Penetration Testing mailing list archives
Re: Thanks Alex and Jond -- metasploit and proxyport
From: H D Moore <sflist () digitaloffense net>
Date: Thu, 18 Oct 2007 11:10:48 -0500
On Wednesday 17 October 2007, James Kelly wrote:
I've re-read the docs for metasploit 4 and there is an option to set a "proxies" environmental variable. I have to dig deaper but it looks like metasploit 3 will do proxying transparently. I have to dig deeper though.
Metasploit 3 includes builtin proxy support for all TCP sockets created by exploit/auxiliary modules. The format is: msf> setg Proxies SOCKS4:127.0.0.1:1080 You can configure multiple proxies in a chain with commas: msf> setg Proxies SOCKS4:host1:1080,SOCKS4:host2:1080 A number of bugs were fixed in the Metasploit 3 proxy support after version 3.0 was released. I recommend that you use the development version instead and always use the latest version: $ svn co http://metasploit.com/svn/framework3/trunk/ msf3-trunk At this time, only SOCKS4 proxies are supported. We will be happy to add HTTP, SOCKS4A, SOCKS5 if there is any demand for it. Proxy support only works for connections initiated from the system running Metasploit -- if you configure a proxy, but route your connection through another exploited system (using the route command and meterpreter), then the proxy parameters will be simply be ignored. The following example routes a HTTP banner scan through TOR: msf > use auxiliary/scanner/http/version msf auxiliary(version) > msf auxiliary(version) > set RHOSTS 216.75.15.0/24 RHOSTS => 216.75.15.0/24 msf auxiliary(version) > set Proxies SOCKS4:127.0.0.1:2080 Proxies => SOCKS4:127.0.0.1:2080 msf auxiliary(version) > run [*] 216.75.15.3 is running Apache/2.2.0 (Linux/SUSE) [*] 216.75.15.4 is running Apache ( Powered by PHP/4.4.4-8+etch3 ) [*] 216.75.15.5 is running Apache/2.2.2 (Fedora) [*] 216.75.15.6 is running Microsoft-IIS/6.0 ( Powered by ASP.NET ) [*] 216.75.15.8 is running Apache [*] 216.75.15.9 is running Apache/2.0.53 (Linux/SUSE) [*] 216.75.15.14 is running Apache/2.0.53 (Linux/SUSE) [*] 216.75.15.16 is running Apache/2.0.53 (Linux/SUSE) [*] 216.75.15.17 is running Apache [*] 216.75.15.18 is running Apache/2.2.3 (Fedora) ( Powered by PHP/5.1.6 ) [*] 216.75.15.19 is running Apache/2.2.3 (Fedora) ( Fedora Default Page ) [*] Caught interrupt from the console... [*] Auxiliary module execution completed msf auxiliary(version) > -HD ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Thanks Alex and Jond -- metasploit and proxyport James Kelly (Oct 18)
- Re: Thanks Alex and Jond -- metasploit and proxyport Brett Cunningham (Oct 19)
- Re: Thanks Alex and Jond -- metasploit and proxyport H D Moore (Oct 19)
- Re: Thanks Alex and Jond -- metasploit and proxyport Alexander Bondarenko (Oct 19)