Active information gathering with Metasploit
Scanning is an active information gathering technique in which we will now start dealing with the target directly. Port scanning is an interesting process of information gathering. It involves a deeper search of the target machine, but since active port scanning involves reaching out to the target systems, these activities can be detected by firewalls and intrusion prevention systems.
How to do it...
There are a variety of port scanners available to us within the Metasploit Framework, allowing us to properly enumerate the target systems. To list all the available portscan
modules, you can use the search
command, as follows:
TCP Port Scanner
We can start by doing a basic TCP portscan
with the TCP Port Scanner auxiliary module and see what we can find.
Note
Since the TCP Port Scanner auxiliary module does not need administrative privileges on the source machine, it can be extremely useful when pivoting.
To run the TCP Port Scanner auxiliary module, we...