ;用户总数1;总得分 5;百分比100.00)
付杰
PHP运行环境 Wamp Lamp Lnmp 安装、配置、搭建服务
PHP运行环境 Wamp Lamp Lnmp 安装、配置、搭建服务
  • ¥ 9.9元
  • 市场价:49.9元
服务器管理面板/主机控制面板“安装”服务
服务器管理面板/主机控制面板“安装”服务
  • ¥ 9.9元
  • 市场价:49.9元
SEO顾问服务 中小型网站 单站/最低99.9元 全方位优化
SEO顾问服务 中小型网站 单站/最低99.9元 全方位优化
  • ¥ 99.9元
  • 市场价:5000元
花牛苹果 甘肃天水 李宏恩家自种 1斤 包邮
花牛苹果 甘肃天水 李宏恩家自种 1斤 包邮
  • ¥ 6.8元
  • 市场价:8.8元

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: