1
00:00:00,820 --> 00:00:01,400
‫All right, great.

2
00:00:01,420 --> 00:00:06,970
‫So the scan has finished and let's export the report.

3
00:00:08,310 --> 00:00:10,890
‫Nessa's has a few options for exporting the result.

4
00:00:11,840 --> 00:00:20,270
‫So if you want to import these results in Métis Boit framework, you should export as the Nessus format

5
00:00:20,270 --> 00:00:20,960
‫from here.

6
00:00:22,590 --> 00:00:28,560
‫Actually, it's just an XML file, so I'm going to export it and then move it to my desktop.

7
00:00:29,550 --> 00:00:32,010
‫Now let's go back into the MSF consul.

8
00:00:33,530 --> 00:00:40,850
‫And just like before, with importing and map scan results, you can do the exact same thing to bring

9
00:00:40,850 --> 00:00:42,050
‫in the necessary results.

10
00:00:43,030 --> 00:00:50,230
‫DBI import is the command for different types, and you can easily import the downloaded Nessa's scan

11
00:00:50,230 --> 00:00:50,580
‫result.

12
00:00:51,810 --> 00:00:58,050
‫So let's type in DB import, and after that take the path of the NSA scan report.

13
00:01:00,030 --> 00:01:01,680
‫And that's it.

14
00:01:01,710 --> 00:01:03,390
‫So importing is successful.

15
00:01:04,880 --> 00:01:08,940
‫So you can view the scan result with vote and ask command.

16
00:01:09,560 --> 00:01:11,660
‫And here is the help screen.

17
00:01:13,070 --> 00:01:23,270
‫For example, to display SNP related vulnerabilities, use Voll and as as as an MP, as your command.

18
00:01:25,080 --> 00:01:27,920
‫So let's say I want to be more specific.

19
00:01:29,010 --> 00:01:30,930
‫For example, SMB service.

20
00:01:32,280 --> 00:01:35,790
‫So to display the SMB related vulnerabilities.

21
00:01:37,040 --> 00:01:39,110
‫You can just search just like that.

22
00:01:44,020 --> 00:01:46,540
‫And here are the SNB related vulnerabilities.

23
00:01:48,320 --> 00:01:55,010
‫Now, the first one is really important because this one has a very handy exploit in MSF.

24
00:01:56,220 --> 00:02:01,260
‫You probably remember you face this one in some of the previous stages of this cause.

25
00:02:03,220 --> 00:02:09,850
‫And I hope you can read some articles about it so that you can get some of that in-depth stuff you crave.

26
00:02:11,700 --> 00:02:20,220
‫So when you make a quick search like this with my 17 zero one zero, the result is here.

27
00:02:21,620 --> 00:02:29,870
‫So MSF has these modules, you can examine the result like that and use the vulnerabilities found by

28
00:02:29,870 --> 00:02:30,350
‫Nessa's.

29
00:02:31,580 --> 00:02:35,940
‫So there's more to the integration between Nessa's and Métis point.

30
00:02:35,960 --> 00:02:36,850
‫We're not done yet.

31
00:02:37,860 --> 00:02:39,570
‫You can even start a scan.

32
00:02:40,580 --> 00:02:43,010
‫And create a policy from Métis point.

33
00:02:44,110 --> 00:02:49,870
‫And it just so happens in Métis Point has a plug in for this and guess what it's called Nessus.

34
00:02:51,070 --> 00:02:52,360
‫So the Nessus plug in.

35
00:02:54,170 --> 00:02:58,130
‫Type Nessus help to display plug in command.

36
00:03:00,170 --> 00:03:05,720
‫And you need to connect to the Nessa's service to benefit from all these commands.

37
00:03:07,020 --> 00:03:10,980
‫So to do that type, Nessus Connect.

38
00:03:11,830 --> 00:03:21,400
‫As your command and after that type in your username, your password at your IP address of the NSA server.

39
00:03:21,550 --> 00:03:21,810
‫Mm hmm.

40
00:03:22,540 --> 00:03:26,290
‫And the fourth number, 88, 34.

41
00:03:27,200 --> 00:03:34,010
‫Now, don't forget to add the s.L ignore command to bypass the self signed certificate problem.

42
00:03:35,330 --> 00:03:44,630
‫All right, good, iConnect, so now you can list scans and policies, NASA's scan new is the command

43
00:03:44,630 --> 00:03:48,920
‫that will create a scan, but we're also going to need a policy to.

44
00:03:50,660 --> 00:03:54,230
‫So here is my custom policy that I created with Inez's.

45
00:03:55,160 --> 00:03:56,360
‫Create a new Skåne.

46
00:03:57,720 --> 00:04:01,590
‫And copy and paste this policy uid value.

47
00:04:03,640 --> 00:04:05,500
‫Now, let's provide the name.

48
00:04:06,570 --> 00:04:07,470
‫Description.

49
00:04:09,400 --> 00:04:10,720
‫And the targets.

50
00:04:14,790 --> 00:04:16,950
‫All right, so now we can launch the scan.

51
00:04:19,070 --> 00:04:20,330
‫And the skin's running now.

52
00:04:21,450 --> 00:04:23,920
‫So let's go back and check it from the Nessus interface.

53
00:04:25,990 --> 00:04:27,820
‫And here's the scan we started.

54
00:04:29,070 --> 00:04:32,040
‫And you can also stop a scan from the MSF console.

55
00:04:35,090 --> 00:04:36,860
‫And looking at the interface.

56
00:04:38,650 --> 00:04:40,390
‫Yeah, it's really stopped.