Created
March 28, 2012 17:00
-
-
Save todb-r7/2228215 to your computer and use it in GitHub Desktop.
Proxy patch busts all of http
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
=[ metasploit v4.3.0-dev [core:4.3 api:1.0] | |
+ -- --=[ 819 exploits - 461 auxiliary - 144 post | |
+ -- --=[ 249 payloads - 27 encoders - 8 nops | |
msf > use auxiliary/scanner/http/crawler | |
msf auxiliary(crawler) > show options | |
Module options (auxiliary/scanner/http/crawler): | |
Name Current Setting Required Description | |
---- --------------- -------- ----------- | |
MAX_MINUTES 5 yes The maximum number of minutes to spend on each URL | |
MAX_PAGES 500 yes The maximum number of pages to crawl per URL | |
MAX_THREADS 4 yes The maximum number of concurrent requests | |
Proxies no Use a proxy chain | |
RHOST yes The target address | |
RPORT 80 yes The target port | |
URI / yes The starting page to crawl | |
VHOST no HTTP server virtual host | |
msf auxiliary(crawler) > set rhost 173.255.206.36 | |
rhost => 173.255.206.36 | |
msf auxiliary(crawler) > set vhost www.packetfu.com | |
vhost => www.packetfu.com | |
msf auxiliary(crawler) > run | |
[*] Crawling http://www.packetfu.com:80/... | |
[*] [00001/00500] 200 - www.packetfu.com - http://www.packetfu.com/ | |
[*] [00002/00500] 200 - www.packetfu.com - http://www.packetfu.com/todb-metasploit-packetfu-public-key.asc | |
[*] [00003/00500] 200 - www.packetfu.com - http://www.packetfu.com/todb/resume.html | |
[*] [00004/00500] 200 - www.packetfu.com - http://www.packetfu.com/wp/snacktime.html | |
[*] [00005/00500] 301 - www.packetfu.com - http://www.packetfu.com/todb -> http://www.packetfu.com/todb/ | |
[*] [00006/00500] 200 - www.packetfu.com - http://www.packetfu.com/todb/ | |
[*] [00007/00500] 301 - www.packetfu.com - http://www.packetfu.com/wp -> http://www.packetfu.com/wp/ | |
[+] [00008/00500] 403 - www.packetfu.com - http://www.packetfu.com/wp/ | |
[*] Crawl of http://www.packetfu.com:80/ complete | |
[*] Auxiliary module execution completed | |
msf auxiliary(crawler) > exit | |
(master) mazikeen:./metasploit-framework$ git merge matugm-proxy-patch | |
Updating ddc954a..f7ed39e | |
Fast-forward | |
lib/rex/proto/http/client.rb | 4 ++++ | |
lib/rex/socket/comm/local.rb | 3 ++- | |
modules/auxiliary/scanner/http/http_put.rb | 2 +- | |
3 files changed, 7 insertions(+), 2 deletions(-) | |
(master) mazikeen:./metasploit-framework$ ./msfconsole -L | |
, , | |
/ \ | |
((__---,,,---__)) | |
(_) O O (_)_________ | |
\ _ / |\ | |
o_o \ M S F | \ | |
\ _____ | * | |
||| WW||| | |
||| ||| | |
=[ metasploit v4.3.0-dev [core:4.3 api:1.0] | |
+ -- --=[ 819 exploits - 461 auxiliary - 144 post | |
+ -- --=[ 249 payloads - 27 encoders - 8 nops | |
msf > use auxiliary/scanner/http/crawler | |
msf auxiliary(crawler) > show options | |
Module options (auxiliary/scanner/http/crawler): | |
Name Current Setting Required Description | |
---- --------------- -------- ----------- | |
MAX_MINUTES 5 yes The maximum number of minutes to spend on each URL | |
MAX_PAGES 500 yes The maximum number of pages to crawl per URL | |
MAX_THREADS 4 yes The maximum number of concurrent requests | |
Proxies no Use a proxy chain | |
RHOST yes The target address | |
RPORT 80 yes The target port | |
URI / yes The starting page to crawl | |
VHOST no HTTP server virtual host | |
msf auxiliary(crawler) > set rhost 173.255.206.36 | |
rhost => 173.255.206.36 | |
msf auxiliary(crawler) > set vhost www.packetfu.com | |
vhost => www.packetfu.com | |
msf auxiliary(crawler) > run | |
[*] Crawling http://www.packetfu.com:80/... | |
[-] [00001/00500] ERR - www.packetfu.com - http://www.packetfu.com/ | |
[*] Crawl of http://www.packetfu.com:80/ complete | |
[*] Auxiliary module execution completed | |
msf auxiliary(crawler) > exit | |
(master) mazikeen:./metasploit-framework$ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment