Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

CCS-VM integration with Metasploit Framework

Created: 18 Mar 2012 • Updated: 21 Mar 2012 | 3 comments
Sanehdeep Singh's picture
+14 14 Votes
Login to vote
We can intergrate Symantec Control Compliance Suite Vulnerability Manager (CCS-VM) with Metasploit Framework.The current functionality provides the ability to run CCS-VM scans from the Metasploit console,  cross-reference scan results with available Metasploit modules, and automatically launch the resulting exploits.
 
CCS-VM Intergration with Metasploit Framework
 
Follow the below steps to integrate CCS-VM with Metasploit Framework:
 
1. Start CCS-VM and launch the Metasploit Console (msfcnsole).
 
    
 
2. Load the Nexpose plugin by using command load nexpose in msfconsole.
 
    
 
3. Connect to the running CCS-VM instance by running nexpose_connect username:password@CCS-Vm Server IP Address:portno ok command.
 
    
 
4. Run a CCS-VM scan by using command nexpose_scan target machine IP Adress.
 
    
 
5. CCS-VM scanned the targert IP Address successfully.
 
    
 
6. I loaded db_autopwn plugin and tried to automate exploitation of target machine with db_autopwn.
 
    
 
7. After completed automatic exploitation i got 3 sessions of target machine.
 
    
 
8. I am trying to connect with target system through sessions available. I successfully got the meterpreter shell of Our target machine
 
    
 
9. Let's type ipconfig command to verify whether we enter into victim machine or not.
 
    

Comments 3 CommentsJump to latest comment

patriot3w's picture

It works. Thanks. 

Got below warning: Warning: This version of Nexpose has not been tested with Metasploit! 

0
Login to vote
Sanehdeep Singh's picture

@patriot: Ya, It gives you the same warning everytime you use nexpose plugin because its not offically supported with CCSVM

With Regards,

Er. Sanehdeep Singh

(E|CSA, C|EH, Security5)

0
Login to vote
techi_it's picture

great article..thanks a lot for sharing..

0
Login to vote