Metasploit also allows us to scan for virtual hosts configured on the same IP. Virtual hosting is the hosting of multiple domains on a single server and each domain name is configured with a different service. It allows a single server to share resources:
- We will use the Metasploit console for this module. To search for the vhost module, we can use the vhost_scanner keyword:
- We set rhosts and domain. In our case, we have used the packtpub.com domain and the 151.101.21.124 IP:
- We run the module by typing run. The auxiliary will scan and all of the vhosts found will be printed:
This auxiliary can be used against internal networks as well to find different internal applications that are hosted on the same server, but are configured with different domains.