IS2C-DOJO Jogjakarta Importan information as version, services, port scaner and etc a
application is inside a attacker to begin searching and finding vulner on application. The
metasploit is applicarion framework community provide every all vulner and pacth application.
And modul to metaspolit attain hundreds vulner are avaible exploit and auxilary, axilary modul
prepare as smtp fuzzer, scanner port, finger user, brucforce password, ssh version corrupt and
more.
We can show all kinds modul auxilary :
root@hakaje:/opt/framework/msf3/modules/auxiliary# ls -l
total 64
drwxr-xr-x 31 root root 4096 2011-12-23 16:52 admin
drwxr-xr-x 3 root root 4096 2011-12-06 09:19 analyze
drwxr-xr-x 3 root root 4096 2011-12-06 09:19 bnat
drwxr-xr-x 4 root root 4096 2011-08-17 00:11 client
drwxr-xr-x 3 root root 4096 2011-12-06 09:19 crawler
drwxr-xr-x 21 root root 4096 2011-12-06 09:19 dos
drwxr-xr-x 11 root root 4096 2011-12-23 16:53 fuzzers
drwxr-xr-x 3 root root 4096 2011-12-23 16:53 gather
drwxr-xr-x 4 root root 4096 2011-08-17 00:11 pdf
drwxr-xr-x 43 root root 4096 2011-12-06 09:19 scanner
drwxr-xr-x 5 root root 4096 2011-12-23 16:53 server
drwxr-xr-x 3 root root 4096 2011-08-17 00:11 sniffer
drwxr-xr-x 9 root root 4096 2011-08-17 00:11 spoof
drwxr-xr-x 4 root root 4096 2011-08-17 00:11 sqli
drwxr-xr-x 3 root root 4096 2011-12-06 09:19 voip
drwxr-xr-x 6 root root 4096 2011-12-06 09:19 vsploit
root@hakaje:/opt/framework/msf3/modules/auxiliary#
And now iam will explain about auxliary and simple exploit used modul auxilary. Modul
auxilary have most varian as like we show above list modul. Now i will shown are below how to
know version ssh to other computer as the victim.
And the finish we just wait a long time minute to proses bruteforce password ssh login with type
command exploit: