One of the most frustrating things for me when I started with metasploit (known as msf from here in) was not exploiting something, but finding something to exploit. I had all these exploits at my finger tips but my ability to find something to pwn was limited by having to move back and forth between a bunch of tools and cross reference things.
This changed when I did my PwB v3 course, I got much better at determining when and how to use msf to take advantage of something I found. There was still a lot of moving between tools but I was at least able to identify vulnerable hosts.
I use Nessus in my day job to scan for vulns and sometimes I need to be able to turn those results into demonstrations or do false positive checking. It was a little annoying to run the scan either from the cli, or usually from the Nessus Web Client and then have to manually import the Nessusv2 report.
At the same time MSF Express came out. WoW, that is some slick shit.
I got to thinking, why not code a plugin that can do some limited stuff over xmlrpc from within the msfconsole and give me the ability to at least import my scan without having to go download it, transfer it over and then delete it.
So the Nessus Bridge for Metasploit was born. (Still in dev, so please report bugs)
The general concept is to allow you to do various tasks with your Nessus server, from within the msf command line. By that I mean scan with Nessus, review the results, import the results and then exploit the results.
These next few blog posts will be some pointers on what it can (and can’t) do and how to use it.
Commands are broken up into the following categories and I will be covering each category in a separate entry.
- Generic Commands
- Reports Commands
- Scan Commands
- Plugin Commands
- User Commands
- Policy Commands
Click though each link to see a more detailed explanation of the commands available for each category and how to use them