checkvm

The checkvm module attempts to determine whether the system is running inside of a virtual environment and if so, which one. This module supports detection of Hyper-V, VMWare, VirtualBox, Xen, and QEMU/KVM.

msf > use post/linux/gather/checkvm
msf post(checkvm) > show options

Module options (post/linux/gather/checkvm):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on.

msf post(checkvm) > run

[*] Gathering System info ....
[+] This appears to be a 'VMware' virtual machine
[*] Post module execution completed

enum_configs

The enum_configs module collects configuration files found on commonly installed applications and services, such as Apache, MySQL, Samba, Sendmail, etc. If a config file is found in its default path, the module will assume that is the file we want.

msf  > use post/linux/gather/enum_configs 
msf post(enum_configs) > show options

Module options (post/linux/gather/enum_configs):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on.

msf post(enum_configs) > run

[*] Running module against kali
[*] Info:
[*] 	Kali GNU/Linux 1.0.6  
[*] 	Linux kali 3.12-kali1-486 #1 Debian 3.12.6-2kali1 (2014-01-06) i686 GNU/Linux
[*] apache2.conf stored in /root/.msf4/loot/20140228005504_default_192.168.1.109_linux.enum.conf_735045.txt
[*] ports.conf stored in /root/.msf4/loot/20140228005504_default_192.168.1.109_linux.enum.conf_787442.txt
[*] nginx.conf stored in /root/.msf4/loot/20140228005504_default_192.168.1.109_linux.enum.conf_248658.txt
[*] my.cnf stored in /root/.msf4/loot/20140228005505_default_192.168.1.109_linux.enum.conf_577389.txt
[*] shells stored in /root/.msf4/loot/20140228005507_default_192.168.1.109_linux.enum.conf_583272.txt
[*] sepermit.conf stored in /root/.msf4/loot/20140228005507_default_192.168.1.109_linux.enum.conf_027227.txt
[*] ca-certificates.conf stored in /root/.msf4/loot/20140228005508_default_192.168.1.109_linux.enum.conf_626893.txt
[*] access.conf stored in /root/.msf4/loot/20140228005508_default_192.168.1.109_linux.enum.conf_619382.txt
[*] rpc stored in /root/.msf4/loot/20140228005509_default_192.168.1.109_linux.enum.conf_666867.txt
[*] debian.cnf stored in /root/.msf4/loot/20140228005509_default_192.168.1.109_linux.enum.conf_173984.txt
[*] chkrootkit.conf stored in /root/.msf4/loot/20140228005510_default_192.168.1.109_linux.enum.conf_025881.txt
[*] logrotate.conf stored in /root/.msf4/loot/20140228005510_default_192.168.1.109_linux.enum.conf_438551.txt
[*] smb.conf stored in /root/.msf4/loot/20140228005511_default_192.168.1.109_linux.enum.conf_545804.txt
[*] ldap.conf stored in /root/.msf4/loot/20140228005511_default_192.168.1.109_linux.enum.conf_464721.txt
[*] sysctl.conf stored in /root/.msf4/loot/20140228005513_default_192.168.1.109_linux.enum.conf_077261.txt
[*] proxychains.conf stored in /root/.msf4/loot/20140228005513_default_192.168.1.109_linux.enum.conf_855958.txt
[*] snmp.conf stored in /root/.msf4/loot/20140228005514_default_192.168.1.109_linux.enum.conf_291777.txt
[*] Post module execution completed

enum_network

The enum_network module gathers network information from the target system IPTables rules, interfaces, wireless information, open and listening ports, active network connections, DNS information and SSH information.

msf > use post/linux/gather/enum_network 
msf post(enum_network) > show options

Module options (post/linux/gather/enum_network):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on.

msf post(enum_network) > run

[*] Running module against kali
[*] Module running as root
[+] Info:
[+] 	Kali GNU/Linux 1.0.6  
[+] 	Linux kali 3.12-kali1-486 #1 Debian 3.12.6-2kali1 (2014-01-06) i686 GNU/Linux
[*] Collecting data...
[*] Network config stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_533784.txt
[*] Route table stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_173980.txt
[*] Firewall config stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_332941.txt
[*] DNS config stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_007812.txt
[*] SSHD config stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_912697.txt
[*] Host file stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_477226.txt
[*] Active connections stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_052505.txt
[*] Wireless information stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_069586.txt
[*] Listening ports stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_574507.txt
[*] If-Up/If-Down stored in /root/.msf4/loot/20140228005655_default_192.168.1.109_linux.enum.netwo_848840.txt
[*] Post module execution completed

enum_protections

The enum_protections module tries to find certain installed applications that can be used to prevent, or detect our attacks, which is done by locating certain binary locations, and see if they are indeed executables. For example, if we are able to run ‘snort’ as a command, we assume it’s one of the files we are looking for. This module is meant to cover various antivirus, rootkits, IDS/IPS, firewalls, and other software.

msf > use post/linux/gather/enum_protections
msf post(enum_protections) > show options

Module options (post/linux/gather/enum_protections):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on. 

msf post(enum_protections) > run

[*] Running module against kali
[*] Info:
[*] 	Kali GNU/Linux 1.0.6  
[*] 	Linux kali 3.12-kali1-486 #1 Debian 3.12.6-2kali1 (2014-01-06) i686 GNU/Linux
[*] Finding installed applications...
[+] truecrypt found: /usr/bin/truecrypt
[+] logrotate found: /usr/sbin/logrotate
[+] chkrootkit found: /usr/sbin/chkrootkit
[+] lynis found: /usr/sbin/lynis
[+] tcpdump found: /usr/sbin/tcpdump
[+] proxychains found: /usr/bin/proxychains
[+] wireshark found: /usr/bin/wireshark
[*] Installed applications saved to notes.
[*] Post module execution completed

enum_system

The enum_system module gathers system information. It collects installed packages, installed services, mount information, user list, user bash history and cron jobs

msf > use post/linux/gather/enum_system 
msf post(enum_system) > show options

Module options (post/linux/gather/enum_system):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on.

msf post(enum_system) > run

[+] Info:
[+] 	Kali GNU/Linux 1.0.6  
[+] 	Linux kali 3.12-kali1-486 #1 Debian 3.12.6-2kali1 (2014-01-06) i686 GNU/Linux
[*] Linux version stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_186949.txt
[*] User accounts stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_538758.txt
[*] Installed Packages stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_116127.txt
[*] Running Services stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_805781.txt
[*] Cron jobs stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_460600.txt
[*] Disk info stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_538625.txt
[*] Logfiles stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_922920.txt
[*] Setuid/setgid files stored in /root/.msf4/loot/20140228005325_default_192.168.1.109_linux.enum.syste_076798.txt
[*] Post module execution completed

enum_users_history

The enum_users_history module gathers user specific information. User list, bash history, mysql history, vim history, lastlog and sudoers.

msf > use post/linux/gather/enum_users_history
msf post(enum_users_history) > show options

Module options (post/linux/gather/enum_users_history):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  1                yes       The session to run this module on. 

msf post(enum_users_history) > run

[+] Info:
[+] 	Kali GNU/Linux 1.0.6  
[+] 	Linux kali 3.12-kali1-486 #1 Debian 3.12.6-2kali1 (2014-01-06) i686 GNU/Linux
[*] History for root stored in /root/.msf4/loot/20140228005914_default_192.168.1.109_linux.enum.users_491309.txt
[*] History for root stored in /root/.msf4/loot/20140228005930_default_192.168.1.109_linux.enum.users_349754.txt
[*] Last logs stored in /root/.msf4/loot/20140228010003_default_192.168.1.109_linux.enum.users_170027.txt
[*] Sudoers stored in /root/.msf4/loot/20140228010003_default_192.168.1.109_linux.enum.users_210141.txt
[*] Post module execution completed
Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE