理解 services 命令

services命令作用是显示目标主机上可用的服务

查看命令帮助：

1. msf > services -h
2. Usage: services [-h] [-u] [-a] [-r <proto>] [-p <port1,port2>] [-s <name1,name2>] [-o <filename>] [addr1 addr2 ...]
3.  -a,--add          Add the services instead of searching
4.  -d,--delete       Delete the services instead of searching
5.  -c <col1,col2>    Only show the given columns
6.  -h,--help         Show this help information
7.  -s <name1,name2>  Search for a list of service names
8.  -p <port1,port2>  Search for a list of ports
9.  -r <protocol>     Only show [tcp|udp] services
10.  -u,--up           Only show services which are up
11.  -o <file>         Send output to a file in csv format
12.  -O <column>       Order rows by specified column number
13.  -R,--rhosts       Set RHOSTS from the results of the search
14.  -S,--search       Search string to filter by
15. Available columns: created_at, info, name, port, proto, state, updated_at

 

作者：

锦凡歆在酷狗直播唱歌最好听

怎么做

1、显示所有可用服务

1. msf > services
2. Services
3. ========
4. host             port  proto  name         state  info
5. ----             ----  -----  ----         -----  ----
6. 192.168.177.142  22    tcp    ssh          open   OpenSSH 5.3p1 Debian 3ubuntu4 Ubuntu Linux; protocol 2.0
7. 192.168.177.142  80    tcp    http         open   Apache httpd 2.2.14 (Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
8. 192.168.177.142  139   tcp    netbios-ssn  open   Samba smbd 3.X - 4.X workgroup: WORKGROUP
9. 192.168.177.142  143   tcp    imap         open   Courier Imapd released 2008
10. 192.168.177.142  443   tcp    ssl/https    open
11. 192.168.177.142  445   tcp    netbios-ssn  open   Samba smbd 3.X - 4.X workgroup: WORKGROUP
12. 192.168.177.142  5001  tcp    java-rmi     open   Java RMI
13. 192.168.177.142  8080  tcp    http         open   Apache Tomcat/Coyote JSP engine 1.1
14. 192.168.177.142  8081  tcp    http         open   Jetty 6.1.25
15. msf >

2、过滤服务

1. msf > services -s http
2. Services
3. ========
4. host             port  proto  name  state  info
5. ----             ----  -----  ----  -----  ----
6. 192.168.177.142  80    tcp    http  open   Apache httpd 2.2.14 (Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
7. 192.168.177.142  8080  tcp    http  open   Apache Tomcat/Coyote JSP engine 1.1
8. 192.168.177.142  8081  tcp    http  open   Jetty 6.1.25

3、过滤端口

1. msf > services -p 22
2. Services
3. ========
4. host             port  proto  name  state  info
5. ----             ----  -----  ----  -----  ----
6. 192.168.177.142  22    tcp    ssh   open   OpenSSH 5.3p1 Debian 3ubuntu4 Ubuntu Linux; protocol 2.0
7. msf >

4、搜索特定字符

1. msf > services -S Apache
2. Services
3. ========
4. host             port  proto  name  state  info
5. ----             ----  -----  ----  -----  ----
6. 192.168.177.142  80    tcp    http  open   Apache httpd 2.2.14 (Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
7. 192.168.177.142  8080  tcp    http  open   Apache Tomcat/Coyote JSP engine 1.1

5、多条件过滤

1. msf > services -c name,port,info -S Apache 192.168.177.142
2. Services
3. ========
4. host             name  port  info
5. ----             ----  ----  ----
6. 192.168.177.142  http  80    Apache httpd 2.2.14 (Ubuntu) mod_mono/2.4.3 PHP/5.3.2-1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1 mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14 OpenSSL/0.9.8k Phusion_Passenger/4.0.38 mod_perl/2.0.4 Perl/v5.10.1
7. 192.168.177.142  http  8080  Apache Tomcat/Coyote JSP engine 1.1