Ethical Hacking and Penetration Testing Guide
Importing Nessus to Metasploit
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Importing Nessus to Metasploit
- Scanning the Target
|
Importing Nessus to Metasploit
Here is how you can import nessus to Metasploit. Step 1 —Load Metasploit from your BackTrack console by typing “msfconsole”. Step 2 —Enter the “load nessus” command, which will automatically load nessus within BackTrack. The nessus _ help command contains a list of all the options that can be used within Metasploit from nessus. Vulnerability Assessment ◾ 133 Step 3 —Next, we need to connect to the nessus server by issuing the nessus _ connect command: msf > nessus_connect rafay:password@127.0.0.1:8834 ok The command simply connects us to our local host (127.0.0.1) on port 8834, which is the default port for nessus. Scanning the Target Now that you are connected to the server, you can start by checking the available policies. If you have created your own policy, it will show up here. If you haven’t, it will show the default policies. You can check the available policies (the ones you have created and the default ones) by run- ning the “ nessus _ policy _ list ” command. Let’s try running a scan against a Windows box on a local area network. We will issue the fol- lowing command to scan a particular target. msf > nessus_scan_new -3 mypentest The -3 is the number of the policy followed by the name of the scan, that is, “mypentest”, and the target IP. This will start a scan in the background. It may take some time for Nessus to display the results. Alternatively, we can check the progress of the scan by simply typing the “ nessus _ scan _ status ” command. This will display the information about your current scan such as scan id status, current hosts, and start time. If you don’t see any status, it probably means that your scan is finished. Reporting Once we have verified that our scan has been finished, we can check for the list of current reports in our database by issuing the “ nessus _ report _ list ” command. We will now import our scan information; we can do it by using the “ nessus _ report _ get ” command followed by the scan ID. msf > nessus_report_get Now that we have information imported, we will type “access the scan results”. We can use the “hosts” command to list all the hosts that were scanned. We can also use the “ vulns ” command from the Metasploit console to list down all the pos- sible vulnerabilities for the target hosts. I strongly recommend you to read the Nessus User Guide, which contains pretty much every- thing you need to know about Nessus. It is available at http://static.tenable.com/documentation/Nessus_5.0_user_guide.pdf OpenVas OpenVas is an open source network vulnerability scanner; it is a great alternative to Nessus. Unlike nessus, it’s free. It comes preloaded with BackTrack. However, comparatively nessus is much better than OpenVas, due to the huge amount of vulnerability checks it can handle. 134 ◾ Ethical Hacking and Penetration Testing Guide OpenVas is located in the following location in BackTrack: If you want to get started with OpenVas, BackTrack’s wiki has a great resource that pretty much explains everything for setting up and getting started with OpenVas. Yüklə 22,44 Mb. Dostları ilə paylaş:
|