本文簡單介紹如何使用Metasploit從文件中讀取目標地址，來執行檢測。

　　以檢測MS17-010漏洞為例，在設定RHOSTS參數時，可設定目標地址范圍和CIDR地址塊，設定單個IP的目標也是可以的。

　　參考：Metasploit set rhosts file

msf > use auxiliary/scanner/smb/smb_ms17_010 msf auxiliary(smb_ms17_010) > show optionsModule options (auxiliary/scanner/smb/smb_ms17_010):Name Current Setting Required Description---- --------------- -------- -----------CHECK_DOPU true yes Check for DOUBLEPULSAR on vulnerable hostsRHOSTS yes The target address range or CIDR identifierRPORT 445 yes The SMB service port (TCP)SMBDomain . no The Windows domain to use for authenticationSMBPass no The password for the specified usernameSMBUser no The username to authenticate asTHREADS 1 yes The number of concurrent threads

　　但如何設定從文件中讀取目標地址呢？

　　其實可以使用file指定讀取的目標文件...如下：

msf auxiliary(smb_ms17_010) > set rhosts file:/root/pentest/10-all.txt # 設置讀取的文件 rhosts => file:/root/pentest/10-all.txt msf auxiliary(smb_ms17_010) > show optionsModule options (auxiliary/scanner/smb/smb_ms17_010):Name Current Setting Required Description---- --------------- -------- -----------CHECK_DOPU true yes Check for DOUBLEPULSAR on vulnerable hostsRHOSTS file:/root/pentest/10-all.txt yes The target address range or CIDR identifierRPORT 445 yes The SMB service port (TCP)SMBDomain . no The Windows domain to use for authenticationSMBPass no The password for the specified usernameSMBUser no The username to authenticate asTHREADS 1 yes The number of concurrent threadsmsf auxiliary(smb_ms17_010) > set threads 10 threads => 10 msf auxiliary(smb_ms17_010) > show optionsModule options (auxiliary/scanner/smb/smb_ms17_010):Name Current Setting Required Description---- --------------- -------- -----------CHECK_DOPU true yes Check for DOUBLEPULSAR on vulnerable hostsRHOSTS file:/root/pentest/10-all.txt yes The target address range or CIDR identifierRPORT 445 yes The SMB service port (TCP)SMBDomain . no The Windows domain to use for authenticationSMBPass no The password for the specified usernameSMBUser no The username to authenticate asTHREADS 10 yes The number of concurrent threads

　　設置完成之后，就可以執行掃描了。

msf auxiliary(smb_ms17_010) > spool ms17-010.txt # 輸出記錄寫入到文件 [*] Spooling to file ms17-010.txt... msf auxiliary(smb_ms17_010) > exploit # 執行檢測[-] 10.0.0.17:445 - An SMB Login Error occurred while connecting to the IPC$ tree. [-] 10.0.0.13:445 - Host does NOT appear vulnerable. [-] 10.0.0.14:445 - Host does NOT appear vulnerable. [-] 10.0.0.2:445 - Host does NOT appear vulnerable. [-] 10.0.0.11:445 - Host does NOT appear vulnerable.[-] 10.2.2.25:445 - Host does NOT appear vulnerable. [-] 10.2.3.160:445 - Host does NOT appear vulnerable. [-] 10.2.3.162:445 - Host does NOT appear vulnerable. [-] 10.5.0.2:445 - An SMB Login Error occurred while connecting to the IPC$ tree. [-] 10.5.0.11:445 - Host does NOT appear vulnerable. [-] 10.5.0.13:445 - Host does NOT appear vulnerable. [-] 10.5.0.24:445 - Host does NOT appear vulnerable. [+] 10.5.0.25:445 - Host is likely VULNERABLE to MS17-010! (Windows Server 2012 R2 Standard 9600)

　　掃描結束之后，使用spool off，即可停止記錄。

　　ms17-010.txt文件中將會保存所有的檢測記錄。

轉載于:https://www.cnblogs.com/Hi-blog/p/Metasploit-Read-Target-from-File.html

與50位技術專家面對面20年技術見證，附贈技術全景圖

總結

以上是生活随笔為你收集整理的Metasploit从文件中读取目标地址的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。