Home page logo
/

metasploit logo Metasploit mailing list archives

Autopwn question [+generating Reports]
From: lex001 at gmx.de (Dennis Günnewig)
Date: Thu, 08 Feb 2007 16:59:35 +0100

Hey, thx for this information. while sleeping i got some ideas to come along with the creation of reports, maybe it's 
possible to
implement them this way in a future release.

Extend the database by one table:
=================================
database: <database>
table: db_successful_exploits
columns: host_id - exploit

Adding some new commands to the db_mysql/postgres/...-plugin:
=================================
command: db_clear
parameters: --all --vuln --hosts --services --successful_exploits
default parameters: --services --vuln --successful_exploits)
information: to clear any data in the database

command: db_report
parameters: --verbose --short --xml --plaintext
default parameters: --short --plaintext
information: generate a report getting the information out of the database / exploits-instances

what information should be in the report
----------------------------------------
time when the report was created (getting from ruby)
foreach hosts {
        host
                overview services (getting from db)
                overview successfull exploits (getting from db)
                references to cve etc. (getting from exploits)
                maybe what to do, to close the vulnerability (getting from cve...)
}

greetings,
/d



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault