First, we need to set up a workspace. Workspaces are a big help in keeping your testing in order. The workspaces hold all your collected data of the test, including any login credentials that are collected and any system data collected during an exploit. It's best to keep your testing data separate so you can compare the results of a previous test later. We're going to set up a project called TestCompany-int-20150402
. This is a way to name projects, with <client-name>-[ int (internal) | ext (external) ]-<start-date (unix-style)>
This will help you 6 months down the road to remember which test is what.
To create a new project type:
workspace -a TestCompany-int-20150402
To enter the workspace type:
workspace TestCompany-int-20150402
Notice that after entering the workspace and typing the workspace command again, the asterisk has moved the TestCompany
project. The asterisk shows the working workspace.
We can pull data from a scan into the workspace using the db_import
command from an xml file generated by the scanning application. All scanning applications will export their data to xml and Metasploit will automatically import the data from the major scanning applications.
You can also import hosts, services, and network information using Nmap and directly import Nmap's output into Metasploit using the msfconsole's
db_nmap
command. This command works with all the normal nmap
command-line flags. The db_
informs Metasploit to import the data. Running just nmap
will run the scan but no data will be imported into Metasploit; you will just see the output of the command.
db_nmap -A -sV -O 192.168.202.0/24
The -A
tells nmap
to run all tests. The -sV
tells nmap
to record the versioning of any running services. The -O
tells nmap
to record the operating system of any running hosts. We will see the output of the running scan; however, this data is also collected in the database. Then, we can also see the results after importing by running the hosts
and services
commands.
3.138.36.38