Metasploit mailing list archives
Extending Metaploit 3.0 to Vulnerability Scanning
From: chuck.lists at gmail.com (Chuck)
Date: Fri, 7 Oct 2005 11:02:38 -0400
Hello all, As I'm sure most of you are aware, there is a fair amount of discussion going on about Nessus going to a "Free Beer" license. I personally understand Tenable's reasoning, but I don't want to get into a discussion about that here. Some people have also called for a fork of the GPL Nessus to continue development, but I am not convinced such as effort succeed. What I have been thinking about, though, is the feasibility of creating a new vulnerability scanner in Ruby that would be kind of an extension of Metasploit 3.0 (it would use the same exploits, primarily the check functions). I think that using an established and modular language makes a lot of sense for the "plugins" rather than Nessus' custom language (NASL). I wouldn't worry about a GUI or anything, I am basically thinking of a scanning engine that takes an XML config file. Then, it could use Ruby/DBI to connect to a database which could function similarly to Nessus' knowledge base. The modules would also store results in that database and the results would get dumped to an XML file at the end (which could then be transformed to HTML with an XSL for a pretty report if desired). This system would probably never approach the number of checks that Nessus has, but it could differentiate itself by at least having the option to actually exploit systems to verify vulnerabilities and give a few low false positive rate. My question for the list (primarily HD and the other developers that are working on version 3.0) is basically, how hard it would be to create such an animal? It sounds relatively easy to me to build the engine and then you need the modules. The good thing is that I think the community has already shown support by writing modules for Metasploit (in part because they are "more fun" than simply vulnerability checks). Unfortunately, I probably will not have much time to contribute to the project (long story), but I wanted to throw the idea out there and see if was feasible and if anyone would pick up the ball and run with it. Chuck
Current thread:
- Extending Metaploit 3.0 to Vulnerability Scanning Chuck (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning mmiller at hick.org (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning Mike Bailey (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning Chris Green (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning Andre Ludwig (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning Chris Byrd (Oct 11)
- Extending Metaploit 3.0 to Vulnerability Scanning mmiller at hick.org (Oct 11)
- Extending Metaploit 3.0 to Vulnerability Scanning Chuck (Oct 11)
- Extending Metaploit 3.0 to Vulnerability Scanning mmiller at hick.org (Oct 07)
- Extending Metaploit 3.0 to Vulnerability Scanning Jerome Athias (Oct 09)
- <Possible follow-ups>
- Extending Metaploit 3.0 to Vulnerability Scanning jonathan roeder (Oct 08)
- Extending Metaploit 3.0 to Vulnerability Scanning mmiller at hick.org (Oct 08)