使用metasploit寻找SCADA服务

文章目录前言一、SCADA系统二、使用步骤总结前言使用metasploit寻找SCADA服务一、SCADA系统SCADA系统是ICS系统，通常用在一些很关键的环境中，例如一些大型企业中，负责各种生产过程二、使用步骤需要在shodan网站注册一个账号，并且拿到APIKEYmsf6 exploit(windows/smb/ms08_067_netapi) > use auxiliary/gath

我重来不说话

371人浏览 · 2021-05-10 21:04:59

我重来不说话 · 2021-05-10 21:04:59 发布

文章目录

前言
一、SCADA系统
二、使用步骤
总结

前言

使用metasploit寻找SCADA服务

一、SCADA系统

SCADA系统是ICS系统，通常用在一些很关键的环境中，例如一些大型企业中，负责各种生产过程

二、使用步骤

需要在shodan网站注册一个账号，并且拿到APIKEY

msf6 exploit(windows/smb/ms08_067_netapi) > use auxiliary/gather/shodan_search
msf6 auxiliary(gather/shodan_search) > options

Module options (auxiliary/gather/shodan_search):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   DATABASE       false            no        Add search results to the database
   MAXPAGE        1                yes       Max amount of pages to collect
   OUTFILE                         no        A filename to store the list of IPs
   QUERY                           yes       Keywords you want to search for
   REGEX          .*               yes       Regex search for a specific IP/City/Country/Hostname
   SHODAN_APIKEY                   yes       The SHODAN API key

msf6 auxiliary(gather/shodan_search) > set shodan_apikey PxNNh5geye5sghZgWFKiji05gxxxxxx
shodan_apikey => PxNNh5geye5sghZgWFKiji05gxxxxxx
msf6 auxiliary(gather/shodan_search) > set query rockwell
query => rockwell
msf6 auxiliary(gather/shodan_search) > run

[*] Total: 6967 on 70 pages. Showing: 1 page(s)
[*] Collecting data, please wait...

Search Results
==============

 IP:Port                City               Country         Hostname
 -------                ----               -------         --------
 100.16.175.195:44818   Sykesville         United States   pool-100-16-175-195.bltmmd.fios.verizon.net
 108.82.2.12:44818      Novi               United States   adsl-108-82-2-12.dsl.wotnoh.sbcglobal.net
 120.157.18.188:44818   Melbourne          Australia
 122.176.102.146:44818  Delhi              India           abts-north-static-146.102.176.122.airtelbroadband.in
 124.199.70.151:44818   Tainan             Taiwan          124-199-70-151.HINET-IP.hinet.net
 129.2.27.114:44818     College Park       United States   129-2-27-114.wireless.umd.edu
 129.2.27.131:44818     College Park       United States   129-2-27-131.wireless.umd.edu
 129.2.27.157:44818     College Park       United States   129-2-27-157.wireless.umd.edu
 129.2.27.175:44818     College Park       United States   129-2-27-175.wireless.umd.edu
 129.2.27.30:44818      College Park       United States   129-2-27-30.wireless.umd.edu
 ....
[*] Auxiliary module execution completed