Updated documentation with db_driver command
git-svn-id: file:///home/svn/framework3/trunk@6446 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
1b205ee0ee
commit
4646249e2e
|
@ -88,8 +88,8 @@ Reporting key concepts:
|
|||
+ Every report entry has a parent_id the top parent_id is 0 and only used
|
||||
to create a report entry (this allows for the storage of multiple reports).
|
||||
+ The report table is basically a type,name,value database.
|
||||
+ This schema allows the storage of data/vulnerabilities with any
|
||||
classification/naming convention. (very useful to store vulnerabilities
|
||||
+ This schema allows the storage of data/vulnerabilities with any
|
||||
classification/naming convention. (very useful to store vulnerabilities
|
||||
discovered in year 2060).
|
||||
|
||||
So how it works:
|
||||
|
@ -125,19 +125,20 @@ Reporting key concepts:
|
|||
end
|
||||
|
||||
|
||||
If you are connected to a database (db_connect) then reporting is active
|
||||
and every module executed will store its results for reporting. Even if
|
||||
you define a RHOSTS range then the results auto-magically will be organized
|
||||
per host,port as wmap_base_report_id() returns the last available report
|
||||
If you are connected to a database (db_connect) then reporting is active
|
||||
and every module executed will store its results for reporting. Even if
|
||||
you define a RHOSTS range then the results auto-magically will be organized
|
||||
per host,port as wmap_base_report_id() returns the last available report
|
||||
for the specified host,port,ssl target.
|
||||
|
||||
Anything can be represented and reported and other modules will have access
|
||||
Anything can be represented and reported and other modules will have access
|
||||
to this information to do whatever they want.
|
||||
|
||||
To view available reports use the 'wmap_reports' command:
|
||||
|
||||
msf > load db_sqlite3
|
||||
[*] Successfully loaded plugin: db_sqlite3
|
||||
msf > db_driver
|
||||
[*] Active Driver: sqlite3
|
||||
[*] Available: sqlite3, mysql
|
||||
msf > load db_wmap
|
||||
[*] =[ WMAP v0.3 - ET LoWNOISE
|
||||
[*] Successfully loaded plugin: db_wmap
|
||||
|
@ -188,7 +189,7 @@ The following are the basic steps for testing a web server/app using WMAP:
|
|||
3. Browse the target by running your favorite spider/crawler/browser etc.
|
||||
NOTE: Dont forget to configure the proxy;
|
||||
|
||||
4. In Metasploit load the db_<database> plugin;
|
||||
4. In Metasploit select sqlite3 using the db_driver command;
|
||||
|
||||
$ ./msfconsole
|
||||
|
||||
|
@ -204,7 +205,9 @@ The following are the basic steps for testing a web server/app using WMAP:
|
|||
+ -- --=[ 20 encoders - 6 nops
|
||||
=[ 74 aux
|
||||
|
||||
msf > load db_sqlite3
|
||||
msf > load db_driver
|
||||
[*] Active Driver: sqlite3
|
||||
[*] Available: sqlite3, mysql
|
||||
msf > load db_wmap
|
||||
[*] =[ WMAP v0.3 - ET LoWNOISE
|
||||
[*] Successfully loaded plugin: db_wmap
|
||||
|
@ -275,30 +278,30 @@ The following are the basic steps for testing a web server/app using WMAP:
|
|||
this can be done with the 'setg' command.
|
||||
|
||||
Example:
|
||||
|
||||
msf > setg VHOST www.targetco.com
|
||||
VHOST => www.targetco.com
|
||||
|
||||
msf > setg VHOST www.targetco.com
|
||||
VHOST => www.targetco.com
|
||||
|
||||
msf > setg DOMAIN targetco.com
|
||||
DOMAIN => targetco.com
|
||||
|
||||
msf > setg EXT .asp
|
||||
EXT => .asp
|
||||
|
||||
msf > setg WMAP_EXCLUDE_FILE <regex_to_exclude_testing_files>
|
||||
|
||||
EXT => .asp
|
||||
|
||||
msf > setg WMAP_EXCLUDE_FILE <regex_to_exclude_testing_files>
|
||||
|
||||
NOTE: By default image files are not included in the tests.
|
||||
|
||||
11. Test the target;
|
||||
|
||||
msf > wmap_run -e
|
||||
|
||||
NOTE: If required profiles can be defined in the following way:
|
||||
|
||||
wmap_run -e path/to/profile/file
|
||||
|
||||
The profile file contains the list of modules to execute.
|
||||
See data/wmap/wmap_sample.profile for a sample.
|
||||
msf > wmap_run -e
|
||||
|
||||
NOTE: If required profiles can be defined in the following way:
|
||||
|
||||
wmap_run -e path/to/profile/file
|
||||
|
||||
The profile file contains the list of modules to execute.
|
||||
See data/wmap/wmap_sample.profile for a sample.
|
||||
|
||||
[*] Launching auxiliary/scanner/http/wmap_vhost_scanner WMAP_SERVER against
|
||||
www.target.com:80
|
||||
|
|
Loading…
Reference in New Issue