First of all, destroy the existing database with the db_destroy command
and create a new one using db_connect .
Load the Nessus plug-in by running load nessus, as shown here:
msf > db_destroy postgres:toor@127.0.0.1/msf3
[*] Warning: You will need to enter the password at the prompts below
Password:
msf > db_connect postgres:toor@127.0.0.1/msf3
msf > load nessus
[*] Nessus Bridge for Metasploit 1.1
[+] Type nessus_help for a command listing
[+] Exploit Index - (/root/.msf3/nessus_index) - is valid.
[*] Successfully loaded plugin: Nessus
Before starting a scan with the Bridge, you first need to authenticate
to your Nessus server using nessus_connect, as shown here:
msf > nessus_connect Rohit:password@192.168.1.101:8834 ok
[*] Connecting to https://192.168.1.101:8834/ as Rohit
[*] Authenticated
As you need to initiate a scan using a defined policy by its policy ID
number. To list the available scan policies
on the server, use nessus_policy_list:
msf > nessus_policy_list
Take note of the policy ID you want to use for your scan, and then
launch a new scan with nessus_scan_new followed by the policy number,
a name for your scan, and your target IP address as shown next:
msf > nessus_scan_new
[*] Usage:
[*] nessus_scan_new <policy id> <scan name> <targets>
[*] use nessus_policy_list to list all available policies
msf > nessus_scan_new 2 bridge_scan 192.168.1.2
While your scan is in progress, you can see its status by running the
nessus_scan_status command. When this command’s output responds
with “No Scans Running ”, you will know that your scan
has completed.
After the scan has completed, you can list the available scan reports
with the nessus_report_list command:
msf > nessus_report_list
msf > nessus_report_get ID
and create a new one using db_connect .
Load the Nessus plug-in by running load nessus, as shown here:
msf > db_destroy postgres:toor@127.0.0.1/msf3
[*] Warning: You will need to enter the password at the prompts below
Password:
msf > db_connect postgres:toor@127.0.0.1/msf3
msf > load nessus
[*] Nessus Bridge for Metasploit 1.1
[+] Type nessus_help for a command listing
[+] Exploit Index - (/root/.msf3/nessus_index) - is valid.
[*] Successfully loaded plugin: Nessus
Before starting a scan with the Bridge, you first need to authenticate
to your Nessus server using nessus_connect, as shown here:
msf > nessus_connect Rohit:password@192.168.1.101:8834 ok
[*] Connecting to https://192.168.1.101:8834/ as Rohit
[*] Authenticated
As you need to initiate a scan using a defined policy by its policy ID
number. To list the available scan policies
on the server, use nessus_policy_list:
msf > nessus_policy_list
Take note of the policy ID you want to use for your scan, and then
launch a new scan with nessus_scan_new followed by the policy number,
a name for your scan, and your target IP address as shown next:
msf > nessus_scan_new
[*] Usage:
[*] nessus_scan_new <policy id> <scan name> <targets>
[*] use nessus_policy_list to list all available policies
msf > nessus_scan_new 2 bridge_scan 192.168.1.2
While your scan is in progress, you can see its status by running the
nessus_scan_status command. When this command’s output responds
with “No Scans Running ”, you will know that your scan
has completed.
After the scan has completed, you can list the available scan reports
with the nessus_report_list command:
msf > nessus_report_list
msf > nessus_report_get ID
No comments:
Post a Comment