Control Compliance Suite

 View Only
Back to Library

CCS-VM integration with Metasploit Framework 

Mar 18, 2012 07:56 AM

 

We can intergrate Symantec Control Compliance Suite Vulnerability Manager (CCS-VM) with Metasploit Framework.The current functionality provides the ability to run CCS-VM scans from the Metasploit console,  cross-reference scan results with available Metasploit modules, and automatically launch the resulting exploits.
 
CCS-VM Intergration with Metasploit Framework
 
Follow the below steps to integrate CCS-VM with Metasploit Framework:
 
1. Start CCS-VM and launch the Metasploit Console (msfcnsole).
 
    
 
2. Load the Nexpose plugin by using command load nexpose in msfconsole.
 
    
 
3. Connect to the running CCS-VM instance by running nexpose_connect username:password@CCS-Vm Server IP Address:portno ok command.
 
    
 
4. Run a CCS-VM scan by using command nexpose_scan target machine IP Adress.
 
    
 
5. CCS-VM scanned the targert IP Address successfully.
 
    
 
6. I loaded db_autopwn plugin and tried to automate exploitation of target machine with db_autopwn.
 
    
 
7. After completed automatic exploitation i got 3 sessions of target machine.
 
    
 
8. I am trying to connect with target system through sessions available. I successfully got the meterpreter shell of Our target machine
 
    
 
9. Let's type ipconfig command to verify whether we enter into victim machine or not.
 
    

Statistics
0 Favorited
2 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Mar 27, 2012 11:05 AM

great article..thanks a lot for sharing..

Migration User
Mar 27, 2012 01:49 AM

@patriot: Ya, It gives you the same warning everytime you use nexpose plugin because its not offically supported with CCSVM

Migration User
Mar 25, 2012 04:44 AM

It works. Thanks. 

Got below warning: Warning: This version of Nexpose has not been tested with Metasploit! 

 

 

Related Entries and Links

No Related Resource entered.