Talking in the #metasploit channel on freenode.net today someone (you know who you are) gave me the idea of saving the username, password, hostname/ip and port to a nessus.yaml file so they would be saved between metasploit sessions.
So tonight, I added that. New commands added are:
- nessus_save: this will save those 4 items to ~/.msf3/nessus.yaml
- nessus_logout will now remove that file when invoked.
- nessus_connect will look for that file and use it’s contents if invoked with no arguments. If the file doesn’t exist, it will display usage.
So basically, load nessus, nessus_connect admin:[email protected]:8834 and then nessus_save. Now each time you load nessus you just need to nessus_connect and it will reuse those saved creds, until you wiped them out with nessus_logout.
Up next is investigating a way to have the nessus.yaml house multiple sets of creds and let you invoke nessus_connect with the set name to login to that server (or the default set if no set name is given). also need to modify nessus_save to take an argument that it will use for the set name. Tackle that later this week I guess.
It’s been merged, so svn up and you are set. Report bugs to me or via the metasploit redmine.
Posted in Bananas and tagged Auto, Draft, idea, logout, Metasploit, nessus, new feature, password, report bugs, today, yaml by Zate with no comments yet.
This weekend (Oct 23rd and 24th) I will be in Charleston WV presenting/demoing the Nessus Bridge for Metasploit at Hack3rcon. This will be the first time I’ll have presented anything outside of work and should be lots of fun. Quite a few great speakers that I look forward to meeting.
I’ll post the presentation up here once it’s done for everyone else to take a look at. Actually going to be presenting a few new commands that are not in the metasploit svn version of the plugin.
After Hack3rcon I’ll be back into high gear adding some new functionality to the plugin and branching out into writing a wrapper for Nessus to speak IVIL for Seccubus v2. This is pretty exciting stuff for me. Coming up with a xml format to speak “findings” that is tool agnostic is going to be a great thing. It will mean moving findings between tools, or comparing findings between tools, will be much much easier. Keep a look out for that one.
There has been some talk on the metasploit mailing list this week about using tools such as Nessus to scan through a MSF pivot and into another network. Some interesting discussion and I think it’s something I will dive into in these next few weeks. Start to examine what some of the limitations are and how we might overcome or avoid them.
that’s it for now. have a good weekend.
Posted in Bananas, Security, Stuff, Technology, Things and tagged agnostic, Auto, Bridge, charleston wv, Draft, Hack, hacker convention, look, Metasploit, metasploit framework, nessus, Oct, Presenting, using tools, work, xml format by Zate with no comments yet.
Next up are the plugin commands. These helpful little beasts are all about showing you what plugins are available on your nessus server, and how many of them you have.
Given that nessus has over 38,000 plugins, simply asking it to list them all would result in a very large list returned from the server. Nessus gets around this by breaking the request down into several parts. (more…)
Posted in Bananas, Security, Stuff, Technology, Things and tagged Auto, Bridge, Commands, CVE, default server, Draft, family names, list, little beasts, Metasploit, nessus, nessus server, plugin, prefs, risk factor, server plugin, Value, web by Zate with no comments yet.
So one of the major “issues” with the Nessus for Metasploit Plugin right now is that it does not handle large reports well. Not even the usual db_import_nessus handles large reports well and this is because it reads the entire file in one big blob then parses it.
The nexpose importer and the nmap importer both use REXML Stream Processors.
So tonight I copied the nmap_xml.rb file and am working on making it process Nessus v2 files. I am hoping that both the Nessus plugin, and the db_import will benefit from these changes.
I’ve been looking at it for a few days and kind of avoiding it because it’s difficult and is going to require large portions of my time fumbling through learning how the current one works enough to know how/what to modify.
Well turns out it’s simpler than I thought. (more…)
Posted in Bananas, Security, Stuff, Technology, Things and tagged Auto, blob, Draft, nessus, nmap, small victories, stream processors by Zate with no comments yet.
The Scan Commands are where this plugin starts to really differ from previously importing nessus scans from flat files. With these commands we can stay within the metasploit framework and reach out and examine things with Nessus. We can then use the Report Commands we just learnt about to pull that data back to later pwn stuff.
Scan Commands are as follows:
- nessus_scan_resume_all (more…)
Posted in Bananas, Security, Stuff, Technology, Things and tagged Auto, Bridge, Commands, confirmation, Draft, functionality, learnt, line, lt, Metasploit, metasploit framework, nessus, pwn, range, Report, Scan, Start, status, stop, tab, use by Zate with no comments yet.
Been a while since I have written.
So what have I been upto? Well. Looking back over old posts let me update a couple of things.
- Got the phone. Ended up with the Nexus One, on ATT, bought it outright (no contract). Totally LOVE this phone. It’s rooted, ROM’d and rockin. Running Cyanogenmod 6 on it. Seriously rocking phone.
- I completed the OffensiveSecurity.com PwV v3.0 course. Did 30 days worth of labs and then sat the exam for my OSCP. Passed it too. Was probably the best training I have ever attended and next to bootcamp for the army, one of the most intense 30 days of my career. Loved every second of it.
- Not working on HFC so much anymore. The project just kind of petered out with Johnny going through some changes over in Uganda. STill keep tabs on it and offer to help where I can.
So, new projects and things coming up, lets see. (more…)
Posted in Bananas and tagged hacker convention, hdm, learning curve, LOVE, Metasploit, nessus, oscp, phone, post, ruby by Zate with no comments yet.