said:

[-- Intro --]
This is a followup guide to my Nessus scanning guide. In this guide I'll show you how to import a Nessus scanned database into metasploit and execute autopwn to automatically launch an exploit found within Nessus.

[-- Database Work --]
So first we must open up metasploit(msfconsole). Once metasploit is open and loaded we're gonna have to load the .nessus file into metasploit. To do this we're going to first have to connect to a database. To create a database, type:

db_create

Now you have a newly created database. Now to connect to it. Just type:

db_connect

NOTE: Metasploit usually automatically connects you to the newly created database, but type that in case it doesn't.
Now that you're connected you're gonna have to import the .nessus file. To do this you're gonna have to type the following command:

db_import_nessus_xml /home/chronic/nessus_scan.nessus

This should import the .nessus file.
NOTE: If you have a .nbe file, change _xml to _nbe
Now type db_hosts to see the hosts you have in that file to make sure you're autopwn'ing the correct targets.

[-- Aut0pwning --]
Now to actually launch autopwn on the nessus targets. To do this, just type the following command:

db_autopwn -t -e -x -p

It should start running through the autopwn process :)


If all goes well, and it's exploited, you should get a meterpreter :D
If you need any help, feel free to ask

--Chroniccommand

said:

i newer here i want to learn metasploit framework !!!
can you give a full tutorial ????
i mean from scratch
i installed backtrack 4 on my machine
and i am ready to learn
-------

said:

Thx So helpful i started Metasploit Megaprimer !!!
but i can't find the "Metasploitable" from "http://www.offensive-security.com/metasploit-unleashed/Metasploitable"
i want to try to a vunrreable xp sp2
but i didn't find the http://www.offensive-security.com/metas ... sploitable "Metasploitable"