[Openvas-devel] OpenVAS bridge for Metasploit

Vlatko Kosturjak kost at linux.hr
Wed Dec 29 20:27:38 CET 2010


OpenVAS bridge for Metasploit is available in Metasploit.
Just update Metasploit with msfupdate or svn update.
How to use it? Launch msfconsole and typical usage would be:

load openvas
openvas_connect user pass localhost 9390 ok

Take a look at openvas_scan command as it is major feature. It automatically 
scans given targets, imports results into metasploit db and can 
automatically launch autopwn - All in one command. 

Note that it uses OMP protocol. Therefore, you should specify OpenVAS manager
port to connect to. It does not support (deprecated) OTP protocol (i.e.
connecting directly to scanner daemon - openvassd).

Note that it can be used as text console interface to OpenVAS (with all the 
fancy stuff Metasploit offers - like command completion).

As it is first public release, could be there are some bugs - let me know!
Vlatko Kosturjak - KoSt

More information about the Openvas-devel mailing list