-
Notifications
You must be signed in to change notification settings - Fork 14.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Backup Scanner Auxiliary, #19566
base: master
Are you sure you want to change the base?
Backup Scanner Auxiliary, #19566
Conversation
This module that attempts to find backup files on a list of subdomains via brute force. It includes improved detection mechanisms to minimize false positives, making it a valuable tool for penetration testers and security researchers. Load the Module To use the module, start Metasploit and load the module as follows: msf6 > use auxiliary/scanner/http/backup_scanner Set Required Options You need to set various options to configure the module: msf6 auxiliary(scanner/http/backup_scanner) > set RHOSTS <target_subdomain_or_ip> msf6 auxiliary(scanner/http/backup_scanner) > set RPORT <target_port> # Default is 80 msf6 auxiliary(scanner/http/backup_scanner) > set DOMAIN_LIST <path_to_subdomain_file> msf6 auxiliary(scanner/http/backup_scanner) > set WORDLIST <path_to_backup_file_names> msf6 auxiliary(scanner/http/backup_scanner) > set USER_AGENT "<your_custom_user_agent>" # Optional msf6 auxiliary(scanner/http/backup_scanner) > set SSL <true|false> # Optional msf6 auxiliary(scanner/http/backup_scanner) > set THREADS <number_of_threads> # Default is 10 msf6 auxiliary(scanner/http/backup_scanner) > set MIN_SIZE <minimum_file_size_in_bytes> # Default is 5000 Run the Scanner Once you have configured the options, run the module: msf6 auxiliary(scanner/http/backup_scanner) > run Example Usage Here is an example of how to configure and run the module: msf6 > use auxiliary/scanner/http/backup_scanner msf6 auxiliary(scanner/http/backup_scanner) > set RHOSTS localhost msf6 auxiliary(scanner/http/backup_scanner) > set RPORT 70 msf6 auxiliary(scanner/http/backup_scanner) > set DOMAIN_LIST /home/parag/responsible/sublist.txt msf6 auxiliary(scanner/http/backup_scanner) > set WORDLIST /home/parag/responsible/wordlist.txt msf6 auxiliary(scanner/http/backup_scanner) > set USER_AGENT "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" msf6 auxiliary(scanner/http/backup_scanner) > run Output Upon running the module, it will check each specified backup file on the given subdomains, outputting results for each request. Here are some example outputs: [*] Checking http://example.com:70/backup.zip ... [-] No Response: http://example.com:70/backup.zip [*] Checking http://example.com:70/backup.sql ... [+] Found valid backup file: http://example.com:70/backup.sql (Status: 200, Size: 37453 bytes, MIME: application/sql)
Add files via upload
Thanks for the pull request; Would it make sense consolidate this functionality into the existing |
Hi @adfoster-r7 I have fixed the lint errors. Could you please merge the pull request? Thank you! |
Fixed Lint Errors
This is still a brand new module and it's lacking documentation. What @adfoster-r7 was suggesting was that you add the new features to the existing As it is now, there's a lot of overlap between these two modules. |
Consolidating the functionality into the existing backup scanner would be good to do 👍 It also looks like this pull request has come from your
This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed. |
Hi
I have developed a Metasploit auxiliary module that assists penetration testers in locating backup files across a list of subdomains. You can find it here:
https://github.com/paragbagul111/metasploit-backup-scanner
Please take a moment to review it. If you have any suggestions or improvements, I would be happy to incorporate them into the Metasploit module.