Time
5 hours 38 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Description

In this final video on Nessus we examine how to import a scan into the Metaploitable database. Various file formats are available and a nice feature of the framework is the ability to auto-detect the import file type. Once the scan data has been imported into the framework's database, you can then examine it carefully for vulnerabilities. The ability to save the gathered info such as service credentials allows you to later run various exploits without the need to re-scan. The industry standard for vulnerability, configuration and compliance assessments used by more than one million users across the globe. Nessus prevents network attacks by identifying the vulnerabilities and configuration issues that hackers use to penetrate your network. **Download Nessus from Tenable to follow along the with the course! Click below to download your free trial of Learn more about Tenable on their Cybrary channel. Click below to follow for all the latest updates: **

Video Transcription

00:04
All right. So for our next task we're going to do is export
00:08
this.
00:09
And that's a scan
00:11
from the necessary tool
00:12
and imported into Mattis place. So we can have,
00:17
uh, access all this information
00:21
exported. Unnecessary format. You see, you've got some other options available.
00:27
You also have the necessary data base
00:29
format, but we're just gonna put it in
00:32
export, or rather, in straight necessary format.
00:37
And this should get sent to my
00:42
deludes directory.
00:46
Let's not go downloads L s sellers. Hello, Seller. T. There is my file
00:57
back in mass ploy. I'm gonna want to do a D B import.
01:03
So do a dash age.
01:07
I can see All I do is give it the foul into the file on it understands all these different file types.
01:12
Next post scans X amount. All found stone at you, Net IX and map.
01:19
And, of course, Ness's there.
01:22
That's Parker Spice works right now.
01:26
It's pretty good, huh?
01:27
Selection of a lot options there.
01:30
So I know my file is in route downloads
01:34
and I'll paste that last bit there.
01:38
So it was necessary XML and automatically determines the file type
01:44
successfully imported.
01:49
Now, if I want my service is command again.
01:52
I do see more things here, uh, than previously
01:57
look at
02:02
the R. P. C info has been added and a couple other things. The list is a little bit longer, so that's good.
02:13
Also, if I look at my vulnerabilities, look at all the stuff that's here. This should be. This should match the 103 109
02:21
vulnerabilities that were discovered,
02:24
and these all have their
02:28
associate information.
02:34
So now, even though I'm still in the man's boyfriend work, I'm I'm able to look at Ness's
02:38
scan information
02:42
pretty, pretty neat.
02:45
And this is in my database now as well.
02:47
So this is Ah, big improvement over just having,
02:53
you know, two separate applications
02:55
and trying to merge that information together when you're you're looking for ways to do your next exploit,
03:10
you know, loot yet, but we'll see what that looks like. Some point we know we have some credentials
03:16
from the post GREss
03:20
logging that we tried earlier.
03:23
You have to do this from within the framework for that to get registered in the database like I did the Tomcat log in. But that was
03:30
through the Web browser which is outside the framework, so it doesn't know that I've tried that.
03:42
So if I do a quick search for Tomcat,
03:46
I probably could find a
03:53
I'm Andrew Log in that looks like it.
03:58
So let's copy that.
04:08
Show my options.
04:12
I could make this window a little bit bigger.
04:15
I don't like when my lines wraparound.
04:24
It's snowing. Sorry about that.
04:29
All right, so we see that I've got a user name and password.
04:35
My
04:38
our host is not defined. Probably cause I started,
04:41
uh,
04:42
a different version of framework and didn't save those settings.
04:46
There is a safe command within the framework, and I'll run that after I do this.
04:51
So
04:53
1 68 92 1 29
04:57
I'm gonna go ahead and
04:58
go ahead and save my configuration. Tells me where it is.
05:02
No, I will set my password to Tomcat because we know that's what it was from the previous exploit,
05:11
and I'll set user name to Tomcat.
05:16
So basically, set passport and use her name.
05:20
Now if I show my options again,
05:28
I could set blank passwords, too.
05:31
True. That might help,
05:34
but I might have enough information.
05:39
Let's let's do a couple things I set blank
05:42
passwords to true
05:45
set user as past
05:49
True.
05:51
Now I've got more
05:54
confidence of this Exploit will actually do something.
05:56
See what happens.
05:59
It says the connection was refused on port, eh?
06:02
I think this waas pour it 81 80. So that's the problem is the remote port. Let's change that
06:15
now. I will try the exploit.
06:20
So I tried a bunch of defaults,
06:28
Scared one of one hosts,
06:30
and
06:32
I don't see our successful there on a server at the top. I looked right past it,
06:39
so log in for Tom Cat Tomcat was successful. Now, if you look back at our options, we can see we've got a password file, a user name and password file. So these were checked
06:49
as a typical
06:53
admin Loggins,
06:56
but the one that actually supplied because I knew that information worked.
07:00
So now,
07:01
as you would expect, my credentials portion of the database holds two new credentials. I know I can connect to this host on port 81 80 using ah, user name and password of Tomcat and Tomcat.
07:14
Pretty neat. Gotta admit.
07:15
Okay, so this wraps up our vulnerability scanning
07:19
and what we're gonna, uh
07:21
look at a little bit after this is some of what's involved in actually developing developing exploits for menace, Boy. Not gonna go into a tremendous amount of details a little bit beyond the scope of this class.
07:33
But what leads Touch on a few topics, and I'll give you some understanding of what's involved.
07:40
So your next one.

Up Next

Metasploit

This Metasploit tutorial will teach you to utilize the deep capabilities of Metasploit for penetration testing and help you to prepare to run vulnerability assessments for organizations of any size.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor