Metasploit mailing list archives
Re: Post-Exploitation - Nessus
From: Joshua Smith <lazydj98 () gmail com>
Date: Mon, 16 Jul 2012 15:43:22 -0500
Michael, If you need it, it's needed. The easiest thing to do is copy an existing post mod that does similar things (windows/manage/add_user_domain.rb might be a good one, but there are many good choices), or at least affects the same brand of OS, copy, modify to your liking. If you need help, just ask. This is how most of the existing post mods got written. I'm happy to help, as are others. Many of us enjoy post exploitation, among other perverse interests ;) -Josh On Jul 16, 2012, at 2:25 PM, Ing. Michael F. Schratt, MSc wrote:
Hi everybody, because I am new to that list, I would like to do a short introduction first. My name is Michael Schratt and I am very interessted in all security related stuff. I work as Web/Application Penetration Tester and achieved OSCP, CPTE, ECSA, CHFI, CEH and Security+. So far so good – I would like to ask if there is a need for post-exploitation modules related to Nessus: - Adding new users to an existing Nessus installation - Changing passwords of existing users to read existing reports I think of certain scenarios where unauthorized access has been granted to an attacker due to the exploitation of outdated services. If Nessus is installed on any compromised machine, an attacker could gain access to it and read former scan reports. I am looking forward to hearing from you, BR Michael _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Post-Exploitation - Nessus Ing. Michael F. Schratt, MSc (Jul 16)
- Re: Post-Exploitation - Nessus Stephen Haywood (Jul 16)
- Re: Post-Exploitation - Nessus Carlos Perez (Jul 16)
- Re: Post-Exploitation - Nessus mschratt (Jul 17)
- Re: Post-Exploitation - Nessus Carlos Perez (Jul 16)
- Re: Post-Exploitation - Nessus Joshua Smith (Jul 16)
- Re: Post-Exploitation - Nessus Stephen Haywood (Jul 16)