List Vulnerable IPs in Nessus Export

While we learnt usage of nessus today, I’ll share my experience on how I use command line trick to list all the IPs vulnerable to a single vulnerability.

Just run these command on .nsr file to get a quick list

In Linux

$ grep -h "CVE-2009-####" *.nsr | cut -d"|" -f 1 | sort -u


Replace #### with your favorite CVE ID and get the machines vulnerable to that particular exploit

Right, it was simple and you learnt that in your unix class back in school but the point is to remember it & use it

Alternatively you can use ‘awk’ for the same

$ awk -F'|' '/CVE-2008-####/ {print $1}' | sort –u


Even we love the command line power of Linux. Don’t believe us, check out windows alternative to this.

In Windows

Ok, here comes the difficult part. I know most of the hackers hate using windows but for the sake of it I’ll show how this can be done on Windows too

C:\> for /F "delims=:| tokens=2" %i in ('findstr CVE-2009-#### *.nsr') do @echo %i


I told you that it will be little difficult in Windows :)

Don’t forget to replace #### with the CVE ID you are looking for.