1) TCP SYN SCANNING IN METASPOLOIT:
We can check open tcp ports of our target by using following commands in Metasploit;
(msfconsole)
(use auxiliary/portscan/syn)
(show option)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4 -255)
(set THREADS + numbers of attacks) e.g. (set THREADS 50)
(run)
2) UDP PORT SCANNINGM IN METASPLOIT:
We can scan UDP ports of our target by using following commands in Metasploit;
(msfconsole)
(use auxiliary/scanner/discovery/udp_sweep /r)
(show option)
(set RHOSTS + network range of target /r) e.g. (set RHOSTS 192.168.8.4 - /r)
(set THREADS + numbers of attacks) e.g. (set THREADS 255 /r)
(run)
3) TO CHECK THE CERTIFICATE AGE OF TARGET NETWORK:
We can check by Metasploit that the certificate of any host has expired in a network. Run the following commands in Metasploit to check it;
(msfconsole)
(use auxiliary/scanner/http/cert)
(show option)
(set RHOSTS + network range of target) e.g. (set RHOSTS 192.168.8.4 /24)
(set THREADS + numbers of attacks) e.g. (set THREADS 254)
(run)
4) FINDING DIRECTORY LIST VULNERABILITY OF TARGET WEBSITE:
We can find the directory listing vulnerability in the network range of target website by using following commands;
(msfconsole)
(use auxiliary/scanner/http/dir_listing)
(show option)
(set RHOSTS + range of ips) e.g. (set RHOSTS 192.168.8.4 -255)
(set THREADS + numbers of attacks) e.g. (set THREADS 55)
(run)
5) TO FIND THE DIRECTORIES OR FOLDER OF TARGET WEBSITE WITH LINKS:
We can find the directories of target website by using Metasploit. Run the following commands in Metasploit;
(msfconsole)
(use auxiliary/scanner/http/dir_scanner)
(show option)
(set RHOSTS + ip of target web) e.g. (set RHOSTS 192.168.8.4)
(run)
6) FIND THE INTERSTING FILES OF TARGET, WITH LINKS:
We can find the interesting files of our target ip by using following commands in Metasploit;
(msfconsole)
(use auxiliary/scanner/http/files_dir)
(show option)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4)
(run)
7) FINDING THE OPEN PROXY SERVERS OF TARGET NETWORK:
We can find the open proxy servers of target network by using following commands in metasploit;
(msfconsole)
(use auxiliary/scanner/http/open_proxy)
(show option)
(set RHOSTS + range of ips) e.g. (set RHOSTS 192.168.8.4 200-210)
(set RPORT + port of target proxy) e.g. (set RPORT 8888)
(set THREADS + numbers of attacks) e.g. (set THREADS 11)
(run)
8) FINDING THE AVAILABLE OPTIONS OF TARGET NETWORK RANGE:
We can find the available options of target network range, to use them in our hacking, by metasploit by using following commands;
(msfconsole)
(use auxiliary/scanner/http/options)
(show option)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4)
(set THREADS + numbers of attacks) e.g. (set THREADS 11)
(run)
9) FINDING THE PATH AND CONTENT OF ROBOTS.TXT FILE OF TARGET:
We can find the presence of robots.txt file, its path and can see its content by using following commands in Metasploit;
(msfconsole)
(use auxiliary/scanner/http/robots_txt)
(show option)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4-120)
(set THREADS + numbers of attacks) e.g. (set THREADS 20)
(run)
10) FINDING THE HTTP VERSION OF TARGET:
We can find the version of http service of target by using following commands in metasploit;
(msfconsole)
(use auxiliary/scanner/http/http_version)
(show options)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4-24)
(set THREADS + numbers of attacks) e.g. (set THREADS 255)
(run)