Kali linux 2016.2（Rolling）中metasploit的主机探测

不多说，直接上干货！

1、活跃主机扫描

root@kali:~# ping -c  202.193.58.13
PING 202.193.58.13 (202.193.58.13) () bytes of data.
 bytes from 202.193.58.13: icmp_seq= ttl= time=25.4 ms
From 202.193.58.69: icmp_seq= Redirect Network(New nexthop: 202.193.58.13)
 bytes from 202.193.58.13: icmp_seq= ttl= time=9.26 ms
From 202.193.58.69: icmp_seq= Redirect Network(New nexthop: 202.193.58.13)
 bytes from 202.193.58.13: icmp_seq= ttl= time=6.98 ms
From 202.193.58.69: icmp_seq= Redirect Network(New nexthop: 202.193.58.13)
 bytes from 202.193.58.13: icmp_seq= ttl= time=3.47 ms
From 202.193.58.69: icmp_seq= Redirect Network(New nexthop: 202.193.58.13)
 bytes from 202.193.58.13: icmp_seq= ttl= time=4.89 ms
 
--- 202.193.58.13 ping statistics ---
 packets transmitted,  received, % packet loss, time 4010ms
rtt min/avg/max/mdev = 3.476/10.010/25.439/7.959 ms
root@kali:~# 

当然，你也用下面这个

2、Metasploit的主机发现模块

　　arp_sweep模块便是一个ARP扫描器，如下所示。

arp_sweep使用ARP请求美剧本地局域网中的所有活跃主机

udp_sweep通过发送UDP数据包探查制定主机是否活跃，兵发现主机上的UDP服务

root@kali:~# msfconsole

....

msf > use auxiliary/scanner/discovery/arp_sweep
msf auxiliary(arp_sweep) > show options
 
Module options (auxiliary/scanner/discovery/arp_sweep):
 
   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   INTERFACE                   no        The name of the interface
   RHOSTS                      yes       The target address range or CIDR identifier
   SHOST                       no        Source IP Address
   SMAC                        no        Source MAC Address
   THREADS                    yes       The number of concurrent threads
   TIMEOUT                    yes       The number of seconds to wait for new data
 
msf auxiliary(arp_sweep) > 

　　设置好RHOSTS和THREADS参数后，输入run命令启动扫描器，如下图所示。

msf auxiliary(arp_sweep) > set RHOSTS 202.193.58.13/
RHOSTS => 202.193.58.13/
msf auxiliary(arp_sweep) > set THREADS
THREADS =>
msf auxiliary(arp_sweep) > run
 
[*] 202.193.58.7 appears to be up (UNKNOWN).
[*] 202.193.58.7 appears to be up (UNKNOWN).
[*] 202.193.58.9 appears to be up (UNKNOWN).
[*] 202.193.58.9 appears to be up (UNKNOWN).
[*] 202.193.58.11 appears to be up (UNKNOWN).
[*] 202.193.58.12 appears to be up (UNKNOWN).
[*] 202.193.58.13 appears to be up (UNKNOWN).
[*] 202.193.58.13 appears to be up (ASUSTek COMPUTER INC.).
[*] 202.193.58.14 appears to be up (UNKNOWN).
[*] 202.193.58.19 appears to be up (UNKNOWN).
[*] 202.193.58.20 appears to be up (ELITEGROUP COMPUTER SYSTEMS CO., LTD.).
[*] 202.193.58.23 appears to be up (UNKNOWN).
[*] 202.193.58.26 appears to be up (COMPAL INFORMATION(KUNSHAN)CO.,LTD).
[*] 202.193.58.33 appears to be up (UNKNOWN).
[*] 202.193.58.47 appears to be up (TP-LINK TECHNOLOGIES CO., LTD.).
[*] 202.193.58.48 appears to be up (UNKNOWN).
[*] 202.193.58.53 appears to be up (UNKNOWN).
[*] 202.193.58.55 appears to be up (UNKNOWN).
[*] 202.193.58.58 appears to be up (UNKNOWN).
[*] 202.193.58.60 appears to be up (D-Link International).
[*] 202.193.58.7 appears to be up (UNKNOWN).
[*] 202.193.58.69 appears to be up (COMPAL INFORMATION (KUNSHAN) CO., LTD).
[*] 202.193.58.73 appears to be up (ELITEGROUP COMPUTER SYSTEMS CO., LTD.).
[*] 202.193.58.76 appears to be up (UNKNOWN).
[*] 202.193.58.82 appears to be up (UNKNOWN).
[*] 202.193.58.83 appears to be up (Armorlink shanghai Co. Ltd).
[*] 202.193.58.85 appears to be up (QUANTA COMPUTER INC.).
[*] 202.193.58.7 appears to be up (UNKNOWN).
[*] 202.193.58.98 appears to be up (Advantech Technology (CHINA) Co., Ltd.).
[*] 202.193.59.254 appears to be up (FUJIAN STAR-NET COMMUNICATION CO.,LTD).
[*] 202.193.58.109 appears to be up (UNKNOWN).
[*] 202.193.58.111 appears to be up (UNKNOWN).
[*] 202.193.58.7 appears to be up (UNKNOWN).
[*] 202.193.58.148 appears to be up (UNKNOWN).
[*] 202.193.58.155 appears to be up (Jetway Information Co., Ltd.).
[*] 202.193.58.13 appears to be up (UNKNOWN).
[*] 202.193.58.162 appears to be up (UNKNOWN).
[*] 202.193.58.165 appears to be up (Tenda Technology Co., Ltd.).
[*] 202.193.58.171 appears to be up (UNKNOWN).
[*] 202.193.58.179 appears to be up (UNKNOWN).
[*] 202.193.58.180 appears to be up (Dell Inc).
[*] 202.193.58.13 appears to be up (UNKNOWN).
[*] 202.193.59.254 appears to be up (FUJIAN STAR-NET COMMUNICATION CO.,LTD).
[*] 202.193.58.197 appears to be up (UNKNOWN).
[*] 202.193.58.208 appears to be up (UNKNOWN).
[*] 202.193.58.215 appears to be up (Universal Global Scientific Industrial Co., Ltd.).
[*] 202.193.58.13 appears to be up (UNKNOWN).
[*] 202.193.58.220 appears to be up (UNKNOWN).
[*] 202.193.58.224 appears to be up (UNKNOWN).
[*] 202.193.58.230 appears to be up (ELITEGROUP COMPUTER SYSTEMS CO., LTD.).
[*] 202.193.58.231 appears to be up (UNKNOWN).
[*] 202.193.58.236 appears to be up (G-PRO COMPUTER).
[*] 202.193.58.242 appears to be up (UNKNOWN).
[*] Scanned  of  hosts (% complete)
[*] Auxiliary module execution completed
msf auxiliary(arp_sweep) > 

当然，大家可以用下面的