50
Chapter 4
4.
Before starting a scan with the Bridge, you first need to authenticate to
your Nessus server using
nessus_connect
, as shown here:
msf >
nessus_connect dookie:s3cr3t@192.168.1.101:8834 ok
[*] Connecting to https://192.168.1.101:8834/ as dookie
[*] Authenticated
5.
As with the GUI version of Nessus, you need to initiate a scan using a
defined policy by its policy ID number. To list the available scan policies
on the server, use
nessus_policy_list
:
msf >
nessus_policy_list
[+] Nessus Policy List
ID Name
Comments
-- ----
--------
-4
Internal Network Scan
-3
Web App Tests
-2
Prepare for PCI DSS audits
-1
External Network Scan
2
The_Works
6.
Take note of the policy ID you want to use for your scan, and then launch
a new scan with
nessus_scan_new
followed by the policy number, a name
for your scan, and your target IP address as shown next:
msf >
nessus_scan_new
[*] Usage:
[*] nessus_scan_new <policy id> <scan name> <targets>
[*] use nessus_policy_list to list all available policies
msf >
nessus_scan_new 2 bridge_scan 192.168.1.195
[*] Creating scan from policy number 2, called "bridge_scan" and scanning 192.168.1.195
[*] Scan started. uid is d2f1fc02-3b50-4e4e-ab8f-38b0813dd96abaeab61f312aa81e
7.
While your scan is in progress, you can see its status by running the
nessus_scan_status
command. When this command’s output responds
with “No Scans Running,” as shown next, you will know that your scan
has completed.
msf >
nessus_scan_status
[*] No Scans Running.
8.
After the scan has completed, you can list the available scan reports with
the
nessus_report_list
command. Identify the ID of the report you want
to import and enter
nessus_report_get
to download the report and import
it into the Metasploit database automatically.
msf >
nessus_report_list
[+] Nessus Report List