Using Auxiliary Modules related to Web Applications
In this subsection, we'll see the usage of different kinds of auxiliary modules that will help us in reconnaissance of the target.
Mainly, reconnaissance-related auxiliary modules will be listed under the auxiliary/scanner/http/ structure of the framework. This will be similar to the following screenshot:
Let us now use an auxiliary module to brute-force for directories. For this, I'll use the auxiliary/scanner/http/brute_dirs module.
We need to fireup the MSFConsole and hit the following command:
use auxiliary/scanner/http/brute_dirs
Running show options shows a comprehensive list of options supported by the module.
The various variables are self-explanatory.
RHOST: This is the remote target or list of targets.RPORT: This is the variable for the port of the remote host.THREADS: This is the number of parallel threads to use to brute-force.FORMAT: This is the brute-force format: alphabet, uppercase, and digit.PATH: This is the starting directory...
