Because we ran the nmap scan with -A we can see it also ran a script scan for us which can give us potential information about the versions of the things used but it can give us a good idea.

We need to know what version its running exactly because it can potentially lead to an exploit for us .

To enumerate this port we use our most important tool that is Metasploit

To Start it up


then we search for the port we wanna exploit basically

msf5 > search smb

This shows us a lot of results a lot of modules for the protocol we defined and then in the results we can see what the module does by the thing written in it first part -

auxiliary - Is for ennumeration

exploit - Is for exploitation

post - is post Expoitation

and then the second part tells us what its actually doing like whats going on behind the scenes of this exploit or ennumeration or post method kinda thing.Examples -Denial of service,Fuzzing,Gathering,Scanner

Now how do we use the modules and exploit stuff with them.

We go to the ms console and just write use and either the name of the module or the number it was listed on

and then to get information about the module you can use info

and it will infromation about the thing