msf弱点扫描模块使用
openvas
引入openvas进行扫描,全命令行,使用繁琐
msf > load openvas
导入openvas扫描日志,.nbe格式
msf > db_import openvas.nbe
nessus
导入nessus模块进行扫描
msf > load nessus
[*] Nessus Bridge for Metasploit
[*] Type nessus_help for a command listing
[*] Successfully loaded plugin: Nessus
链接nessus扫描器
msf > nessus_connect -h
[*] You must do this before any other commands.
[*] Usage:
[*] nessus_connect username:password@hostname:port <ssl_verify/ssl_ignore>
[*] username and password are the ones you use to login to the nessus web front end
[*] hostname can be an IP address or a DNS name of the Nessus server.
[*] port is the RPC port that the Nessus web front end runs on. By default it is TCP port 8834.
[*] The "ssl_verify" to verify the SSL certificate used by the Nessus front end. By default the server
[*] use a self signed certificate, therefore, users should use ssl_ignore.
msf > nessus_connect root:root@192.168.1.1:8834
[*] Connecting to https://192.168..1:8834/ as root
[*] User root authenticated successfully.
查看扫描策略列表
msf > nessus_policy_list
Policy ID Name Policy UUID
--------- ---- -----------
285 advanced scan ad629e16-03b6-8c1d-cef6-ef8c9dd3c658d24bd260ef5f9e66
创建新扫描任务
msf > nessus_scan_new
[*] Usage:
[*] nessus_scan_new <UUID of Policy> <Scan name> <Description> <Targets>
[*] Use nessus_policy_list to list all available policies with their corresponding UUIDs
msf > nessus_scan_new ad629e16-03b6-8c1d-cef6-ef8c9dd3c658d24bd260ef5f9e66 test test_for_test www.sunriver.cn
[*] Creating scan from policy number ad629e16-03b6-8c1d-cef6-ef8c9dd3c658d24bd260ef5f9e66, called test - test_for_test and scanning www.sunriver.cn
[*] New scan added
[*] Use nessus_scan_launch 288 to launch the scan
Scan ID Scanner ID Policy ID Targets Owner
------- ---------- --------- ------- -----
288 1 287 192.168.56.101 root
查看扫描任务列表
msf > nessus_scan_list
Scan ID Name Owner Started Status Folder
------- ---- ----- ------- ------ ------
288 test root empty 3
进行扫描
msf > nessus_scan_launch 288
[+] Scan ID 288 successfully launched. The Scan UUID is 6d3de086-0eb0-c55f-5cee-f8b9cb0abf33e24014baf8a69c0a