Metasploit Port Scanning
Port Scan is Often done by hackers and penetration tester to identifying and discovering internal services of target host. Port Scanning is an important action for gathering more information of the target host. Today, We will see how to use Metasploit to scan port. Metasploit is a free and open source popular Exploitation Framework. This Framework widely used by hackers and professional penetration tester. Let's see how we can use Metasploit for basic port scanning.
If you have Kali Linux then Metasploit already installed ! Or download from Rapid7 and install it.
Our Target: http://192.168.67.136/
Our First Module is auxiliary/scanner/portscan/syn
Now let's start scanning!
If you have Kali Linux then Metasploit already installed ! Or download from Rapid7 and install it.
Our Target: http://192.168.67.136/
Our First Module is auxiliary/scanner/portscan/syn
Now let's start scanning!
Simply we need to set RHOSTS which is 192.168.67.136 and Port Range 1-65535(Do you really want to scan all port? )Now let's start scanning!
msf > use auxiliary/scanner/portscan/syn
msf auxiliary(syn) > show options
Module options (auxiliary/scanner/portscan/syn):
Name Current Setting Required Description
---- --------------- -------- -----------
BATCHSIZE 256 yes The number of hosts to scan per set
INTERFACE no The name of the interface
PORTS 1-10000 yes Ports to scan (e.g. 22-25,80,110-900)
RHOSTS yes The target address range or CIDR identifier
SNAPLEN 65535 yes The number of bytes to capture
THREADS 1 yes The number of concurrent threads
TIMEOUT 500 yes The reply read timeout in milliseconds
msf auxiliary(syn) > set RHOSTS 192.168.67.136
RHOSTS => 192.168.67.136
msf auxiliary(syn) > set PORTS 80,3306,22,1337
PORTS => 80,3306,22,1337
msf auxiliary(syn) >
Now set interesting ports and execute "run" Command:
msf auxiliary(syn) > set PORTS 80,3306,22,1337,139
PORTS => 80,3306,22,1337,139
msf auxiliary(syn) > run
[*] TCP OPEN 192.168.67.136:22
[*] TCP OPEN 192.168.67.136:80
[*] TCP OPEN 192.168.67.136:139
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(syn) >
Now let's how auxiliary/scanner/portscan/tcp works:
msf auxiliary(tcp) > set RHOSTS 192.168.67.136
RHOSTS => 192.168.67.136
msf auxiliary(tcp) > set PORTS 80,3306,22,1337,139
PORTS => 80,3306,22,1337,139
msf auxiliary(tcp) > run
[*] 192.168.67.136:139 - TCP OPEN
[*] 192.168.67.136:22 - TCP OPEN
[*] 192.168.67.136:80 - TCP OPEN
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(tcp) >
Really Easy but nmap is best!
More Metasploit Tutorials Coming soon! :)