Once the database is configured, we can start using it. First, we will take a look at how to import data from external tools using the db_import
command.
To view how to use the command and list the currently supported file types in msfconsole
, run the db_import
command:
msf > db_import Usage: db_import <filename> [file2...] Filenames can be globs like *.xml, or **/*.xml which will search recursively Currently supported file types include: Acunetix Amap Log Amap Log -m Appscan Burp Session XML Burp Issue XML ... Qualys Asset XML Qualys Scan XML Retina XML Spiceworks CSV Export Wapiti XML
- To test the
db_import
command, we will use thenmap
command, a free security scanner, port scanner, and network exploration tool, with the-oX
option to save the result to an XML file. Here is the syntax used to scan the Metasploitable 3 target machine:
nmap -Pn -A -oX report 192.168.216.10
- To import the scan report, you can use the
db_import
command followed by the path to the report you want to import:
msf > db_import /root/report [*] Importing 'Nmap XML' data [*] Import: Parsing with 'Nokogiri v1.8.0'</strong> [*] Importing host 192.168.216.10 [*] Successfully imported /root/report
Alternatively, you can run the db_nmap
command directly from msfconsole
, and the results will be saved in your current database. The db_nmap
command works the same way as the regular nmap
command:
msf > db_nmap -Pn -A 192.168.216.129 [*] Nmap: Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-17 05:05 EDT [*] Nmap: Nmap scan report for 192.168.216.129 [*] Nmap: Host is up (0.00092s latency). [*] Nmap: Not shown: 977 closed ports [*] Nmap: PORT STATE SERVICE VERSION [*] Nmap: 21/tcp open ftp vsftpd 2.3.4 [*] Nmap: |_ftp-anon: Anonymous FTP login allowed (FTP code 230) [*] Nmap: | ftp-syst: [*] Nmap: | STAT: ... [*] Nmap: |_ System time: 2017-10-04T09:11:38-04:00 [*] Nmap: |_smb2-time: Protocol negotiation failed (SMB2) [*] Nmap: TRACEROUTE [*] Nmap: HOP RTT ADDRESS [*] Nmap: 1 0.92 ms 192.168.216.129 [*] Nmap: OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 31.88 seconds