BackTrack and Metasploit, how to run SYN SCAN on Metasploit, how to search for port scanners on metasploit., How to use Backtrack Syn Scans, How to use metasploit on backtrack, Metasploit, penetration testing, port scanners
METASPOILT – How to run a SYN SCAN – How to use BACKTRACK and METASPLOIT
I hope to give you the quickest visual guides for learning Penetration Testing and Security. Firstly install Backtrack (of course).
1. Applications > BackTrack > Exploitation Tools > Network Exploitation Tools
Metasploit Framework > msfconsole
There are 4 ways to use Metasploit – but full power is via MSFCONSOLE.
2. MSFConsole Syntax = USSR
To configure Attacking Modules – we use the USSR 4 part procedure:
This USSR 4 stage setup is used over and over. So just remember that it’s USSR – from Russia with love.
What is RHOSTS? (The Target IP)
RHOSTS is the target IP.
set RHOSTS 192.168.1.0
This IP targets your home router IP of 192.168.1.0. You use the “set” command to tell the module the victim’s IP address.
What are THREADS?
THREADS is the number of threads /processes on your CPU. There is a catch here – windows machines must have much lower threads set than Unix. The Max Thread count for Windows is 16, whereas for Unix it’s 128.
To be safe, and not crash Windows machines, use 1, 5 or 10 threads, depending on how old the laptop or windows machine happens to be. You use the “set” command to tell Metasploit how many threads to launch at the victims IP address.
set THREADS 10
I don’t recommend setting THREADS above 10, as Windows is prone to crashing. If you want to be a covert scanner, it’s not good practice to crash the machine, as that’s a bit of a giveaway.
Step 3 COMMANDS TO LAUNCH SYN SCAN
Go to the MSFCONSOLE prompt – msf>
set RHOSTS 192.168.1.65
set THREADS 1
It looks like this in your msfconsole window:
RESULTS of Syn Scan – Open Ports
The results will show you which ports are open on the target machine.
What other scan are available in Metasploit?
Go to the MSFConsole window and type:
msf> search portscan
A list of all port scanning modules be shown….as you can see in the picture.
Each of the scanners above has a particular use in attacking networks.
I’ll discuss each of these in later articles.
For now, use the Syn Scan on your home network – to see what open ports exist on your domestic network that an attacker could exploit.