[share] WMAP Web Scanner by Metasploit

**Junior Riau** · 04-02-2012, 11:30 AM

(04-02-2012, 02:32 AM)japz_krist Wrote: om waktu jalanin 'wmap_run -e' emang lama bgt y?!

maap masi pengguna baru

g perlu minta mhaap Smile

iya emang lama karena dia ngecek/nge-scan kan..ya ceknya 1 persatu berdasarkan modul yang dimiliki wmap.

nah kalau ketemu vulner seperti informasi contoh vulner yang diatas bisa dicari ke exploit-id.com atai exploit-db.com tentang vulner tersebut

**japz_krist** · 04-02-2012, 01:03 PM

oke thanks om

**yanix** · 04-02-2012, 03:40 PM

kayaknya mantap nie
ijin sedot ilmunya om

**permana** · 04-13-2012, 03:11 PM

mantap

, ijin nyoba kakak Big Grin

**teeboo** · 04-13-2012, 03:33 PM

om...ane nyobain udah nyampe ke analisis nih...abis jalanin target..nah abis itu ane mau ngecek pake perintah

msf>hosts -c address,svcs,vulns

keluarnya unknown command : hosts

piye ya?

**T3rminate1** · 04-21-2012, 02:04 PM

Nice share nih om... saya pengguna baru numpang baca yah Big Grin

**Junior Riau** · 04-24-2012, 05:35 AM

@teeboo
g pake s kali hostnya??

diawal gimana yak ane share?lupa Tongue

coba back ke halaman awal dah liat Tongue

sori ya lama balasnya

@T3erminate1
silahkan om Smile

**lucifer893**$ · 04-24-2012, 07:29 AM

db dh connect om...

msf > load wmap
[*] [WMAP 1.0] === et [ ] metasploit.com 2011
[*] Successfully loaded plugin: wmap

tapi pas mau menambahkan list target

wmap_sites -a xxxx.xx.xx

keluar begini...
[-] Error while running command wmap_sites: getaddrinfo: Name or service not known

Call stack:
/opt/framework/msf3/lib/rex/socket.rb:170:in `gethostbyname'
/opt/framework/msf3/lib/rex/socket.rb:170:in `getaddress'
/opt/framework/msf3/lib/msf/core/db.rb:1505:in `report_web_site'
/opt/framework/msf3/plugins/wmap.rb:1297:in `add_web_site'
/opt/framework/msf3/plugins/wmap.rb:69:in `cmd_wmap_sites'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:380:in `run_command'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:342:in `block in run_single'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:336:in `each'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:336:in `run_single'
/opt/framework/msf3/lib/rex/ui/text/shell.rb:199:in `run'
/opt/framework/msf3/msfconsole:134:in `<main>'

itu kenapa yah??? apakah faktor proxy... ??? soal na di tmpat ane ngnet ada proxy.. mungkin gak??? hehe mav pengguna baru mas bro...
apa tetap bermasalah dengan dbnya???

pi pas ane cek ndak masalah mas bro

msf > db_driver
[*] Active Driver: postgresql
[*] Available: postgresql

ono opo yah mohon pencerahannn...

**Junior Riau** · 04-24-2012, 09:24 AM

(04-24-2012, 07:29 AM)lucifer893 Wrote: db dh connect om...

msf > load wmap
[*] [WMAP 1.0] === et [ ] metasploit.com 2011
[*] Successfully loaded plugin: wmap

tapi pas mau menambahkan list target

wmap_sites -a xxxx.xx.xx

keluar begini...
[-] Error while running command wmap_sites: getaddrinfo: Name or service not known

Call stack:
/opt/framework/msf3/lib/rex/socket.rb:170:in `gethostbyname'
/opt/framework/msf3/lib/rex/socket.rb:170:in `getaddress'
/opt/framework/msf3/lib/msf/core/db.rb:1505:in `report_web_site'
/opt/framework/msf3/plugins/wmap.rb:1297:in `add_web_site'
/opt/framework/msf3/plugins/wmap.rb:69:in `cmd_wmap_sites'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:380:in `run_command'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:342:in `block in run_single'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:336:in `each'
/opt/framework/msf3/lib/rex/ui/text/dispatcher_shell.rb:336:in `run_single'
/opt/framework/msf3/lib/rex/ui/text/shell.rb:199:in `run'
/opt/framework/msf3/msfconsole:134:in `<main>'

itu kenapa yah??? apakah faktor proxy... ??? soal na di tmpat ane ngnet ada proxy.. mungkin gak??? hehe mav pengguna baru mas bro...
apa tetap bermasalah dengan dbnya???

pi pas ane cek ndak masalah mas bro

msf > db_driver
[*] Active Driver: postgresql
[*] Available: postgresql

ono opo yah mohon pencerahannn...

db_driver?
masih metasploit versi 3 ya,,

bukan karena proxy kayaknya,,
itu wmap nya error yak ada stack nya banyak banget,,

coba di update om framework nya Smile

oha ya itu dah connect ke databasenya gak??

db_connect /opt/framework/config/database.yml,, kalau g salah,,lupa si ane path foldernya hehe

db_status coba jalanin Smile

report dimari ya,,

**erudith** · 05-22-2012, 11:27 PM

punyaq =[ metasploit v4.3.0-release [core:4.3 api:1.0]

tapi kok

Code:
msf > db_connect -y /opt/framework/config/database.yml

[-] File not found

msf > db_connect -y /opt/metasploit/config/database.yml

msf >

teru isi dari /ogedit /etc/postgresql/8.4/main/postgresql.conf ane edit jadi

Code:
#

# These settings are for the database used by the Metasploit Framework

# unstable tree included in this installer, not the commercial editions.

#

development:

  adapter: "postgresql"

  database: "msf3dev"

  username: "erudith"

  password: "ganteng"

  port: 7337

  host: "localhost"

  pool: 256

  timeout: 5

production:

  adapter: "postgresql"

  database: "msf3dev"

  username: "erudith"

  password: "ganteng"

  port: 7337

  host: "localhost"

  pool: 256

  timeout: 5

hasilnya

Code:
msf > db_connect -y /opt/metasploit/config/database.yml

msf > db_status

[*] postgresql selected, no connection

belum bisa konek databasenya Angry

oiya lupa pas aq nmap -anpt hasilnya

Code:
tstat -anpt

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

tcp        0      0 127.0.0.1:7337          0.0.0.0:*               LISTEN      1239/postgres   

tcp        0      0 0.0.0.0:1241            0.0.0.0:*               LISTEN      12775/nessusd   

tcp        0      0 127.0.0.1:2525          0.0.0.0:*               LISTEN      7588/postgres   

tcp        0      0 127.0.0.1:55553         0.0.0.0:*               LISTEN      19932/msfrpcd   

tcp        0      0 0.0.0.0:8834            0.0.0.0:*               LISTEN      12775/nessusd   

tcp        0      0 10.248.191.124:36578    74.125.235.49:80        ESTABLISHED 414/python      

tcp        0      0 10.248.191.124:50098    74.125.235.33:80        ESTABLISHED 414/python      

tcp        0      0 10.248.191.124:41747    199.59.148.139:443      ESTABLISHED 414/python      

tcp       28      0 10.248.191.124:47391    199.59.148.20:443       CLOSE_WAIT  414/python      

tcp        0      0 10.248.191.124:37366    202.70.57.27:443        ESTABLISHED 2637/firefox    

tcp       28      0 10.248.191.124:47389    199.59.148.20:443       CLOSE_WAIT  414/python      

tcp        0      0 10.248.191.124:50099    74.125.235.33:80        ESTABLISHED 414/python      

tcp        0      0 10.248.191.124:51595    173.194.38.136:80       ESTABLISHED 414/python      

tcp        0      0 10.248.191.124:37367    202.70.57.27:443        ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:45605    27.111.34.145:80        TIME_WAIT   -               

tcp        0      0 10.248.191.124:43658    31.13.79.4:443          ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:37370    202.70.57.27:443        ESTABLISHED 2637/firefox    

tcp       28      0 10.248.191.124:47388    199.59.148.20:443       CLOSE_WAIT  414/python      

tcp        0      0 10.248.191.124:37368    202.70.57.27:443        ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:45432    74.125.235.55:80        ESTABLISHED 414/python      

tcp        0      0 10.248.191.124:43657    31.13.79.4:443          ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:43407    31.13.79.4:80           ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:47275    69.171.227.72:443       ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:43825    173.245.61.133:80       ESTABLISHED 2637/firefox    

tcp        1      0 10.248.191.124:32953    184.169.75.33:80        CLOSE_WAIT  414/python      

tcp        0      0 10.248.191.124:37369    202.70.57.27:443        ESTABLISHED 2637/firefox    

tcp        0      1 10.248.191.124:33138    199.59.149.235:80       FIN_WAIT1   -               

tcp        0      0 10.248.191.124:43858    173.245.61.133:80       ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:52773    146.82.82.42:443        ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:45019    23.58.91.55:80          ESTABLISHED 2637/firefox    

tcp        0      0 127.0.0.1:44593         127.0.0.1:41556         ESTABLISHED 19932/msfrpcd   

tcp        0      0 127.0.0.1:41556         127.0.0.1:44593         ESTABLISHED 19932/msfrpcd   

tcp        0      0 10.248.191.124:43406    31.13.79.4:80           ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:52772    146.82.82.42:443        ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:56475    173.194.38.134:443      ESTABLISHED 2637/firefox    

tcp       28      0 10.248.191.124:47390    199.59.148.20:443       CLOSE_WAIT  414/python      

tcp        0      0 10.248.191.124:43681    31.13.79.4:443          ESTABLISHED 2637/firefox    

tcp        0      0 10.248.191.124:43405    31.13.79.4:80           ESTABLISHED 2637/firefox    

tcp        0      1 10.248.191.124:43859    173.245.61.133:80       FIN_WAIT1   -               

tcp6       0      0 ::1:7337                :::*                    LISTEN      1239/postgres   

tcp6       0      0 :::80                   :::*                    LISTEN      1309/apache2    

tcp6       0      0 :::1241                 :::*                    LISTEN      12775/nessusd   

tcp6       0      0 ::1:2525                :::*                    LISTEN      7588/postgres   

tcp6       0      0 :::8834                 :::*                    LISTEN      12775/nessusd   

tcp6       1      0 ::1:47320               ::1:7337                CLOSE_WAIT  12228/.ruby.bin 

tcp6       0      0 ::1:45985               ::1:7337                ESTABLISHED 19932/msfrpcd   

tcp6       0      0 ::1:7337                ::1:45985               ESTABLISHED 25219/postgres: msf