Scribd Logo
Upload

Welcome to Scribd!

  • Nessus

    Uploaded by

    contact
    4 views4 pages
    The document discusses installing and using the vulnerability scanning tool Nessus. It describes downloading Nessus, logging in, performing ping and Nmap scans to find the IP address and open ports of a target system. The document then details running a Nessus scan that finds a critical MS08-067 vulnerability. It explores finding an exploit online and using Metasploit to successfully exploit the vulnerability, gaining a root shell on the target.

    Original Description:

    Original Title

    Nessus(1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses installing and using the vulnerability scanning tool Nessus. It describes downloading Nessus, logging in, performing ping and Nmap scans to find the IP address and open ports of a target system. The document then details running a Nessus scan that finds a critical MS08-067 vulnerability. It explores finding an exploit online and using Metasploit to successfully exploit the vulnerability, gaining a root shell on the target.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views4 pages

    Nessus

    Uploaded by

    contact
    The document discusses installing and using the vulnerability scanning tool Nessus. It describes downloading Nessus, logging in, performing ping and Nmap scans to find the IP address and open ports of a target system. The document then details running a Nessus scan that finds a critical MS08-067 vulnerability. It explores finding an exploit online and using Metasploit to successfully exploit the vulnerability, gaining a root shell on the target.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Nessus

    Let's first install nessus after downloading the .deb file from the Tenable website

    Now we can go to the browser and login to see the nessus home page

    Since we don't know the ip address of our target, we will have to do a ping scan. For that, let's first check our ip
    and get the network address from it.

    1/4
    Our network address will be 192.168.99.0/24. Let's do an fping scan to find the target's ip.

    We got it as 192.168.99.50. Let's do an nmap scan on it.

    We know that smb ports are open and the host is running windows. Let's do a nessus scan on the host using the
    advanced scan option and check the results.

    2/4
    We have MS08-067 as a critical vulnerability. Let's check for an exploit online.

    We found an msf exploit. Let's run it using the instructions.

    First step is to launch metasploit and select the exploit.

    Next, we can select our target. I have chosen automatic tatget identification here.

    Now, let's configure our options.

    3/4
    We got the meterpreter shell, so the exploit was successful. Let's check who we are in the shell.

    We have root.

    4/4

    You might also like