1.先cd到scanner目录
cd /usr/share/metasploit-framework/modules/auxiliary/scanner/
2.写简单的TCP扫描脚本,以下是用Ruby语言写的
意思是连接远程的12345端口,并发送HELLO WORLD字符串
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Scanner
def initialize
super(
'Name' => 'My custom TCP scan',
'Version' => '$Revision: 1 $',
'Description' => 'My quick scanner',
'Author' => 'Your name here',
'License' => MSF_LICENSE
)
register_options(
[
Opt::RPORT(12345)
], self.class)
end
def run_host(ip)
connect()
greeting = "HELLO SERVER"
sock.puts(greeting)
data = sock.recv(1024)
print_status("Received: #{data} from #{ip}")
disconnect()
end
end
3.上述代码保存为simple_tcp.rb文件
然后将此文件复制到第一步所对应的目录下
cp /root/simple_tcp.rb simple_tcp.rb
4.win下运行Python编写的TCP服务端
5.msf中use auxiliary/scanner/simple_tcp.rb
set RHOSTS 192.168.15.15
run