msf auxiliary(scanner/http/trace) > options
Module options (auxiliary/scanner/http/trace):
Name Current Setting Required Description
---- --------------- -------- -----------
Proxies no A proxy chain of format type:host:port[,type:host:port][...]. Supported proxies: sapni, socks4, socks5, socks5h, http
RHOSTS 10.0.0.10 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
RPORT 80 yes The target port (TCP)
SSL false no Negotiate SSL/TLS for outgoing connections
THREADS 1 yes The number of concurrent threads (max one per host)
VHOST no HTTP server virtual host
View the full module info with the info, or info -d command.
msf auxiliary(scanner/http/trace) >
msf auxiliary(scanner/http/trace) > run
[+] 10.0.0.10:80 is vulnerable to Cross-Site Tracing
[-] Auxiliary failed: Msf::ValidationError Failed to report vuln for 10.0.0.10:80 to the database
[-] Call stack:
[-] /usr/share/metasploit-framework2/lib/msf/core/auxiliary/report.rb:300:in `report_vuln'
[-] /usr/share/metasploit-framework2/modules/auxiliary/scanner/http/trace.rb:44:in `run_host'
[-] /usr/share/metasploit-framework2/lib/msf/core/auxiliary/scanner.rb:116:in `block (2 levels) in run'
[-] /usr/share/metasploit-framework2/lib/msf/core/thread_manager.rb:105:in `block in spawn'
[*] Auxiliary module execution completed
msf auxiliary(scanner/http/trace) >
