Nessus Bridge for Metasploit :: Scan Commands

Welcome to part 4 of my Nessus Bridge for Metasploit coverage.  Here is part 1 and part 2 and part 3 if you are just joining us.

The Scan Commands are where this plugin starts to really differ from previously importing nessus scans from flat files.  With these commands we can stay within the metasploit framework and reach out and examine things with Nessus.  We can then use the Report Commands we just learnt about to pull that data back to later pwn stuff.

Scan Commands are as follows:

  • nessus_scan_new
  • nessus_scan_status
  • nessus_scan_pause
  • nessus_scan_pause_all
  • nessus_scan_stop
  • nessus_scan_stop_all
  • nessus_scan_resume
  • nessus_scan_resume_all (more…)

Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , , , , , , , , , , by with no comments yet.

Nessus Bridge for Metasploit :: Report Commands

Welcome to part 3 of my Nessus Bridge for Metasploit coverage.  Here is part 1 and part 2 if you are just joining us.

Report commands are where we get to actually do things.  They concist of some commands to manage/import reports directly on your Nessus server.  No more going to the web console, exporting a report, moving it to your msf box and running db_import_nessus to get it into your workspace and available to db_autopwn or work with.

The implemented (so far) commands are:

  • nessus_report_list
  • nessus_report_get
  • nessus_report_hosts
  • nessus_report_host_ports
  • nessus_report_host_detail

Ok, make sure you are loaded up and authed to your server and we will check these out. (more…)


Posted in Bananas and tagged , , , , , , , , , , , , by with no comments yet.