1, use web/dir_scanner
2, set TARGET http://www.****.com
3, run
SOURCE: https://sourceforge.net/projects/websploit/
WebSploit Advanced MITM Framework
[+]Autopwn – Used From Metasploit For Scan and Exploit Target Service
[+]wmap – Scan,Crawler Target Used From Metasploit wmap plugin
[+]format infector – inject reverse & bind payload into file format
[+]phpmyadmin Scanner
[+]CloudFlare resolver
[+]LFI Bypasser
[+]Apache Users Scanner
[+]Dir Bruter
[+]admin finder
[+]MLITM Attack – Man Left In The Middle, XSS Phishing Attacks
[+]MITM – Man In The Middle Attack
[+]Java Applet Attack
[+]MFOD Attack Vector
[+]ARP Dos Attack
[+]Web Killer Attack
[+]Fake Update Attack
[+]Fake Access point Attack
[+]Wifi Honeypot
[+]Wifi Jammer
[+]Wifi Dos
[+]Wifi Mass De-Authentication Attack
[+]Bluetooth POD Attack
# cd /root
# git clone https://github.com/websploit/websploit.git
# cd websploit
# ./wsf-update.py
# ./websploit
( ( ) ( )
)\))( ‘ ( ( /( )\ ( ( /(
((_)()\ ) ))\ )\()) ( ` ) ((_) ( )\ )\())
_(())\_)() /((_)((_)\ )\ /(/( _ )\((_)(_))/
\ \((_)/ /(_)) | |(_)((_)((_)_\ | | ((_)(_)| |_
\ \/\/ / / -_) | ‘_ \(_-<| ‘_ \)| |/ _ \| || _|
\_/\_/ \___| |_.__//__/| .__/ |_|\___/|_| \__|
–=[WebSploit Advanced MITM Framework
+—**—==[Version :3.0.0
+—**—==[Codename :Katana
+—**—==[Available Modules : 20
–=[Update Date : [r3.0.0-000 20.9.2014]
wsf > help
Commands Description
————— —————-
set Set Value Of Options To Modules
scan Scan Wifi (Wireless Modules)
stop Stop Attack & Scan (Wireless Modules)
run Execute Module
use Select Module For Use
os Run Linux Commands(ex : os ifconfig)
back Exit Current Module
show modules Show Modules of Current Database
show options Show Current Options Of Selected Module
upgrade Get New Version
update Update Websploit Framework
about About US
wsf > upgrade
[*]Checking For New Version, Please Wait …
[*]New Version Not Available, This Is Latest Version Of The WebSploit Framework.
wsf > show modules
Web Modules Description
——————- ———————
web/apache_users Scan Directory Of Apache Users
web/dir_scanner Directory Scanner
web/wmap Information Gathering From Victim Web Using (Metasploit Wmap)
web/pma PHPMyAdmin Login Page Scanner
web/cloudflare_resolver CloudFlare Resolver
Network Modules Description
——————- ———————
network/arp_dos ARP Cache Denial Of Service Attack
network/mfod Middle Finger Of Doom Attack
network/mitm Man In The Middle Attack
network/mlitm Man Left In The Middle Attack
network/webkiller TCP Kill Attack
network/fakeupdate Fake Update Attack Using DNS Spoof
network/arp_poisoner Arp Poisoner
Exploit Modules Description
——————- ———————
exploit/autopwn Metasploit Autopwn Service
exploit/browser_autopwn Metasploit Browser Autopwn Service
exploit/java_applet Java Applet Attack (Using HTML)
Wireless / Bluetooth Modules Description
——————- ———————
wifi/wifi_jammer Wifi Jammer
wifi/wifi_dos Wifi Dos Attack
wifi/wifi_honeypot Wireless Honeypot(Fake AP)
wifi/mass_deauth Mass Deauthentication Attack
bluetooth/bluetooth_pod Bluetooth Ping Of Death Attack
用websploit获取管理员后台地址
原文地址:https://www.cnblogs.com/waw/p/9060400.html