Intelligence Gathering
21
msf >
db_status
[*] postgresql connected to msfbook
Everything seems to be set up just fine.
Importing Nmap Results into Metasploit
When you are working with other team members, with various individuals
scanning at different times and from different locations, it helps to know
how to run
nmap
on its own and then import its results into the Framework.
Next, we’ll examine how to import a basic
nmap
-generated XML export file
(generated with
nmap
’s
-oX
option) into the Framework.
First, we scan the Windows virtual machine using the
-oX
option to gener-
ate a
Subnet1.xml
file:
nmap -Pn -sS -A -oX Subnet1 192.168.1.0/24
After generating the XML file, we use the
db_import
command to import
it into our database. We can then verify that the import worked by using the
db_hosts
command, which lists the systems entries that have been created, as
shown here:
msf >
db_connect postgres:toor@127.0.0.1/msf3
msf >
db_import Subnet1.xml
msf >
db_hosts -c address
Hosts
=====
address
-------
192.168.1.1
192.168.1.10
192.168.1.101
192.168.1.102
192.168.1.109
192.168.1.116
192.168.1.142
192.168.1.152
192.168.1.154
192.168.1.171
192.168.1.155
192.168.1.174
192.168.1.180
192.168.1.181
192.168.1.2
192.168.1.99
msf >