infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More nessus import fun. NBE files, this time. 

git-svn-id: file:///home/svn/framework3/trunk@9297 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Tod Beardsley 2010-05-12 23:00:21 +00:00
parent dbbfec125e
commit 084a6e971c
1 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
lib/msf/core/db.rb
View File

@ -1722,11 +1722,25 @@ class DBManager
data = f.read(f.stat.size) data = f.read(f.stat.size)
import_nessus_nbe(data, wspace) import_nessus_nbe(data, wspace)
end end
def import_nessus_nbe(data, wspace=workspace) def import_nessus_nbe(nbe_data, wspace=workspace)
data.each_line do |line| nbe_copy = nbe_data.dup
# First pass, just to build the address map.
addr_map = {}
nbe_copy.each_line do |line|
r = line.split('|') r = line.split('|')
next if r[0] != 'results' next if r[0] != 'results'
addr = r[2] next if r[4] != "12053"
data = r[6]
addr,hname = data.match(/([0-9\x2e]+) resolves as (.+)\x2e\\n/)[1,2]
addr_map[hname] = addr
end
nbe_data.each_line do |line|
r = line.split('|')
next if r[0] != 'results'
hname = r[2]
addr = addr_map[hname]
port = r[3] port = r[3]
nasl = r[4] nasl = r[4]
type = r[5] type = r[5]
@ -1746,6 +1760,17 @@ class DBManager
# a severity 0 means there's no extra data, it's just an open port # a severity 0 means there's no extra data, it's just an open port
else; severity = 0 else; severity = 0
end end
if nasl == "11936"
os = data.match(/The remote host is running (.*)\\n/)[1]
report_note(
:workspace => wspace,
:host => addr,
:type => 'host.os.nessus_fingerprint',
:data => {
:os => os.to_s.strip
}
)
end
handle_nessus(wspace, addr, port, nasl, severity, data) handle_nessus(wspace, addr, port, nasl, severity, data)
end end
end end