root@kali:~# service postgresql start
[ ok ] Starting PostgreSQL 9.1 database server: main.
修改postgresql密码为toor:
1
2
3
root@kali:~# sudo -u postgres psql postgres
postgres=# alter user postgres with password 'toor';
ALTER ROLE
启动msf:
1
root@kali:~# msfconsole
使用msf链接到postgresql:
msf > db_nmap -sS -A 192.168.119.132 Nmap: Starting Nmap 6.25 ( http://nmap.org ) at 2014-07-12 10:42 EDT Nmap: Nmap scan report for 192.168.119.132 Nmap: Host is up (0.00051s latency). Nmap: Not shown: 993 closed ports Nmap: PORT STATE SERVICE VERSION Nmap: 80/tcp open http Apache httpd 2.2.21 ((Win32) PHP/5.3.10) Nmap: |_http-methods: No Allow or Public header in OPTIONS response (status code 403) Nmap: |_http-title: 403 Forbidden Nmap: 135/tcp open msrpc Microsoft Windows RPC Nmap: 139/tcp open netbios-ssn Nmap: 1433/tcp open ms-sql-s Microsoft SQL Server 2005 9.00.1399.00; RTM Nmap: 2383/tcp open ms-olap4? Nmap: 3306/tcp open mysql MySQL (unauthorized) Nmap: 3389/tcp open ms-wbt-server Microsoft Terminal Service Nmap: MAC Address: 00:0C:29:5D:F3:E7 (VMware) Nmap: No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ). Nmap: TCP/IP fingerprint: Nmap: OS:SCAN(V=6.25%E=4%D=7/12%OT=80%CT=1%CU=32534%PV=Y%DS=1%DC=D%G=Y%M=000C29%T Nmap: OS:M=53C14991%P=i686-pc-linux-gnu)SEQ(SP=108%GCD=1%ISR=10D%TI=I%CI=I%II=I%S Nmap: OS:S=S%TS=0)OPS(O1=M5B4NW3NNT00NNS%O2=M5B4NW3NNT00NNS%O3=M5B4NW3NNT00%O4=M5 Nmap: OS:B4NW3NNT00NNS%O5=M5B4NW3NNT00NNS%O6=M5B4NNT00NNS)WIN(W1=FFFF%W2=FFFF%W3= Nmap: OS:FFFF%W4=FFFF%W5=FFFF%W6=FFFF)ECN(R=Y%DF=N%T=40%W=FFFF%O=M5B4NW3NNS%CC=N% Nmap: OS=)T1(R=Y%DF=N%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=Y%DF=N%T=40%W=0%S=Z%A=S%F Nmap: OS:=AR%O=%RD=0%Q=)T3(R=Y%DF=N%T=40%W=FFFF%S=O%A=S+%F=AS%O=M5B4NW3NNT00NNS%R Nmap: OS=0%Q=)T4(R=Y%DF=N%T=40%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0% Nmap: OS:S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=N%T=40%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T7( Nmap: OS:R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=B0%UN=0% Nmap: OS:RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=S%T=40%CD=Z) Nmap: Network Distance: 1 hop Nmap: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows Nmap: Host script results: Nmap: | ms-sql-info: Nmap: | [192.168.119.132:1433] Nmap: | Version: Microsoft SQL Server 2005 RTM Nmap: | Version number: 9.00.1399.00 Nmap: | Product: Microsoft SQL Server 2005 Nmap: | Service pack level: RTM Nmap: | Post-SP patches applied: No Nmap: |_ TCP port: 1433 Nmap: |_nbstat: NetBIOS name: PC-201403241103, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:5d:f3:e7 (VMware) Nmap: | smb-os-discovery: Nmap: | OS: Windows XP (Windows 2000 LAN Manager) Nmap: | OS CPE: cpe:/o:microsoft:windows_xp::- Nmap: | Computer name: PC-201403241103 Nmap: | NetBIOS computer name: PC-201403241103 Nmap: | Workgroup: WORKGROUP Nmap: |_ System time: 2014-07-12T22:43:29+08:00 Nmap: | smb-security-mode: Nmap: | Account that was used for smb scripts: guest Nmap: | User-level authentication Nmap: | SMB Security: Challenge/response passwords supported Nmap: |_ Message signing disabled (dangerous, but default) Nmap: |_smbv2-enabled: Server doesn't support SMBv2 protocol Nmap: TRACEROUTE Nmap: HOP RTT ADDRESS Nmap: 1 0.51 ms 192.168.119.132 Nmap: OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap: Nmap done: 1 IP address (1 host up) scanned in 45.97 seconds
发表于 2019-11-19 14:49:07
=)T1(R=Y%DF=N%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=Y%DF=N%T=40%W=0%S=Z%A=S%F Nmap: OS:=AR%O=%RD=0%Q=)T3(R=Y%DF=N%T=40%W=FFFF%S=O%A=S+%F=AS%O=M5B4NW3NNT00NNS%R Nmap: OS
=0%Q=)T4(R=Y%DF=N%T=40%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0% Nmap: OS:S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=N%T=40%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T7( Nmap: OS:R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=B0%UN=0% Nmap: OS:RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=S%T=40%CD=Z) Nmap: Network Distance: 1 hop Nmap: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows Nmap: Host script results: Nmap: | ms-sql-info: Nmap: | [192.168.119.132:1433] Nmap: | Version: Microsoft SQL Server 2005 RTM Nmap: | Version number: 9.00.1399.00 Nmap: | Product: Microsoft SQL Server 2005 Nmap: | Service pack level: RTM Nmap: | Post-SP patches applied: No Nmap: |_ TCP port: 1433 Nmap: |_nbstat: NetBIOS name: PC-201403241103, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:5d:f3:e7 (VMware) Nmap: | smb-os-discovery: Nmap: | OS: Windows XP (Windows 2000 LAN Manager) Nmap: | OS CPE: cpe:/o:microsoft:windows_xp::- Nmap: | Computer name: PC-201403241103 Nmap: | NetBIOS computer name: PC-201403241103 Nmap: | Workgroup: WORKGROUP Nmap: |_ System time: 2014-07-12T22:43:29+08:00 Nmap: | smb-security-mode: Nmap: | Account that was used for smb scripts: guest Nmap: | User-level authentication Nmap: | SMB Security: Challenge/response passwords supported Nmap: |_ Message signing disabled (dangerous, but default) Nmap: |_smbv2-enabled: Server doesn't support SMBv2 protocol Nmap: TRACEROUTE Nmap: HOP RTT ADDRESS Nmap: 1 0.51 ms 192.168.119.132 Nmap: OS and Service detection performed. Please report any incorrect results at 