MSF魔鬼训练营-3.5.4Nmap与渗透测试数据库

MSF中可以直接使用db_nmap，它是namp的一个封装与NMAP用法完全一致。其执行结果会自动导入至数据库中。

当然也可以在使用 nmap 的 -oX参数输出一个XML格式的文件。这可以是你在本机扫描的结果，也可以是别人分享给你的。

然后在msf中使用db_import命令导入到数据库中。

db_import能够识别多种扫描器的结果：

Acunetix、Amap、Appscan、Burp Session、Microsoft Baseline Security Analyze、Nessus、NetSparker、NeXpose、OpenVAS Report、Retina等等。

 

msf > db_nmap -sV -Pn 192.168.3.0/24

[*] Nmap: Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-21 21:11 CST

[*] Nmap: Nmap scan report for RT-AC54U.lan (192.168.3.1)

[*] Nmap: Host is up (0.0015s latency).

[*] Nmap: Not shown: 997 closed ports

[*] Nmap: PORT     STATE SERVICE VERSION

[*] Nmap: 22/tcp   open  ssh     Dropbear sshd 2016.73 (protocol 2.0)

[*] Nmap: 53/tcp   open  domain  dnsmasq 2.76

[*] Nmap: 8000/tcp open  http    Asus RT-AC54U WAP http config

[*] Nmap: MAC Address: CC:81:DA:38:A4:D9 (Shanghai Phicomm Communication)

[*] Nmap: Service Info: OS: Linux; Device: WAP; CPE: cpe:/o:linux:linux_kernel, cpe:/h:asus:rt-ac54u

[*] Nmap: Nmap scan report for DESKTOP-41OPH1D.lan (192.168.3.88)

[*] Nmap: Host is up (0.00063s latency).

[*] Nmap: Not shown: 998 filtered ports

[*] Nmap: PORT     STATE SERVICE VERSION

[*] Nmap: 80/tcp   open  http    Apache httpd 2.4.23 ((Win32) OpenSSL/1.0.2j PHP/5.4.45)

[*] Nmap: 3306/tcp open  mysql   MySQL (unauthorized)

[*] Nmap: MAC Address: 80:E6:50:15:C2:60 (Apple)

[*] Nmap: Nmap scan report for zhoupendeiPhone.lan (192.168.3.107)

[*] Nmap: Host is up (0.0059s latency).

[*] Nmap: Not shown: 999 closed ports

[*] Nmap: PORT      STATE SERVICE    VERSION

[*] Nmap: 62078/tcp open  tcpwrapped

[*] Nmap: MAC Address: F0:DB:E2:9B:02:B2 (Apple)

[*] Nmap: Nmap scan report for kali.lan (192.168.3.103)

[*] Nmap: Host is up (0.000013s latency).

[*] Nmap: All 1000 scanned ports on kali.lan (192.168.3.103) are closed

[*] Nmap: Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

[*] Nmap: Nmap done: 256 IP addresses (4 hosts up) scanned in 223.99 seconds