You are on page 1of 14

How did the plugin came about?

Past Nessus / MSF Integration.

What does it do?

Do a little Demo
What could it do?

What now?

Questions?
I was going to integrate Nessus
and Drupal

So I got to know the xmlrpc


interface.

Discovered k0st's nessus-xmlrpc


ruby library.
Was going to create a “Missing
CVE” Plugin

Wished for Nexpose/MSF Express


functionality with Nessus

Put all that together and out came


Nessus Bridge for Metasploit.
Does NBE, V1 and V2 imports.

Only from local file.

Check
Scan Export Locate
progress Swap to
from web from web file on Import.
from web MSF
interface. interface. disk.
interface.
Scans

Imports

Shows you info about your server

Shows you info about your scans


Holy Crap! Shows you info about your reports
That’s
Awesome!

Lets you manage users.

Shows you info about your policies


login
status
plugins
policies
reports
users
new scan
view hosts while scan running
import report
exploits
Sniper scans - scan for port x or
vuln y and pwn

Scan hosts from the db.


*done*

Only import things from the


report that are sploitable

What else?
Vuln to Exploit connection sucks

Need something like CVE/CWE .. CXE


maybe?

MSF 3.5 - Hot Shit.


Nessus added exploit data to report
findings (love that!)

Plugin is in MSF svn.

Latest Code:

http://github.com/Zate/Nessus-
Bridge-for-Metasploit
Bugs to MSF Redmine, or zate75[at]gmail.com

Suggestions and Code welcomed

Big thanks to hdm,jduck,egyp7 and


Darkoperator for much patience in #metasploit

Thanks to the guys at Tenable for info on xmlrpc


interface

Thanks to K0st for his Ruby lib which I destroyed 