Script metasploit-info

Script types: portrule
Categories: intrusive, safe
Download: https://svn.nmap.org/nmap/scripts/metasploit-info.nse

Script Summary

Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info.

References:

See also:

Script Arguments

metasploit-info.password

Valid metasploit rpc password (required)

metasploit-info.command

Custom command to run on the server (optional)

metasploit-info.username

Valid metasploit rpc username (required)

slaxml.debug

See the documentation for the slaxml library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap <target> --script=metasploit-info --script-args username=root,password=root

Script Output

55553/tcp open  metasploit-msgrpc syn-ack
| metasploit-info:
|   Metasploit version: 4.4.0-dev Ruby version: 1.9.3 i386-mingw32 2012-02-16 API version: 1.0
|   Additional info:
|   Host Name:                 WIN
|   OS Name:                   Microsoft Windows XP Professional
|   OS Version:                5.1.2600 Service Pack 3 Build 2600
|   OS Manufacturer:           Microsoft Corporation
|   OS Configuration:          Standalone Workstation
|   OS Build Type:             Uniprocessor Free
|  ..... lots of other info ....
|   Domain:                    WORKGROUP
|_  Logon Server:              \\BLABLA

Requires


Author:

  • Aleksandar Nikolic

License: Same as Nmap--See https://nmap.org/book/man-legal.html