Use cases

One-Shot-Target

Well, imagine that you are conducting an intrusion test and in the midst of all the uproar you end up finding a target in which no vulnerabilities were pointed out, but even so, as a good sniper, it left you a little smell[ing?] a rat.

Suppose it is an internal analysis and the IP is 192.168.0.102 and that, in addition to the known service ports, port 8000 active on that IP has also been identified. In the case of the internal testing context, the pentester will already have some information regarding the technologies used by the developers and this will allow you to infer which siddhis can be used against the target.

So we already know the IP in advance and also that the port we want to evaluate is active, we can then run Vimana as follows:

vimana run --module dmt --target 192.168.0.102 --port 8000 --verbose --debug

If there is nothing that can be done by the siddhi, an informational message about it will be displayed. If any, the initial panel will be presented with some information about the target, as below:

Multi-Target in progress...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Use cases

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally