Research is a pivotal component of any methodology. It involves identifying a problem or question, gathering relevant information, and exploring existing literature. By searching for information online, you can uncover various tactics and strategies that have been employed in similar contexts. This process not only enhances your understanding but also allows you to apply effective approaches tailored to your specific needs. Ultimately, thorough research equips you with the knowledge necessary to make informed decisions and achieve your objectives.
Methodology: Host discovery -> Port Scanning -> Service Version Detection
Using nmap in Metasploit
Step 1: Run Nmap to Save Results
nmap [IP] -oX result.xml
Step 2: Start Metasploit Famework & Create a Workspace (Optional)
msfconsole
workspace
workspace -a meta-nmap
Step 3: Check DB Status and Import Nmap Result
db_status
db_import result.xml
Step 4: View Hosts & Services
$ hosts
## SAMPLE RESULT ______________
Address Name OS State
------------------------------------------------
192.168.1.10 target-host Linux Alive
$ services
## SAMPLE RESULT ______________
Port Protocol Name State
--------------------------------------------
22 tcp ssh open
80 tcp http open
Step 5: Run nmap directly from MSF
db_nmap -Pn -sS -O -p- [IP]
SMB (Recon + Scan) with nmap
Targets -
Identify SMB Protocol Dialects
Find SMB security level information
Enumerate active sessions, shares, Windows users, domains, services, etc.