tomcat_administration
该“tomcat_administration”模块扫描一个IP地址范围,并找到Tomcat服务器管理面板和版本;
msf > use auxiliary/admin/http/tomcat_administration
msf auxiliary(tomcat_administration) > show options
Module options (auxiliary/admin/http/tomcat_administration):
Name Current Setting Required Description
---- --------------- -------- -----------
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RHOSTS yes The target address range or CIDR identifier
RPORT 8180 yes The target port (TCP)
SSL false no Negotiate SSL/TLS for outgoing connections
THREADS 1 yes The number of concurrent threads
TOMCAT_PASS no The password for the specified username
TOMCAT_USER no The username to authenticate as
VHOST no HTTP server virtual host
要配置模块,我们设置RHOSTS和THREADS值,并让它运行在默认端口上。
msf auxiliary(admin/http/tomcat_administration) > set rhosts 192.168.40.129
rhosts => 192.168.40.129
msf auxiliary(admin/http/tomcat_administration) > show options
Module options (auxiliary/admin/http/tomcat_administration):
Name Current Setting Required Description
---- --------------- -------- -----------
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RHOSTS 192.168.40.129 yes The target address range or CIDR identifier
RPORT 8180 yes The target port (TCP)
SSL false no Negotiate SSL/TLS for outgoing connections
THREADS 1 yes The number of concurrent threads
TOMCAT_PASS no The password for the specified username
TOMCAT_USER no The username to authenticate as
VHOST no HTTP server virtual host
msf auxiliary(admin/http/tomcat_administration) > run
[*] http://192.168.40.129:8180/admin [Apache-Coyote/1.1] [Apache Tomcat/5.5] [Tomcat Server Administration] [tomcat/tomcat]
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(admin/http/tomcat_administration) >