Nmap scanning with MSF

Once we've added hosts to Metasploit, the next step is scanning. Metasploit has an inbuilt wrapper for Nmap that gives us the same functionality of Nmap within the Metasploit console. The benefit of this wrapper is that it saves the output in the database by default.

To run a scan against a host, we can use the db_nmap <IP> command. Here, we have used the --open flag to view only open ports. -v is used for verbose, -Pn is used to perform a no-ping scan, -sV is used to perform a service scan, and -sC is used to run script scans against discovered ports:

The following screenshot shows the output of the scan that was run on the host:

Metasploit also allows us to import external scans that have been completed by Nmap into its database using db_import:

Currently, MSF supports the following formats for importing data into its DB: Acunetix, Amap Log, Amap Log -m, Appscan, Burp Session XML, Burp Issue XML, CI, Foundstone, FusionVM XML, Group Policy Preferences Credentials, IP Address List, IP360 ASPL, IP360 XML v3, Libpcap Packet Capture, Masscan XML, Metasploit PWDump Export, Metasploit XML, Metasploit Zip Export, Microsoft Baseline Security Analyzer, NeXpose Simple XML, NeXpose XML Report, Nessus NBE Report, Nessus XML (v1), Nessus XML (v2), NetSparker XML, Nikto XML, Nmap XML, OpenVAS Report, OpenVAS XML, Outpost24 XML, Qualys Asset XML, Qualys Scan XML, Retina XML, Spiceworks CSV Export, and Wapiti XML.