Scanner TFTP Auxiliary Modules


TFTP servers can contain a wealth of valuable information including backup files, router config files, and much more. The tftpbrute module will take list of filenames and brute-force a TFTP server to determine if the files are present.

msf > use auxiliary/scanner/tftp/tftpbrute
msf auxiliary(tftpbrute) > show options

Module options (auxiliary/scanner/tftp/tftpbrute):

   Name        Current Setting                                          Required  Description
   ----        ---------------                                          --------  -----------
   CHOST                                                                no        The local client address
   DICTIONARY  /usr/share/metasploit-framework/data/wordlists/tftp.txt  yes       The list of filenames
   RHOSTS                                                               yes       The target address range or CIDR identifier
   RPORT       69                                                       yes       The target port
   THREADS     1                                                        yes       The number of concurrent threads

msf auxiliary(tftpbrute) > set RHOSTS
msf auxiliary(tftpbrute) > set THREADS 10
msf auxiliary(tftpbrute) > run

[*] Found 46xxsettings.txt on
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(tftpbrute) >