Metasploit uses the Nessus RESTful API to interact with the Nessus Core Engine, which can only be done following successful authentication. This can be done as follows:
- We can authenticate with Nessus using the following command syntax:
nessus_connect username:password@hostname:port <ssl_verify/ssl_ignore>
The following screenshot shows the output of the preceding command:
username and password are the ones we use to log in to the Nessus web frontend. hostname can be the IP address or DNS name of the Nessus server, and port is the RPC port that the Nessus web frontend runs on. By default, it is TCP port 8834.
ssl_verify verifies the SSL certificate used by the Nessus frontend. By default, the server uses a self-signed certificate, and therefore, users should use ssl_ignore. If we don't want to use the same command again and again, we can save the credentials in a configuration file that Metasploit can use for authenticating with Nessus.
- To save the credentials, we can execute the nessus_save command. This will save the credentials in a YAML file format, as follows:
The content of this YAML configuration file is as follows:
In case we want to log out, we can execute the nessus_logout command in msfconsole, as follows:
Now that we have successfully authenticated with the Nessus RESTful API, we can execute some basic commands for getting started.