Script metasploit-info

Script types: portrule
Categories: intrusive, safe

Script Summary

Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info.


See also:

Script Arguments


Valid metasploit rpc password (required)


Custom command to run on the server (optional)


Valid metasploit rpc username (required)


See the documentation for the slaxml library., http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap <target> --script=metasploit-info --script-args username=root,password=root

Script Output

55553/tcp open  metasploit-msgrpc syn-ack
| metasploit-info:
|   Metasploit version: 4.4.0-dev Ruby version: 1.9.3 i386-mingw32 2012-02-16 API version: 1.0
|   Additional info:
|   Host Name:                 WIN
|   OS Name:                   Microsoft Windows XP Professional
|   OS Version:                5.1.2600 Service Pack 3 Build 2600
|   OS Manufacturer:           Microsoft Corporation
|   OS Configuration:          Standalone Workstation
|   OS Build Type:             Uniprocessor Free
|  ..... lots of other info ....
|   Domain:                    WORKGROUP
|_  Logon Server:              \\BLABLA



  • Aleksandar Nikolic

License: Same as Nmap--See