Integrating Nessus with Metasploit
There are so many tools but the importance of Nessus as a vulnerability scanner is not hidden, and the metasploit master of all the tools that contain the available exploit makes it so important for penetration testing and for hacking, as discussed before about integration of nmap into nessus click here to learn.
This time we have decided to write on to use metasploit on the basis of nessusresult, you can use your Linux box (recommended) as well as windows box, backtrack5 is available so if you are doing practice on backtrack machine than it is good, while I am using ubuntufor this tutorial.
This tutorial is linked with the previous tutorial in which I have shown you how to use nessus now I am suppose that you have a result on your nessus, so start metasploit,
$ msfconsole
In this process we make Nessus Bridge for Metasploit, so on the metasploit type.
$ msf > load nessus
After successfully login the plugin you need to run and import the result of nessus into metasploit, so first of all we have to connect our nessus server with metasploit here is the command,
msf > nessus_connect username:password@hostname:port
msf > nessus_connect ehacking:irfan@127.0.0.1:8834
After successful authentication you can check the status of your nessus scan, you can check the policy, you can pause and resume the scan, you can view add and delete user and in general you can do anything that you can do with nessus window.
If you want to check the server status than type
msf > nessus_server_status
Now come to the main objective of the article, below command is for check all the reports
msf > nessus_report_list
If you want to know about the host from the report,
msf > nessus_report_hosts <report id> msf > nessus_report_hosts a6656thy45ehacking
If there is a need to find out the information from a particular host use the command below.
msf > nessus_report_host_ports <hostname> <report id>
msf > nessus_report_host_ports 192.168.1.1 a6656thy45ehacking
You can do a lot of different things from Nessus Bridge for Metasploit just type the command to know more about it.
msf > nessus_help
Comments