Scanner TFTP Auxiliary Modules

From Metasploit Unleashed
Jump to: navigation, search

Contents


tftpbrute

TFTP servers can contain a wealth of valuable information including backup files, router config files, and much more. The tftpbrute module will take list of filenames and brute-force a TFTP server to determine if the files are present.

msf > use auxiliary/scanner/tftp/tftpbrute
msf auxiliary(tftpbrute) > show options

Module options (auxiliary/scanner/tftp/tftpbrute):

   Name        Current Setting                                          Required  Description
   ----        ---------------                                          --------  -----------
   CHOST                                                                no        The local client address
   DICTIONARY  /usr/share/metasploit-framework/data/wordlists/tftp.txt  yes       The list of filenames
   RHOSTS                                                               yes       The target address range or CIDR identifier
   RPORT       69                                                       yes       The target port
   THREADS     1                                                        yes       The number of concurrent threads

msf auxiliary(tftpbrute) > set RHOSTS 192.168.1.116
RHOSTS => 192.168.1.116
msf auxiliary(tftpbrute) > set THREADS 10
THREADS => 10
msf auxiliary(tftpbrute) > run

[*] Found 46xxsettings.txt on 192.168.1.116
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(tftpbrute) >




Module Reference > Auxiliary Modules > Scanner Modules > Scanner TFTP Auxiliary Modules