How did the plugin came about?

Past Nessus / MSF Integration.

What does it do?

Do a little Demo
What could it do?

What now?

Questions?
I was going to integrate Nessus
and Drupal

So I got to know the xmlrpc

interface.

Discovered k0st's nessus-xmlrpc

ruby library.
Was going to create a “Missing
CVE” Plugin

Wished for Nexpose/MSF Express

functionality with Nessus

Put all that together and out came

Nessus Bridge for Metasploit.
 Does NBE, V1 and V2 imports.

Only from local file.

Check
Scan Export Locate
progress Swap to
from web from web file on Import.
from web MSF
interface. interface. disk.
interface.
Scans

Imports

Shows you info about your server

Shows you info about your scans

Holy Crap! Shows you info about your reports
That’s
Awesome!

Lets you manage users.

Shows you info about your policies

login
status
plugins
policies
reports
users
new scan
view hosts while scan running
import report
exploits
Sniper scans - scan for port x or
vuln y and pwn

Scan hosts from the db.

*done*

Only import things from the

report that are sploitable

What else?
Vuln to Exploit connection sucks

Need something like CVE/CWE .. CXE

maybe?

MSF 3.5 - Hot Shit.

Nessus added exploit data to report
findings (love that!)

Plugin is in MSF svn.

Latest Code:

http://github.com/Zate/Nessus-
Bridge-for-Metasploit
Bugs to MSF Redmine, or zate75[at]gmail.com

Suggestions and Code welcomed

Big thanks to hdm,jduck,egyp7 and

Darkoperator for much patience in #metasploit

Thanks to the guys at Tenable for info on xmlrpc

interface

Thanks to K0st for his Ruby lib which I destroyed 