commit
899c2cc6fa
|
@ -0,0 +1,71 @@
|
|||
## Description
|
||||
|
||||
This module will enumerate open TCP services by performing a full TCP connect on each port. This will establish a complete three-way handshake (SYN -> SYN/ACK -> ACK) on the target port. This does not need administrative privileges on the source machine, which may be useful if pivoting.
|
||||
|
||||
## Vulnerable Application
|
||||
|
||||
Any reachable TCP endpoint is a potential target.
|
||||
|
||||
## Options
|
||||
|
||||
**PORTS**
|
||||
|
||||
This is the list of ports to test for TCP Scan on each host.
|
||||
Formats like `1-3`, `1,2,3`, `1,2-3`, etc. are all supported. Default
|
||||
options is to scan `1-10000` ports.
|
||||
|
||||
**ConnectTimeout**
|
||||
|
||||
This options states the maximum number of seconds to establish a tcp
|
||||
connection. Default value if `10`.
|
||||
|
||||
**VERBOSE**
|
||||
|
||||
Gives detailed message about the scan of all the ports. It also shows the
|
||||
ports that were closed.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Do: ```use auxiliary/scanner/portscan/tcp```
|
||||
2. Do: ```set RHOSTS [IP]```
|
||||
3. Do: ```set PORTS [PORTS]```
|
||||
4. Do: ```run```
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Metaspliotable 2
|
||||
|
||||
```
|
||||
msf > use auxiliary/scanner/portscan/tcp
|
||||
msf auxiliary(tcp) > set RHOSTS 192.168.45.159
|
||||
msf auxiliary(tcp) > set PORTS 1-10000
|
||||
msf auxiliary(tcp) > run
|
||||
[*] 192.168.45.159: - 192.168.45.159:25 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:21 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:23 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:22 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:53 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:80 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:111 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:139 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:445 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:513 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:514 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:512 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:1099 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:1524 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:2049 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:2121 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:3306 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:3632 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:5432 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:5900 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:6000 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:6667 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:6697 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:8009 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:8180 - TCP OPEN
|
||||
[*] 192.168.45.159: - 192.168.45.159:8787 - TCP OPEN
|
||||
[*] Scanned 1 of 1 hosts (100% complete)
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
Loading…
Reference in New Issue