Using Metasploit to Conduct NMAP Scans

/2 Comments/in /by

Using Metasploit and nmap together as been a useful technique for me during some of my engagements.  Below are the steps I take to implement that task.

  1. Start metasploit by issuing the following command:
    • msfconsole
  1. Verify the status of the database by issuing the following command:
    • db_status
  1. Run NMAP from inside msfconsole and save the output into the MetaSploit database.
    • db_nmap -v -sV host_or_network_to_scan
      • db_nmap -v -sV 192.168.1.1 (Single Host)
      • db_nmap -v -sV 192.168.1.0/24 (Network Range)
  1. To list all the remote hosts discovered during your nmap scan issue command:
    • Hosts
  1. To add the hosts to the list of remote targets issue command:
    • hosts –R
  1. To list all of the available targets issue command:
    • show targets
  1. You can search for exploits using the “search” keywords below:
    • search type:exploit
    • search CVE-XXXX-XXXX
    • search cve:2014
    • search name:wordpress

If you found this to be useful, please leave a comment.

Metaspolit – msfconsole help command output

/0 Comments/in /by

msf > help

Core Commands

=============

Command Description

——- ———–

? Help menu

banner Display an awesome metasploit banner

cd Change the current working directory

color Toggle color

connect Communicate with a host

exit Exit the console

get Gets the value of a context-specific variable

getg Gets the value of a global variable

grep Grep the output of another command

help Help menu

history Show command history

irb Drop into irb scripting mode

load Load a framework plugin

quit Exit the console

route Route traffic through a session

save Saves the active datastores

sessions Dump session listings and display information about sessions

set Sets a context-specific variable to a value

setg Sets a global variable to a value

sleep Do nothing for the specified number of seconds

spool Write console output into a file as well the screen

threads View and manipulate background threads

unload Unload a framework plugin

unset Unsets one or more context-specific variables

unsetg Unsets one or more global variables

version Show the framework and console library version numbers

Module Commands

===============

Command Description

——- ———–

advanced Displays advanced options for one or more modules

back Move back from the current context

edit Edit the current module or a file with the preferred editor

info Displays information about one or more modules

loadpath Searches for and loads modules from a path

options Displays global options or for one or more modules

popm Pops the latest module off the stack and makes it active

previous Sets the previously loaded module as the current module

pushm Pushes the active or list of modules onto the module stack

reload_all Reloads all modules from all defined module paths

reload_lib Reload one or more library files from specified paths

search Searches module names and descriptions

show Displays modules of a given type, or all modules

use Selects a module by name

Job Commands

============

Command Description

——- ———–

handler Start a payload handler as job

jobs Displays and manages jobs

kill Kill a job

rename_job Rename a job

Resource Script Commands

========================

Command Description

——- ———–

makerc Save commands entered since start to a file

resource Run the commands stored in a file

Database Backend Commands

=========================

Command Description

——- ———–

db_connect Connect to an existing database

db_disconnect Disconnect from the current database instance

db_export Export a file containing the contents of the database

db_import Import a scan result file (filetype will be auto-detected)

db_nmap Executes nmap and records the output automatically

db_rebuild_cache Rebuilds the database-stored module cache

db_status Show the current database status

hosts List all hosts in the database

loot List all loot in the database

notes List all notes in the database

services List all services in the database

vulns List all vulnerabilities in the database

workspace Switch between database workspaces

Credentials Backend Commands

============================

Command Description

——- ———–

creds List all credentials in the database

msf > help | more

Credentials Backend Commands

============================

Command Description

——- ———–

creds List all credentials in the database

Database Backend Commands

=========================

Command Description

——- ———–

db_connect Connect to an existing database

db_disconnect Disconnect from the current database instance

db_export Export a file containing the contents of the database

db_import Import a scan result file (filetype will be auto-detected)

db_nmap Executes nmap and records the output automatically

db_rebuild_cache Rebuilds the database-stored module cache

db_status Show the current database status

hosts List all hosts in the database

loot List all loot in the database

notes List all notes in the database

services List all services in the database

vulns List all vulnerabilities in the database

workspace Switch between database workspaces

Resource Script Commands

========================

Command Description

——- ———–

makerc Save commands entered since start to a file

resource Run the commands stored in a file

Job Commands

============

Command Description

——- ———–

handler Start a payload handler as job

jobs Displays and manages jobs

kill Kill a job

rename_job Rename a job

Module Commands

===============

Command Description

——- ———–

advanced Displays advanced options for one or more modules

back Move back from the current context

edit Edit the current module or a file with the preferred editor

info Displays information about one or more modules

loadpath Searches for and loads modules from a path

options Displays global options or for one or more modules

popm Pops the latest module off the stack and makes it active

previous Sets the previously loaded module as the current module

pushm Pushes the active or list of modules onto the module stack

reload_all Reloads all modules from all defined module paths

reload_lib Reload one or more library files from specified paths

search Searches module names and descriptions

show Displays modules of a given type, or all modules

use Selects a module by name

Core Commands

=============

Command Description

——- ———–

? Help menu

banner Display an awesome metasploit banner

cd Change the current working directory

color Toggle color

connect Communicate with a host

exit Exit the console

get Gets the value of a context-specific variable

getg Gets the value of a global variable

grep Grep the output of another command

help Help menu

history Show command history

irb Drop into irb scripting mode

load Load a framework plugin

quit Exit the console

route Route traffic through a session

save Saves the active datastores

sessions Dump session listings and display information about sessions

set Sets a context-specific variable to a value

setg Sets a global variable to a value

sleep Do nothing for the specified number of seconds

spool Write console output into a file as well the screen

threads View and manipulate background threads

unload Unload a framework plugin

unset Unsets one or more context-specific variables

unsetg Unsets one or more global variables

version Show the framework and console library version numbers

msf >

Wireshark Security Advisory

/0 Comments/in /by 
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4217-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 03, 2018                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wireshark
CVE ID         : CVE-2018-9273 CVE-2018-7320 CVE-2018-7334 CVE-2018-7335 
                 CVE-2018-7419 CVE-2018-9261 CVE-2018-9264 CVE-2018-11358 
                 CVE-2018-11360 CVE-2018-11362

It was discovered that Wireshark, a network protocol analyzer, contained
several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC,
IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial
of service or the execution of arbitrary code.

For the oldstable distribution (jessie), these problems have been fixed
in version 1.12.1+g01b65bf-4+deb8u14.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.6+g32dac6a-2+deb9u3.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Linux Commands – Run .bin file in Linux / UNIX

/0 Comments/in , /by

Run .bin file in Linux / UNIX

Change the permission of the file you downloaded to be executable by typing the following command:

$ chmod +x file.bin

Start the installation process or run .bin file by typing the following command:

$ sudo ./file.bin

For example if .bin file name is program.bin. Then type the following commands:
$ chmod +x program.bin
$ sudo ./program.bin

 

 

Internet Safety Tips for Kids & Teens

/1 Comment/in , /by

Internet Safety Tips for Kids & Teens

  • Personal Information. Don’t give out personal information without your parents’ permission. This means you should not share your last name, home address, school name, or telephone number. Remember, just because someone asks for information about you does not mean you have to tell them anything about yourself!
  • Screen Name. When creating your screen name, do not include personal information like your last name or date of birth.
  • Passwords. Don’t share your password with anyone but your parents. When you use a public computer make sure you logout of the accounts you’ve accessed before leaving the terminal.
  • Photos. Don’t post photos or videos online without getting your parents’ permission.
  • Online Friends. Don’t agree to meet an online friend unless you have your parents’ permission. Unfortunately, sometimes people pretend to be people they aren’t. Remember that not everything you read online is true.
  • Online Ads. Don’t buy anything online without talking to your parents first. Some ads may try to trick you by offering free things or telling you that you have won something as a way of collecting your personal information.
  • Downloading. Talk to your parents before you open an email attachment or download software. Attachments sometimes contain viruses. Never open an attachment from someone you don’t know.
  • Bullying. Don’t send or respond to mean or insulting messages. Tell your parents if you receive one. If something happens online that makes you feel uncomfortable, talk to your parents or to a teacher at school.
  • Social Networking. Many social networking websites (e.g., Facebook, Twitter, Second Life and MySpace) and blog hosting websites have minimum age requirements to signup. These requirements are there to protect you!
  • Research. Talk to your librarian, teacher or parent about safe and accurate websites for research. The public library offers lots of resources. If you use online information in a school project make sure you explain where you got the information.

For more tips, please see the following: https://securityorb.com/is4k/