On 19 October 2010 16:41, Robin Wood <[email protected]> wrote: > I've been playing with running Nessus scans through Metasploit and got > it working fine but I then tried to run it through a route set up > through a Meterpreter tunnel but it didn't work. I assume that this is > because all Metasploit is doing is just accessing Nessus through its > API and it isn't actually integrating with Nessus. Is there any way > now we have the Nessus integration to get it to scan through the a > Meterpreter tunnel? > > I know that it can be done through an SSH tunnel being installed on > the target machine but it would be nice to be able to run it directly > through Metasploit routing.
After various bits of help I got this working. I used Meterpreter to create a route through to the target machine then the SOCKS proxy aux module to allow Nessus to route through to the target. I've written it all up here: http://www.digininja.org/blog/nessus_over_sock4a_over_msf.php It all worked fine in the end, the only problem is that it is very slow, over an hour to scan the compromised machine and even longer to scan another machine on the same subnet. Using this on a test I'd want to create a very minimal Nessus profile to keep the time down as much as possible. Thanks for all the tips that got this working. Robin _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
