Steps to use Metasploit and Nmap to Scan for Vulnerabilities
Step 1: To begin, we launch Metasploit and activate the port scanner module.
use auxiliary/scanner/portscan/tcp
Step 2: Then we use show options to configure the settings for this module.
show options
Step 3: We configure RHOSTS with the IP/IP(s) of our machine(s), and if we want we can modify the scan for certain ports by setting PORTS.
set RHOSTS 192.168.56.103 set PORTS 22,25,80,110,21
Step 4: Following the scan, we will receive an output indicating the open ports on the previously defined target machine.
set THREADS 3 run
Step 5: Once we’ve established a clear picture of the available ports, we can begin enumerating them in order to observe and locate the operating services, as well as their versions.
db_nmap -sV -p 25,80,22 192.168.56.103
Step 6: Once we’ve identified the open ports and the services that operate on them, we can continue our scan to check for detailed version numbers on each service running on each port, so we may try different auxiliary modules in Metasploit to uncover potential vulnerabilities.
db_nmap -sV -A -p 25,80,22 192.168.56.103
Step 7: Analyze all the results.
Using Metasploit and Nmap to Scan for Vulnerabilities in Kali Linux
The Metasploit framework is a penetration testing tool for exploiting and validating vulnerabilities. It includes the fundamental architecture, particular content, and tools required for penetration testing and extensive security evaluation. It is a well-known exploitation framework that is routinely updated; new exploits are included as soon as they are announced. It can be easily altered and used with most operating systems because it is an open-source framework.