Home page logo
/

metasploit logo Metasploit mailing list archives

Re: nmap xml import with no os info
From: Raúl Millán <raul () cdsi com pa>
Date: Mon, 17 May 2010 13:10:04 -0500

Thanks I was expecting this, as you just put it, nmap OS guest is somewhat
open to interpretation at best.

I'm sorry to mix one subject to another, I noticed that Nessus risk score is
not imported neither, although I see that the plugin id is included, so I
guess that I should script something away in order to have the risk score
referenced.

I already have a XSL that outputs Nessus results in a raw (dump) format that
I use to create graphs via pivot tables, do it really doesn't hurt much,
just that it would've been nice to have all this within the framework, but I
guess that's what Metasploit Express will be about right?

Signed up for the beta, but couldn't get in, guess I'll have to wait.

Thanks for the help.

-RM

-----Original Message-----
From: james.robert.lee () gmail com [mailto:james.robert.lee () gmail com] On
Behalf Of egypt () metasploit com
Sent: Monday, May 17, 2010 12:05 PM
To: Raúl Millán
Cc: framework () spool metasploit com
Subject: Re: [framework] nmap xml import with no os info

That's actually a design decision since nmap is really bad at guessing
if it doesn't have 100% accurate info (and even then sometimes it will
say it is definitely 100% one of these 5 operating systems).  All of
the OS info is stored in a note ('db_notes' to see it), but doesn't
get set in the host info directly.

egypt

2010/5/17 Raúl Millán <raul () cdsi com pa>:
Couldn't help notice that after importing nmap xml file into metasploit,
none of the os related fields (os_name, os_flavor, os_sp, os_lang) had any
information imported into the db.

In contrast when I open up the xml file with a browser, it shows up the
information under the "os match" section for each host.

I've been looking around trying to find if there's anything else that
should
be done either during the import or scan process that would help get this
info into the db, but haven't found anything yet.

Again any URL or doc that can help me understand this would be much
welcomed.

-RM

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]