CCS-VM integration with Metasploit Framework
Created: 18 Mar 2012 | Updated: 21 Mar 2012 | 3 comments
We can intergrate Symantec Control Compliance Suite Vulnerability Manager (CCS-VM) with Metasploit Framework.The current functionality provides the ability to run CCS-VM scans from the Metasploit console, cross-reference scan results with available Metasploit modules, and automatically launch the resulting exploits.
CCS-VM Intergration with Metasploit Framework
Follow the below steps to integrate CCS-VM with Metasploit Framework:
1. Start CCS-VM and launch the Metasploit Console (msfcnsole).
2. Load the Nexpose plugin by using command load nexpose in msfconsole.
3. Connect to the running CCS-VM instance by running nexpose_connect username:password@CCS-Vm Server IP Address:portno ok command.
4. Run a CCS-VM scan by using command nexpose_scan target machine IP Adress.
5. CCS-VM scanned the targert IP Address successfully.
6. I loaded db_autopwn plugin and tried to automate exploitation of target machine with db_autopwn.
7. After completed automatic exploitation i got 3 sessions of target machine.
8. I am trying to connect with target system through sessions available. I successfully got the meterpreter shell of Our target machine
9. Let's type ipconfig command to verify whether we enter into victim machine or not.