Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [GeneralSettings]
- default-terminal=gnome-terminal
- tool-output-black-background=False
- screenshooter-timeout=15000
- web-services="http,https,ssl,soap,http-proxy,http-alt,https-alt"
- enable-scheduler=True
- enable-scheduler-on-import=False
- max-fast-processes=10
- max-slow-processes=10
- [BruteSettings]
- store-cleartext-passwords-on-exit=True
- username-wordlist-path=/usr/share/wordlists/
- password-wordlist-path=/usr/share/wordlists/
- default-username=root
- default-password=password
- services="asterisk,afp,cisco,cisco-enable,cvs,firebird,ftp,ftps,http-head,http-get,https-head,https-get,http-get-form,http-post-form,https-get-form,https-post-form,http-proxy,http-proxy-urlenum,icq,imap,imaps,irc,ldap2,ldap2s,ldap3,ldap3s,ldap3-crammd5,ldap3-crammd5s,ldap3-digestmd5,ldap3-digestmd5s,mssql,mysql,ncp,nntp,oracle-listener,oracle-sid,pcanywhere,pcnfs,pop3,pop3s,postgres,rdp,rexec,rlogin,rsh,s7-300,sip,smb,smtp,smtps,smtp-enum,snmp,socks5,ssh,sshkey,svn,teamspeak,telnet,telnets,vmauthd,vnc,xmpp"
- no-username-services="cisco,cisco-enable,oracle-listener,s7-300,snmp,vnc"
- no-password-services="oracle-sid,rsh,smtp-enum"
- [StagedNmapSettings]
- stage1-ports="T:80,443"
- stage2-ports="T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
- stage3-ports="T:23,21,22,110,111,2049,3389,8080,U:500,5060"
- stage4-ports="T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048,2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
- stage5-ports=T:30000-65535
- [ToolSettings]
- nmap-path=/usr/bin/nmap
- hydra-path=/usr/bin/hydra
- cutycapt-path=/usr/bin/cutycapt
- texteditor-path=/usr/bin/leafpad
- [HostActions]
- nmap-fast-tcp=Run nmap (fast TCP), nmap -Pn -F -T4 -vvvv [IP] -oA \"[OUTPUT]\"
- nmap-full-tcp=Run nmap (full TCP), nmap -Pn -sV -sC -O -p- -T4 -vvvvv [IP] -oA \"[OUTPUT]\"
- nmap-fast-udp=Run nmap (fast UDP), "nmap -n -Pn -sU -F --min-rate=1000 -vvvvv [IP] -oA \"[OUTPUT]\""
- nmap-udp-1000=Run nmap (top 1000 quick UDP), "nmap -n -Pn -sU --min-rate=1000 -vvvvv [IP] -oA \"[OUTPUT]\""
- nmap-full-udp=Run nmap (full UDP), nmap -n -Pn -sU -p- -T4 -vvvvv [IP] -oA \"[OUTPUT]\"
- unicornscan-full-udp=Run unicornscan (full UDP), unicornscan -mU -Ir 1000 [IP]:a -v
- [PortActions]
- banner=Grab banner, bash -c \"echo \"\" | nc -v -n -w1 [IP] [PORT]\",
- nmap=Run nmap (scripts) on port, nmap -Pn -sV -sC -vvvvv -p[PORT] [IP] -oA [OUTPUT],
- nikto=Run nikto, nikto -o \"[OUTPUT].txt\" -p [PORT] -h [IP], "http,https,ssl,soap,http-proxy,http-alt"
- dirbuster=Launch dirbuster, java -Xmx256M -jar /usr/share/dirbuster/DirBuster-1.0-RC1.jar -u http://[IP]:[PORT]/, "http,https,ssl,soap,http-proxy,http-alt"
- webslayer=Launch webslayer, webslayer, "http,https,ssl,soap,http-proxy,http-alt"
- whatweb=Run whatweb, "whatweb [IP]:[PORT] --color=never --log-brief=\"[OUTPUT].txt\"", "http,https,ssl,soap,http-proxy,http-alt"
- samrdump=Run samrdump, python /usr/share/doc/python-impacket/examples/samrdump.py [IP] [PORT]/SMB, "netbios-ssn,microsoft-ds"
- nbtscan=Run nbtscan, nbtscan -v -h [IP], netbios-ns
- smbenum=Run smbenum, bash ./scripts/smbenum.sh [IP], "netbios-ssn,microsoft-ds"
- enum4linux=Run enum4linux, enum4linux [IP], "netbios-ssn,microsoft-ds"
- polenum=Extract password policy (polenum), polenum [IP], "netbios-ssn,microsoft-ds"
- smb-enum-users=Enumerate users (nmap), "nmap -p[PORT] --script=smb-enum-users [IP] -vvvvv", "netbios-ssn,microsoft-ds"
- smb-enum-users-rpc=Enumerate users (rpcclient), bash -c \"echo 'enumdomusers' | rpcclient [IP] -U%\", "netbios-ssn,microsoft-ds"
- smb-enum-admins=Enumerate domain admins (net), "net rpc group members \"Domain Admins\" -I [IP] -U% ", "netbios-ssn,microsoft-ds"
- smb-enum-groups=Enumerate groups (nmap), "nmap -p[PORT] --script=smb-enum-groups [IP] -vvvvv", "netbios-ssn,microsoft-ds"
- smb-enum-shares=Enumerate shares (nmap), "nmap -p[PORT] --script=smb-enum-shares [IP] -vvvvv", "netbios-ssn,microsoft-ds"
- smb-enum-sessions=Enumerate logged in users (nmap), "nmap -p[PORT] --script=smb-enum-sessions [IP] -vvvvv", "netbios-ssn,microsoft-ds"
- smb-enum-policies=Extract password policy (nmap), "nmap -p[PORT] --script=smb-enum-domains [IP] -vvvvv", "netbios-ssn,microsoft-ds"
- smb-null-sessions=Check for null sessions (rpcclient), bash -c \"echo 'srvinfo' | rpcclient [IP] -U%\", "netbios-ssn,microsoft-ds"
- ldapsearch=Run ldapsearch, ldapsearch -h [IP] -p [PORT] -x -s base, ldap
- snmpcheck=Run snmpcheck, snmp-check -t [IP], "snmp,snmptrap"
- rpcinfo=Run rpcinfo, rpcinfo -p [IP], rpcbind
- rdp-sec-check=Run rdp-sec-check.pl, perl ./scripts/rdp-sec-check.pl [IP]:[PORT], ms-wbt-server
- showmount=Show nfs shares, showmount -e [IP], nfs
- x11screen=Run x11screenshot, bash ./scripts/x11screenshot.sh [IP], X11
- sslscan=Run sslscan, sslscan --no-failed [IP]:[PORT], "https,ssl"
- sslyze=Run sslyze, sslyze --regular [IP]:[PORT], "https,ssl,ms-wbt-server,imap,pop3,smtp"
- rwho=Run rwho, rwho -a [IP], who
- finger=Enumerate users (finger), ./scripts/fingertool.sh [IP], finger
- smtp-enum-vrfy=Enumerate SMTP users (VRFY), smtp-user-enum -M VRFY -U /usr/share/metasploit-framework/data/wordlists/unix_users.txt -t [IP] -p [PORT], smtp
- smtp-enum-expn=Enumerate SMTP users (EXPN), smtp-user-enum -M EXPN -U /usr/share/metasploit-framework/data/wordlists/unix_users.txt -t [IP] -p [PORT], smtp
- smtp-enum-rcpt=Enumerate SMTP users (RCPT), smtp-user-enum -M RCPT -U /usr/share/metasploit-framework/data/wordlists/unix_users.txt -t [IP] -p [PORT], smtp
- ftp-default=Check for default ftp credentials, hydra -s [PORT] -C ./wordlists/ftp-default-userpass.txt -u -o \"[OUTPUT].txt\" -f [IP] ftp, ftp
- mssql-default=Check for default mssql credentials, hydra -s [PORT] -C ./wordlists/mssql-default-userpass.txt -u -o \"[OUTPUT].txt\" -f [IP] mssql, ms-sql-s
- mysql-default=Check for default mysql credentials, hydra -s [PORT] -C ./wordlists/mysql-default-userpass.txt -u -o \"[OUTPUT].txt\" -f [IP] mysql, mysql
- oracle-default=Check for default oracle credentials, hydra -s [PORT] -C ./wordlists/oracle-default-userpass.txt -u -o \"[OUTPUT].txt\" -f [IP] oracle-listener, oracle-tns
- postgres-default=Check for default postgres credentials, hydra -s [PORT] -C ./wordlists/postgres-default-userpass.txt -u -o \"[OUTPUT].txt\" -f [IP] postgres, postgresql
- snmp-default=Check for default community strings, python ./scripts/snmpbrute.py -t [IP] -p [PORT] -f ./wordlists/snmp-default.txt -b --no-colours, "snmp,snmptrap"
- snmp-brute=Bruteforce community strings (medusa), bash -c \"medusa -h [IP] -u root -P ./wordlists/snmp-default.txt -M snmp | grep SUCCESS\", "snmp,snmptrap"
- oracle-version=Get version, "msfcli auxiliary/scanner/oracle/tnslsnr_version rhosts=[IP] E", oracle-tns
- oracle-sid=Oracle SID enumeration, "msfcli auxiliary/scanner/oracle/sid_enum rhosts=[IP] E", oracle-tns
- [PortTerminalActions]
- netcat=Open with netcat, nc -v [IP] [PORT],
- telnet=Open with telnet, telnet [IP] [PORT],
- ftp=Open with ftp client, ftp [IP] [PORT], ftp
- mysql=Open with mysql client (as root), "mysql -u root -h [IP] --port=[PORT] -p", mysql
- mssql=Open with mssql client (as sa), python /usr/share/doc/python-impacket/examples/mssqlclient.py -p [PORT] sa@[IP], "mys-sql-s,codasrv-se"
- ssh=Open with ssh client (as root), ssh root@[IP] -p [PORT], ssh
- psql=Open with postgres client (as postgres), psql -h [IP] -p [PORT] -U postgres, postgres
- rdesktop=Open with rdesktop, rdesktop [IP]:[PORT], ms-wbt-server
- rpcclient=Open with rpcclient (NULL session), rpcclient [IP] -p [PORT] -U%, "netbios-ssn,microsoft-ds"
- vncviewer=Open with vncviewer, vncviewer [IP]:[PORT], vnc
- xephyr=Open with Xephyr, Xephyr -query [IP] :1, xdmcp
- rlogin=Open with rlogin, rlogin -i root -p [PORT] [IP], login
- rsh=Open with rsh, rsh -l root [IP], shell
- [SchedulerSettings]
- nikto="http,https,ssl,soap,http-proxy,http-alt,https-alt", tcp
- screenshooter="http,https,ssl,http-proxy,http-alt,https-alt", tcp
- smbenum=microsoft-ds, tcp
- snmpcheck=snmp, udp
- x11screen=X11, tcp
- snmp-default=snmp, udp
- smtp-enum-vrfy=smtp, tcp
- mysql-default=mysql, tcp
- mssql-default=ms-sql-s, tcp
- ftp-default=ftp, tcp
- postgres-default=postgresql, tcp
- oracle-default=oracle-tns, tcp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement