The objective is to produce a Nessus 4.2.1 scan report in .nbe file format so that it can be imported into Metasploit AutoPwn features. The OpenVas client which can produce nbe format reports and comes with BackTrack 4 cannot connect to the nessusd server. It fails with "Unable to establish a connection to the remote host using the specified protocol version" eventhough the port number matches 8834 TCP of nessus server..
Okay I gather(nessusd:8834) it's only meant for HTTPS connection from IE/Firefox client
browsers. This is a sypnosis of the reason from Openvas website. I thought openvas could still connect to Nessus because I have an earlier version of nessus server that I can
connect to with an earlier version of openvas.
"The client and the server module in an OpenVAS installation communicate through the OpenVAS Transfer Protocol (OTP). Earlier versions of OpenVAS have used the Nessus Transport Protocol (NTP) inherited from Nessus, but in order to address shortcomings of NTP and to facilitate further improvements in the OpenVAS modules it became necessary to make changes to the protocol. Since NTP was specified by the Nessus project and changes to NTP by the Nessus project are to be expected, a decision was made to switch to a new protocol to avoid collisions with future protocol specifications by the Nessus project and to avoid confusion with other well-established protocols "
The objective is still to produce an nbe report format using the latest version of Nessus with all its goodies scripts. In Internet Explorer BackTrack Linux - Penetration Testing Distribution
Login to Nessus.
Create a policy.
Add a new scan.
Specify a target and the policy you created.
Download the report in nessus(v1) format
Save and name the report myscan.nessus
Start the nessus command line client. Notice this is the client (d)
use the option
./nessus --dot-nessus /path/myscan.nessus -i "ReportName" -o /path/output.nbe
where "ReportName" is the name of the report exactly as it appears under Reports in
This will produce a proper nbe file format..
Anybody care to comment on any other options to generate nbe files from nessus scans
using different client or command tools??