在Metasploit中使用shodan

shodan网站中有全球联网的主机设备信息,Metasploit集成了shodan,也就是说再MSF中可以直接从shodan中获取主机信息。

msf中使用shodan

使用auxiliary/gather/shodan_search模块:

msf6 auxiliary(scanner/smtp/smtp_enum) > use auxiliary/gather/shodan_search 
msf6 auxiliary(gather/shodan_search) > show options 

Module options (auxiliary/gather/shodan_search):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   DATABASE       false            no        Add search results to the database
   MAXPAGE        1                yes       Max amount of pages to collect
   OUTFILE                         no        A filename to store the list of IPs
   QUERY                           yes       Keywords you want to search for
   REGEX          .*               yes       Regex search for a specific IP/City/Country/Hostname
   SHODAN_APIKEY                   yes       The SHODAN API key

填写主机检索关键字

在option设置检索关键字

msf6 auxiliary(gather/shodan_search) > set QUERY phpmyadmin
QUERY => phpmyadmin

填写shodan api key

如果没有shodan账号,可以从官网上注册:www.shodan.io,注册完成之后,可以找到api key信息:

拷贝到options中设置SHODAN_APIKEY:

msf6 auxiliary(gather/shodan_search) > set ShodAN_APIKEY R6G************************rvL7
ShodAN_APIKEY => R6G************************rvL7

执行检索

检索前先检查option:

msf6 auxiliary(gather/shodan_search) > show options 

Module options (auxiliary/gather/shodan_search):

   Name           Current Setting                   Required  Description
   ----           ---------------                   --------  -----------
   DATABASE       false                             no        Add search results to the database
   MAXPAGE        1                                 yes       Max amount of pages to collect
   OUTFILE                                          no        A filename to store the list of IPs
   QUERY          phpmyadmin                        yes       Keywords you want to search for
   REGEX          .*                                yes       Regex search for a specific IP/City/Country/Hostname
   SHODAN_APIKEY  R6G************************rvL7  yes       The SHODAN API key

运行获得主机结果:

可以访问进行测试,例如访问第一个结果:

结语

shodan的主机与Metasploit的渗透工具集合,实在让这个世界边界扩大了很多!

Leave a Reply

Your email address will not be published. Required fields are marked *