zenmap을 통해 포트스캔된 정보를 metasploit에서 읽어 들이기

- 사용 시스템

Kali Linux

Metasploitable V2 Linux

- 필요성

msf> db_nmap CMD 출력 내용은 postgresql DB에 저장이 된다. 

# name CMD 출력 내용은 모니터에 출력된다. 

# nmap CMD 출력 내용은 postgresql DB에 저장하고 싶다.

- nmap CMD 출력 내용 -> 파일 저장 ( scan.xml ) > DB 저장 ( msf>db_import < file > )

- nmap 프로그램을 통해 공격하려고 하는 시스템의 포트 스캔 과정을 거치고 파일로 저장

( Kali )

# zenmap &

> scan1.xml  파일로 저장 후 종료

- MSF console 접속후 저장된 파일 import 

# msfconsole 

.... 중략.... msf > help db_import Usage: db_import <filename> [file2...] Filenames can be globs like *.xml, or **/*.xml which will search recursively Currently supported file types include: ..... 중략..... msf > db_import /root/scan1.xml [*] Importing 'Nmap XML' data [*] Import: Parsing with 'Nokogiri v1.7.1' [*] Importing host 192.168.17.134 [*] Successfully imported /root/scan1.xml msf > hosts Hosts ===== address         mac                name  os_name  os_flavor  os_sp  purpose  info  comments -------         ---                ----  -------  ---------  -----  -------  ----  -------- 192.168.17.134  00:0c:29:fa:dd:2a        Linux               2.6.X  server          msf > services ...... msf > notes ...... msf > search portscan Matching Modules ================    Name                                              Disclosure Date  Rank    Description    ----                                              ---------------  ----    -----------    auxiliary/scanner/http/wordpress_pingback_access                   normal  Wordpress Pingback Locator    auxiliary/scanner/natpmp/natpmp_portscan                           normal  NAT-PMP External Port Scanner    auxiliary/scanner/portscan/ack                                     normal  TCP ACK Firewall Scanner    auxiliary/scanner/portscan/ftpbounce                               normal  FTP Bounce Port Scanner    auxiliary/scanner/portscan/syn                                     normal  TCP SYN Port Scanner    auxiliary/scanner/portscan/tcp                                     normal  TCP Port Scanner    auxiliary/scanner/portscan/xmas                                    normal  TCP "XMas" Port Scanner    auxiliary/scanner/sap/sap_router_portscanner                       normal  SAPRouter Port Scanner msf > use auxiliary/scanner/portscan/syn   msf auxiliary(syn) > show options Module options (auxiliary/scanner/portscan/syn):    Name       Current Setting  Required  Description    ----       ---------------  --------  -----------    BATCHSIZE  256              yes       The number of hosts to scan per set    DELAY      0                yes       The delay between connections, per thread, in milliseconds    INTERFACE                   no        The name of the interface    JITTER     0                yes       The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.    PORTS      1-10000          yes       Ports to scan (e.g. 22-25,80,110-900)    RHOSTS                      yes       The target address range or CIDR identifier    SNAPLEN    65535            yes       The number of bytes to capture    THREADS    1                yes       The number of concurrent threads    TIMEOUT    500              yes       The reply read timeout in milliseconds msf auxiliary(syn) > set POSRTS 1-500 POSRTS => 1-500 msf auxiliary(syn) > set RHOSTS 192.168.17.134 RHOSTS => 192.168.17.134 msf auxiliary(syn) > run [*]  TCP OPEN 192.168.17.134:21 [*]  TCP OPEN 192.168.17.134:22 [*]  TCP OPEN 192.168.17.134:23 [*]  TCP OPEN 192.168.17.134:25 [*]  TCP OPEN 192.168.17.134:53 [*]  TCP OPEN 192.168.17.134:80 [*]  TCP OPEN 192.168.17.134:139 [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed