Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: autopawn

From: HD Moore <hdm () metasploit com>
Date: Wed, 23 Dec 2009 07:35:51 -0600
On 12/23/2009 7:09 AM, jojo 401 wrote:

what is the possibility of using autopawn to terget the internal network
machines, after adding the route. Is there any such functionality exists
in the metasploit. regards.



It is possible, but probably very reliable. The process would look like:

1) Compromise a machine on the target network with meterpreter
2) Add a route to the internal network through this SID
3) Use auxiliary/scanner/portscan/tcp to scan a few ports across the
internal range
4) Use db_autopwn and limit the target range (via -I) to the internal
network, cross-referencing by port. If the internal machines cant access
the attacking machine, use -b, otherwise -r.

-HD

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: