Metasploit Auxiliary Scanners are valuable tools for any pentest, providing an array of modules designed to scan networks, identify vulnerabilities, and gather critical information to aid in penetration testing efforts. These scanners allow security professionals to probe various services, protocols, and devices within a network, helping them assess the security posture of their targets. Using them within Termux, a versatile terminal emulator for Android, enables you to convert your mobile device into a full-fledged penetration testing platform that is both portable and powerful. This setup is ideal for conducting pentests on the go, making security assessments more flexible and convenient.
This article will walk you through the steps needed to leverage Metasploit Auxiliary Scanners within Termux for an effective pentest. You’ll learn how to install, configure, and run auxiliary scanners to perform comprehensive scans, uncover hidden vulnerabilities, and gather detailed data on your target systems.
Whether you are a seasoned security researcher looking to streamline your mobile pentest processes or a beginner eager to explore the world of penetration testing, this guide will provide practical insights to help you maximize the potential of Metasploit’s auxiliary scanners. By the end of this tutorial, you will have the knowledge and tools to turn your Android device into a powerful and portable pentesting solution, capable of uncovering critical vulnerabilities and improving the security of networks and systems.
Table of Contents
Prerequisites
Before conducting a pentest, ensure you have the following:
- Termux installed on your Android device
- Metasploit Framework properly installed in Termux
- A basic understanding of networking and penetration testing tools
For detailed installation instructions, check out our Metasploit installation guide.
Step 1: Updating Metasploit and Required Modules
To ensure you’re ready for a pentest, make sure your Metasploit Framework is up-to-date. Run the following commands:
apt update && apt upgrade
msfupdate
Test Output:
Hit:1 https://dl.bintray.com/termux/termux-packages-24 stable InRelease
Reading package lists... Done
All packages are up to date.
Updating Metasploit Framework...
[*] Metasploit Framework has been updated to version 6.0.47.
Step 2: Exploring Available Auxiliary Scanners for Pentest
To explore all auxiliary scanners available for your pentest:
msfconsole
search auxiliary/scanner
Test Output:
msf6 > search auxiliary/scanner
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 auxiliary/scanner/http/http_version normal No HTTP Version Detection
1 auxiliary/scanner/ssh/ssh_version normal No SSH Version Detection
2 auxiliary/scanner/smb/smb_version normal No SMB Version Detection
...
Step 3: Using an Auxiliary Scanner for Your Pentest
Let’s walk through using the HTTP version scanner for a pentest. Here’s how you can do it:
use auxiliary/scanner/http/http_version
Test Output:
msf6 auxiliary(scanner/http/http_version) >
Set the target IP address:
set RHOSTS 192.168.1.100
RHOSTS => 192.168.1.100
Review available options:
show options
Module options (auxiliary/scanner/http/http_version):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 192.168.1.100 yes The target address range or CIDR identifier
RPORT 80 yes The target port (TCP)
THREADS 1 yes The number of concurrent threads (max one per host)
Run the scanner:
run
Test Output:
[*] 192.168.1.100:80 Apache/2.4.41 (Ubuntu)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
By following these steps, you can gather critical information for your pentest.
Step 4: Running Multiple Auxiliary Scanners in a Pentest
One of the best features of Metasploit’s auxiliary modules is that you can run multiple scanners at the same time, increasing the speed and coverage of your pentest. For instance, to scan both HTTP and SSH versions on a target, load and configure each scanner in separate sessions.
Load SSH version scanner:
use auxiliary/scanner/ssh/ssh_version
Test Output:
msf6 auxiliary(scanner/ssh/ssh_version) >
Set target IP and run the scanner
set RHOSTS 192.168.1.100
run
Test Output:
[*] 192.168.1.100:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
Now, your pentest includes results from both HTTP and SSH version scans.
Step 5: Automating Your Pentest with Resource Scripts
To streamline repetitive tasks during a pentest, use resource scripts to automate common scans. Here’s how to create and execute a resource script:
Create a file named scanner.rc
and add the following:
use auxiliary/scanner/http/http_version
set RHOSTS 192.168.1.100
run
use auxiliary/scanner/ssh/ssh_version
set RHOSTS 192.168.1.100
run
Run the script with:
bashCopy codemsfconsole -r scanner.rc
msfconsole -r scanner.rc
Test Output:
[*] Processing scanner.rc for ERB directives.
resource (scanner.rc)> use auxiliary/scanner/http/http_version
resource (scanner.rc)> set RHOSTS 192.168.1.100
RHOSTS => 192.168.1.100
resource (scanner.rc)> run
[*] 192.168.1.100:80 Apache/2.4.41 (Ubuntu)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
resource (scanner.rc)> use auxiliary/scanner/ssh/ssh_version
resource (scanner.rc)> set RHOSTS 192.168.1.100
RHOSTS => 192.168.1.100
resource (scanner.rc)> run
[*] 192.168.1.100:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
By using scripts like this, you can automate critical steps in your pentest process, saving time and ensuring consistency.
Conclusion
Using Metasploit Auxiliary Scanners in Termux can significantly enhance your pentest efforts. Whether you’re scanning a single target or automating a series of scans, this mobile-friendly setup empowers you to perform efficient penetration testing tasks directly from your Android device.
Explore more auxiliary scanners and keep experimenting to elevate your pentest skills.
The Ultimate Guide to Termux: Mastering Automation, Customization, and Development on Android
Whether you’re looking to automate tasks, customize your environment, or develop cutting-edge applications, this guide has you covered. Start mastering Termux now and transform your Android device into a powerhouse of productivity and innovation. Don’t wait—grab your copy and start your journey to becoming a Termux pro!