Monthly Archives: July 2018

Msfenum: automation of MSF auxiliary modules

Low hanging fruit scans can be very useful when performing a penetration test. Especially when performing a internal penetration test a low hanging fruit scan can be very effective. Usually when performing a internal penetration test I am using among other things the Metasploit auxiliary modules to quickly enumerate the network. The modules canĀ give some interesting findings very quickly, such as:

  • open SMB/NFS shares;
  • End-of-life systems, such as Windows XP & Windows 2003 server;
  • MS17-010 vulnerable systems.

Those findings are quick wins and can give you an entry point to the network in order to escalate privileges (e.g. MS17-010 -> DA creds) pretty fast. This helps to tell your customer that you were able to obtain high network permissions within a few hours (if you are able, a malicious attacker is able as well).

Continue reading