Results 1 to 4 of 4

Thread: [Nessus + Metasploit]

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Unhappy [Nessus + Metasploit]

    hi everyone,
    I have scan one of my system(windows NT4) with Nessus, and it found 4 critical vulnerabilities:

    MS05-027 and MS05-043
    MS06-035
    MS09-001
    MS08-067

    the problem is, i dont find these exploits in Metasploit except the last one (MS08-067_Netapi) ans when i try to use it with automatic detection, it don't recognize the pack language and when i type "show targets" i don't have windows NT4 choice..

    So the question is: how to use exploit MS08-067 on windows NT4 server and where can i find other exploits quote by nessus?

    Thanks

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: [Nessus + Metasploit]

    Thats odd, I seem to have found most of them
    Code:
     
           =[ metasploit v3.4.0-dev [core:3.4 api:1.0]
    + -- --=[ 542 exploits - 257 auxiliary
    + -- --=[ 208 payloads - 23 encoders - 8 nops
           =[ svn r9135 updated today (2010.04.25)
    
    msf > search ms09_001[*] Searching loaded modules for pattern 'ms09_001'...
    
    Auxiliary
    =========
    
       Name                            Rank    Description
       ----                            ----    -----------
       dos/windows/smb/ms09_001_write  normal  Microsoft SRV.SYS WriteAndX Invalid DataOffset
    
    msf > search ms06_035[*] Searching loaded modules for pattern 'ms06_035'...
    
    Auxiliary
    =========
    
       Name                               Rank    Description
       ----                               ----    -----------
       dos/windows/smb/ms06_035_mailslot  normal  Microsoft SRV.SYS Mailslot Write Corruption
    
    msf > search ms05_027[*] Searching loaded modules for pattern 'ms05'...
    
    Auxiliary
    =========
    
       Name                          Rank    Description
       ----                          ----    -----------
       dos/windows/smb/ms05_047_pnp  normal  Microsoft Plug and Play Service Registry Overflow
    
    
    Exploits
    ========
    
       Name                          Rank    Description
       ----                          ----    -----------
       windows/dcerpc/ms05_017_msmq  good    Microsoft Message Queueing Service Path Overflow
       windows/nntp/ms05_030_nntp    normal  Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
       windows/smb/ms05_039_pnp      good    Microsoft Plug and Play Service Overflow
    
    msf >

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: [Nessus + Metasploit]

    Ouch. OP try the following, to get a better idea of how to search within metasploit.

    Metasploit Unleashed - Mastering the Framework

  4. #4
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: [Nessus + Metasploit]

    Ok thanks guys :-)

Similar Threads

  1. Nessus 4.2.2 and Metasploit v3.3.4
    By hanc2006 in forum Beginners Forum
    Replies: 2
    Last Post: 04-21-2010, 05:42 PM
  2. Using Nessus and/or Nexpose together with metasploit
    By imported_Warlord711 in forum OLD Pentesting
    Replies: 1
    Last Post: 02-03-2010, 04:46 AM
  3. Nessus
    By .rtkd in forum Tool Requests
    Replies: 10
    Last Post: 01-19-2010, 05:35 AM
  4. Importing Nessus NBE scans into Metasploit
    By snorty mcsnort in forum OLD Newbie Area
    Replies: 0
    Last Post: 01-27-2009, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •