Re: nmap xml import with no os info

[HD Moore <hdm () metasploit com>]

On 5/17/2010 1:10 PM, Raúl Millán wrote:
> I'm sorry to mix one subject to another, I noticed that Nessus risk score is
> not imported neither, although I see that the plugin id is included, so I
> guess that I should script something away in order to have the risk score
> referenced.

It might make sense as either an additional serialized field store in
the vulnerability data, it depends on whether the risk score changes for
the same vulnerability ID.

> I already have a XSL that outputs Nessus results in a raw (dump) format that
> I use to create graphs via pivot tables, do it really doesn't hurt much,
> just that it would've been nice to have all this within the framework, but I
> guess that's what Metasploit Express will be about right?

We are committed to having robust import support in the open source
codebase; reporting will probably be Express-only for a while, but being
able to export XML should happen sometime soon (after 3.4.0 but before
3.4.3 or so). We have an Express XML format, but it needs a couple
tweaks to be general purpose enough for the regular framework.

> Signed up for the beta, but couldn't get in, guess I'll have to wait.

Shouldn't have to wait long :)

-HD
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework