|
| 1 | +## Description |
| 2 | + |
| 3 | +The dcerpc/management module scans a range of IP addresses and obtains information from the Remote Management interface of the DCERPC service. |
| 4 | + |
| 5 | +## Verification Steps |
| 6 | + |
| 7 | +1. Do: ```use auxiliary/scanner/dcerpc/management``` |
| 8 | +2. Do: ```set RHOSTS [IP]``` |
| 9 | +3. Do: ```set THREADS [number of threads]``` |
| 10 | +4. Do: ```run``` |
| 11 | + |
| 12 | +There is minimal configuration required for this module; we simply need to set our THREADS value and the range of hosts we want scanned and run the module. |
| 13 | + |
| 14 | +## Scenarios |
| 15 | + |
| 16 | +**Running the scanner** |
| 17 | +``` |
| 18 | +msf > use auxiliary/scanner/dcerpc/management |
| 19 | +msf auxiliary(management) > show options |
| 20 | +
|
| 21 | +Module options: |
| 22 | +
|
| 23 | + Name Current Setting Required Description |
| 24 | + ---- --------------- -------- ----------- |
| 25 | + RHOSTS yes The target address range or CIDR identifier |
| 26 | + RPORT 135 yes The target port |
| 27 | + THREADS 1 yes The number of concurrent threads |
| 28 | +
|
| 29 | +msf auxiliary(management) > set RHOSTS 192.168.1.200-254 |
| 30 | +RHOSTS => 192.168.1.200-254 |
| 31 | +msf auxiliary(management) > set THREADS 55 |
| 32 | +THREADS => 55 |
| 33 | +msf auxiliary(management) > run |
| 34 | +
|
| 35 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_access_denied |
| 36 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_access_denied |
| 37 | +[*] UUID e1af8308-5d1f-11c9-91a4-08002b14a0fa v3.0 |
| 38 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_access_denied |
| 39 | +[*] Remote Management Interface Error: The connection was refused by the remote host (192.168.1.250:135). |
| 40 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 41 | +[*] listening: 00000000 |
| 42 | +[*] killed: 00000005 |
| 43 | +[*] name: 00010000000000000100000000000000d3060000 |
| 44 | +[*] UUID 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b v1.1 |
| 45 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 46 | +[*] listening: 00000000 |
| 47 | +[*] killed: 00000005 |
| 48 | +[*] name: 00010000000000000100000000000000d3060000 |
| 49 | +[*] UUID 1d55b526-c137-46c5-ab79-638f2a68e869 v1.0 |
| 50 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 51 | +[*] listening: 00000000 |
| 52 | +[*] killed: 00000005 |
| 53 | +[*] name: 00010000000000000100000000000000d3060000 |
| 54 | +[*] UUID e60c73e6-88f9-11cf-9af1-0020af6e72f4 v2.0 |
| 55 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 56 | +[*] listening: 00000000 |
| 57 | +[*] killed: 00000005 |
| 58 | +[*] name: 00010000000000000100000000000000d3060000 |
| 59 | +[*] UUID 99fcfec4-5260-101b-bbcb-00aa0021347a v0.0 |
| 60 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 61 | +[*] listening: 00000000 |
| 62 | +[*] killed: 00000005 |
| 63 | +[*] name: 00010000000000000100000000000000d3060000 |
| 64 | +[*] UUID b9e79e60-3d52-11ce-aaa1-00006901293f v0.2 |
| 65 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 66 | +[*] listening: 00000000 |
| 67 | +[*] killed: 00000005 |
| 68 | +[*] name: 00010000000000000100000000000000d3060000 |
| 69 | +[*] UUID 412f241e-c12a-11ce-abff-0020af6e7a17 v0.2 |
| 70 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 71 | +[*] listening: 00000000 |
| 72 | +[*] killed: 00000005 |
| 73 | +[*] name: 00010000000000000100000000000000d3060000 |
| 74 | +[*] UUID 00000136-0000-0000-c000-000000000046 v0.0 |
| 75 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 76 | +[*] listening: 00000000 |
| 77 | +[*] killed: 00000005 |
| 78 | +[*] name: 00010000000000000100000000000000d3060000 |
| 79 | +[*] UUID c6f3ee72-ce7e-11d1-b71e-00c04fc3111a v1.0 |
| 80 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 81 | +[*] listening: 00000000 |
| 82 | +[*] killed: 00000005 |
| 83 | +[*] name: 00010000000000000100000000000000d3060000 |
| 84 | +[*] UUID 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 v0.0 |
| 85 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 86 | +[*] listening: 00000000 |
| 87 | +[*] killed: 00000005 |
| 88 | +[*] name: 00010000000000000100000000000000d3060000 |
| 89 | +[*] UUID 000001a0-0000-0000-c000-000000000046 v0.0 |
| 90 | +[*] Remote Management Interface Error: DCERPC FAULT => nca_s_fault_ndr |
| 91 | +[*] listening: 00000000 |
| 92 | +[*] killed: 00000005 |
| 93 | +[*] name: 00010000000000000100000000000000d3060000 |
| 94 | +...snip... |
| 95 | +[*] Scanned 55 of 55 hosts (100% complete) |
| 96 | +[*] Auxiliary module execution completed |
| 97 | +msf auxiliary(management) > |
| 98 | +``` |
0 commit comments