Metasploit mailing list archives

Problem importing data from Nessus

From: Raúl Millán <raul () cdsi com pa>
Date: Thu, 13 May 2010 13:08:05 -0500

Yesterday with r3295 I had a problem importing from nessus (.nessus and
.nbe) that basically showed no imported vulns in the db.

 

Later in the day tried r3297 which seemed to work with .nessus files but not
.nbe.

 

Today I tried importing a 5MB .nessus file and now I get this error when
trying to import:

 

msf > db_import_nessus_xml "C:/Users/Raul/Documents/2. Clientes/Standford
Bank/Pentest - 2010/Fase 1/Network
Pentest/Interno/nessus/20100512/20100512-stanford bank.nessus"

[-] Error while running command db_import_nessus_xml:
SQLite3::BusyException: database is locked: SELECT * FROM "refs" WHERE
("refs"."name" = 'CVE-2000-0222')  LIMIT 1

 

Call stack:

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/abstract_adapter.rb:219:in `rescue in log'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/abstract_adapter.rb:202:in `log'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/sqlite_adapter.rb:172:in `block in execute'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/sqlite_adapter.rb:417:in `catch_schema_changes'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/sqlite_adapter.rb:172:in `execute'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/sqlite_adapter.rb:320:in `select'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/abstract/database_statements.rb:7:in `select_all'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/connection_ada
pters/abstract/query_cache.rb:62:in `select_all_with_query_cache'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/base.rb:661:in
`find_by_sql'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/base.rb:1548:i
n `find_every'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/base.rb:1505:i
n `find_initial'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/base.rb:613:in
`find'

/msf3/lib/msf/core/db_objects.rb:30:in `find'

/msf3/data/msfweb/vendor/rails/activerecord/lib/active_record/base.rb:1900:i
n `find_by_name'

/msf3/lib/msf/core/db.rb:731:in `get_ref'

/msf3/lib/msf/core/db.rb:717:in `find_or_create_ref'

/msf3/lib/msf/core/db.rb:648:in `block in report_vuln'

/msf3/lib/msf/core/db.rb:644:in `each'

/msf3/lib/msf/core/db.rb:644:in `report_vuln'

/msf3/lib/msf/core/db.rb:2098:in `handle_nessus'

/msf3/lib/msf/core/db.rb:1848:in `block (2 levels) in import_nessus_xml'

/usr/lib/ruby/1.9.1/rexml/element.rb:906:in `block in each'

/usr/lib/ruby/1.9.1/rexml/xpath.rb:64:in `each'

/usr/lib/ruby/1.9.1/rexml/xpath.rb:64:in `each'

/usr/lib/ruby/1.9.1/rexml/element.rb:906:in `each'

/msf3/lib/msf/core/db.rb:1842:in `block in import_nessus_xml'

/usr/lib/ruby/1.9.1/rexml/element.rb:906:in `block in each'

/usr/lib/ruby/1.9.1/rexml/xpath.rb:64:in `each'

/usr/lib/ruby/1.9.1/rexml/xpath.rb:64:in `each'

/usr/lib/ruby/1.9.1/rexml/element.rb:906:in `each'

/msf3/lib/msf/core/db.rb:1804:in `import_nessus_xml'

/msf3/lib/msf/core/db.rb:1797:in `import_nessus_xml_file'

/msf3/lib/msf/ui/console/command_dispatcher/db.rb:917:in
`cmd_db_import_nessus_xml'

/msf3/lib/rex/ui/text/dispatcher_shell.rb:246:in `run_command'

/msf3/lib/rex/ui/text/dispatcher_shell.rb:208:in `block in run_single'

/msf3/lib/rex/ui/text/dispatcher_shell.rb:202:in `each'

/msf3/lib/rex/ui/text/dispatcher_shell.rb:202:in `run_single'

/msf3/lib/rex/ui/text/shell.rb:145:in `run'

msfconsole:97:in `<main>'

 

The db shows some vulns, Im just not sure that all of them got into the db.

 

Im using sqlite3, which I found out is no longer supported, any alternative
db I could use would be most welcomed.

 

Regards,

 

Raúl E. Millán V.

Consultores de Seguridad Informática

Phone:   +507-317-1316/394-9504

Mobile:   +507-6670-1221

Fax:       +507 394-9514

Email:     raul () cdsi com pa

Web:      http://www.cdsi.com.pa

Twitter:  http://twitter.com/cdsicompa

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Problem importing data from Nessus Raúl Millán (May 13)
- Re: Problem importing data from Nessus HD Moore (May 13)
  - Re: Problem importing data from Nessus Raúl Millán (May 13)