background image

50

Chapter 4

4.

Before starting a scan with the Bridge, you first need to authenticate to 
your Nessus server using 

nessus_connect

, as shown here:

msf > 

nessus_connect dookie:s3cr3t@192.168.1.101:8834 ok

[*] Connecting to https://192.168.1.101:8834/ as dookie
[*] Authenticated

5.

As with the GUI version of Nessus, you need to initiate a scan using a 
defined policy by its policy ID number. To list the available scan policies 
on the server, use 

nessus_policy_list

:

msf > 

nessus_policy_list

[+] Nessus Policy List

ID   Name       

Comments

--   ----       

--------

-4

Internal Network Scan

-3

Web App Tests

-2

Prepare for PCI DSS audits

-1

External Network Scan

2

The_Works

6.

Take note of the policy ID you want to use for your scan, and then launch 
a new scan with 

nessus_scan_new

 followed by the policy number, a name 

for your scan, and your target IP address as shown next:

msf > 

nessus_scan_new

[*] Usage:

[*]        nessus_scan_new <policy id> <scan name> <targets>
[*]        use nessus_policy_list to list all available policies
msf > 

nessus_scan_new 2 bridge_scan 192.168.1.195

[*] Creating scan from policy number 2, called "bridge_scan" and scanning 192.168.1.195
[*] Scan started.  uid is d2f1fc02-3b50-4e4e-ab8f-38b0813dd96abaeab61f312aa81e

7.

While your scan is in progress, you can see its status by running the

 

nessus_scan_status

 command. When this command’s output responds 

with “No Scans Running,” as shown next, you will know that your scan 
has completed.

msf > 

nessus_scan_status

[*] No Scans Running.

8.

After the scan has completed, you can list the available scan reports with 
the 

nessus_report_list

 command. Identify the ID of the report you want 

to import and enter 

nessus_report_get

 to download the report and import 

it into the Metasploit database automatically.

msf > 

nessus_report_list

[+] Nessus Report List