Os scanners Metasploit não estão funcionando corretamente

1

Quando executo db_nmap (ou praticamente qualquer scanner: ipidseq , syn , arp_swepp , etc.) de msfconsole , obtenho o seguinte:

msf > db_nmap -sS -A -v 192.168.0.13
[*] Nmap: Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2013-01-18 01:45 COT    
[*] Nmap: NSE: Loaded 91 scripts for scanning.    
[*] Nmap: NSE: Script Pre-scanning.    
[*] Nmap: Initiating ARP Ping Scan at 01:45    
[*] Nmap: Scanning 192.168.0.13 [1 port]    
[*] Nmap: Completed ARP Ping Scan at 01:45, 0.44s elapsed (1 total hosts)    
[*] Nmap: Nmap scan report for 192.168.0.13 [host down]    
[*] Nmap: NSE: Script Post-scanning.    
[*] Nmap: Read data files from: /opt/metasploit-4.5.0/common/share/nmap   
[*] Nmap: Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn    
[*] Nmap: Nmap done: 1 IP address (0 hosts up) scanned in 2.28 seconds    
[*] Nmap: Raw packets sent: 2 (56B) | Rcvd: 0 (0B)

Mas então eu executo meu aplicativo autônomo nmap eu recebo isso

$> nmap -sS -A -v 192.168.0.13    
Starting Nmap 6.00 ( http://nmap.org ) at 2013-01-18 01:54 COT    
NSE: Loaded 93 scripts for scanning.    
NSE: Script Pre-scanning.    
Initiating ARP Ping Scan at 01:54    
Scanning 192.168.0.13 [1 port]    
Completed ARP Ping Scan at 01:54, 0.00s elapsed (1 total hosts)    
Initiating Parallel DNS resolution of 1 host. at 01:54    
Completed Parallel DNS resolution of 1 host. at 01:54, 0.04s elapsed    
Initiating SYN Stealth Scan at 01:54    
Scanning 192.168.0.13 [1000 ports]    
Discovered open port 80/tcp on 192.168.0.13    
Discovered open port 445/tcp on 192.168.0.13    

...snip...

Completed SYN Stealth Scan at 01:54, 2.48s elapsed (1000 total ports)    
Initiating Service scan at 01:54    
Scanning 14 services on 192.168.0.13    
Service scan Timing: About 57.14% done; ETC: 01:56 (0:00:36 remaining)    
Completed Service scan at 01:56, 86.08s elapsed (14 services on 1 host)    
Initiating OS detection (try #1) against 192.168.0.13    
NSE: Script scanning 192.168.0.13.    
Initiating NSE at 01:56    
Completed NSE at 01:58, 144.42s elapsed    
Nmap scan report for 192.168.0.13    
Host is up (0.00086s latency).    
Not shown: 986 closed ports    
PORT      STATE SERVICE     VERSION    
80/tcp    open  http        Microsoft IIS httpd 8.0    
| http-methods: OPTIONS TRACE GET HEAD POST    
| Potentially risky methods: TRACE    
|_See http://nmap.org/nsedoc/scripts/http-methods.html    
|_http-title: Microsoft Internet Information Services 8    
135/tcp   open  msrpc       Microsoft Windows RPC    

...snip...

MAC Address: 08:00:27:84:4C:73 (Cadmus Computer Systems)    
Device type: general purpose    
Running: Microsoft Windows 7|2008    
OS CPE: cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2008::sp1    
OS details: Microsoft Windows 7 or Windows Server 2008 SP1    
Uptime guess: 0.023 days (since Fri Jan 18 01:24:51 2013)    
Network Distance: 1 hop    
TCP Sequence Prediction: Difficulty=263 (Good luck!)    
IP ID Sequence Generation: Incremental    
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows         

Host script results:    
|_smbv2-enabled: Server supports SMBv2 protocol    
| smb-security-mode:    
|   Account that was used for smb scripts: guest    
|   User-level authentication    
|   SMB Security: Challenge/response passwords supported    
|_  Message signing disabled (dangerous, but default)    
| nbstat:    
|   NetBIOS name: VM1, NetBIOS user: <unknown>, NetBIOS MAC: 08:00:27:84:4c:73 (Cadmus Computer Systems)    
|   Names    
|     VM1<00>              Flags: <unique><active>    
|     VM1<20>              Flags: <unique><active>    
|     WORKGROUP<00>        Flags: <group><active>    
|_    WORKGROUP<1e>        Flags: <group><active>    
| smb-os-discovery:    
|   OS: Windows 8 Pro 9200 (Windows 8 Pro 6.2)    
|   NetBIOS computer name: VM1    
|   Workgroup: WORKGROUP    
|_  System time: 2013-01-18 01:56:18 UTC-8    

TRACEROUTE    
HOP RTT     ADDRESS    
1   0.86 ms 192.168.0.13    

NSE: Script Post-scanning.    
Read data files from: /usr/bin/../share/nmap    
OS and Service detection performed. Please report any incorrect results at ttp://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 235.45 seconds    
Raw packets sent: 1158 (51.650KB) | Rcvd: 1023 (41.838KB)

Tenho quase certeza de que isso é um problema do usuário.

A máquina do CONVIDADO está rodando no VirtualBox e conectada via Bridge Adapter na minha interface eth0, o Windows 8 Pro

A máquina HOST é Ubuntu 12.10 x64

E acabei de atualizar para a versão 4.5.1

    
por andresperezl 19.01.2013 / 17:00

0 respostas