Metasploit is primarily a framework for developing and controlling exploits. Comes with a range of support tools to help exploit exploits, including open ports of a system.
We can use scanners to detect open ports and the services that run behind them. Using the following commands we can quickly capture port SMB 445 to determine the version of the operating system.
To start metasploit, type " msfconsole At your terminal.
We will then use the following command to scan open ports
Mandate: use auxiliary / scanner / portscan / syn
Scanners use the option RHOSTS instead of RHOST. RHOSTS can take IP (192.168.1.20-192.168.1.30), CIDR (192.168.1.0/24), but also (192.168.1.0/24, 192.168.3.0/24) as well as a list of hosts computers (file:/tmp/hostlist.txt).
In this case, the IP (our target) is 192.168.179.142, so the command is " set RHOSTS 192.168.179.142 “. If you want to scan all ports ranging from 1-10000, then leave the PORTS command, otherwise you can choose " set PORTS 445 ".
Here we will load the 'tcp' scanner by typing the command run and our results clearly show that the door 445 is open at our destination address. Then, based on our results, we will use the SMB scanner if port 445 is open.
To scan an SMB, type " use auxiliary / scanner / smb / smb_versionAt the same terminal.
Specify typing the target again " set RHOSTS 192.168.179.142 ".
Ο sweeper smb_version connects to each workstation in a given host range and determines its version services SMB running.
As you can see, with a few simple commands in metasploit you can easily determine the operating system type of a remote machine.