Apache Enumeration
Lab Environment
In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at "victim-1".
Objective: Run the following auxiliary modules against the target (victim-1):
auxiliary/scanner/http/apache_userdir_enum
auxiliary/scanner/http/brute_dirs
auxiliary/scanner/http/dir_scanner
auxiliary/scanner/http/dir_listing
auxiliary/scanner/http/http_put
auxiliary/scanner/http/files_dir
auxiliary/scanner/http/http_login
auxiliary/scanner/http/http_header
auxiliary/scanner/http/http_version
auxiliary/scanner/http/robots_txt
Tools:
Metasploit Framework
Writeup
msfconsoleworkspace -a HTTP_SCANset RHOSTS victim-1auxiliary/scanner/http/apache_userdir_enum
use auxiliary/scanner/http/apache_userdir_enumrun
auxiliary/scanner/http/brute_dirs
use auxiliary/scanner/http/brute_dirsset PATH /usr/share/wordlists/dirb/common.txtrun
auxiliary/scanner/http/dir_scanner
use auxiliary/scanner/http/dir_scannerrun
auxiliary/scanner/http/dir_listing
use auxiliary/scanner/http/dir_listingrun
auxiliary/scanner/http/http_put
use auxiliary/scanner/http/http_putset PATH /data/set FILENAME test.txtset DATA "test"run
auxiliary/scanner/http/files_dir
use auxiliary/scanner/http/files_dirrun
auxiliary/scanner/http/http_login
use auxiliary/scanner/http/http_loginset AUTH_URI /secure/run
auxiliary/scanner/http/http_header
use auxiliary/scanner/http/http_headerrun
auxiliary/scanner/http/http_version
use auxiliary/scanner/http/http_versionrun
auxiliary/scanner/http/robots_txt
use auxiliary/scanner/http/robots_txtrun
Last updated