O'Reilly logo

Metasploit by Mati Aharoni, Devon Kearns, Jim O'Gorman, David Kennedy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9. Metasploit Auxiliary Modules

When most people think of Metasploit, exploits come to mind. Exploits are cool, exploits get you shell, and exploits get all the attention. But sometimes you need something more than that. By definition, a Metasploit module that is not an exploit is an auxiliary module, which leaves a lot to the imagination.

In addition to providing valuable reconnaissance tools such as port scanners and service fingerprinters, auxiliary modules such as ssh_login can take a known list of usernames and passwords and then attempt to log in via brute force across an entire target network. Also included in the auxiliary modules are various protocol fuzzers such as ftp_pre_post, http_get_uri_long, smtp_fuzzer, ssh_version_corrupt ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required