File metasploit-info
Script types:
portrule
Categories:
intrusive, safe
Download: http://nmap.org/svn/scripts/metasploit-info.nse
User Summary
Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info. References: * http://wiki.msgpack.org/display/MSGPACK/Format+specification * https://community.rapid7.com/docs/DOC-1516 Metasploit RPC API Guide
Script Arguments
metasploit-info.password
Valid metasploit rpc password (required)
metasploit-info.command
Custom command to run on the server (optional)
metasploit-info.username
Valid metasploit rpc username (required)
http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.Example Usage
nmap <target> --script=metasploit-info --script-args username=root,password=root
Script Output
55553/tcp open metasploit-msgrpc syn-ack | metasploit-info: | Metasploit version: 4.4.0-dev Ruby version: 1.9.3 i386-mingw32 2012-02-16 API version: 1.0 | Additional info: | Host Name: WIN | OS Name: Microsoft Windows XP Professional | OS Version: 5.1.2600 Service Pack 3 Build 2600 | OS Manufacturer: Microsoft Corporation | OS Configuration: Standalone Workstation | OS Build Type: Uniprocessor Free | ..... lots of other info .... | Domain: WORKGROUP |_ Logon Server: \\BLABLA
Requires
Author: Aleksandar Nikolic
License: Same as Nmap--See http://nmap.org/book/man-legal.html