In this subsection, we'll see the usage of different kinds of auxiliary modules that will help us in reconnaissance of the target.
Mainly, reconnaissance-related auxiliary modules will be listed under the auxiliary/scanner/http/
structure of the framework. This will be similar to the following screenshot:
Let us now use an auxiliary module to brute-force for directories. For this, I'll use the auxiliary/scanner/http/brute_dirs
module.
We need to fireup the MSFConsole and hit the following command:
use auxiliary/scanner/http/brute_dirs
Running show options
shows a comprehensive list of options supported by the module.
The various variables are self-explanatory.
RHOST
: This is the remote target or list of targets.RPORT
: This is the variable for the port of the remote host.THREADS
: This is the number of parallel threads to use to brute-force.FORMAT
: This is the brute-force format: alphabet, uppercase, and digit.PATH
: This is the starting directory...