Talk to a Security Expert Now: (800) 721-9177

Nsploit: Nmap grows some teeth

Ryan Linn has started a project to bridge Nmap Scans all the way to exploitation using Metasploit.

Similar to the db_autopwn via fasttrack script (available in Backtrack 4), Nsploit does even more granular service level Nmap scanning to identify vulnerable software versions and map corresponding exploits. It then passes these to Metasploit and launches the pain at your target box.

It Uses Nmap’s NSE’s to trigger Metasploit commands via XMLRPC. Anything we can identify with an Nmap Script we can launch and get a shell… hopefully a meterpreter shell 😉

Check out Ryan’s blog http://blog.happypacket.net/ and learn more about Nsploit from the 2009 SecToor Presentation Nsploit-(Popping-boxes-with-Nmap) hosted by securitytube.com.

PDF slides here

Download

Usage videos below:

Nsploit Multi-Host Ownage from Ryan Linn on Vimeo.

Nsploit Single Host Ownage from Ryan Linn on Vimeo.

Leave a Reply

Your email address will not be published. Required fields are marked *