db_import not importing properly

[emilyanncr]

Steps to reproduce

service postgresql start msf> db_import targetfilename.xml import successful

This section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions.

Expected behavior

Results from acunetix XML file should be imported in workspace and hosts, services ,vulns. ect should be populated

Current behavior

Vulns are not being populated. Everything else populates correctly (hosts, services, etc)

System stuff

Metasploit version

Framework: 4.12.34-dev Console : 4.12.34-dev

I installed Metasploit with:

came pre-installed with Kali

OS

What OS are you running Metasploit on?

Linux kali 4.7.0-kali1-amd64 #1 SMP Debian 4.7.5-1kali3 (2016-09-29) x86_64 GNU/Linux

[pbarry-r7]

My apologies, I've been meaning to get back to this. I've tried to generate an exported XML Acunetix file to test the import with, but their trial version of the software doesn't support the XML export capability. I've located an older exported XML file we have here, but it doesn't appear to be applicable in this situation. Do you have a file you could share? If so, we could securely hand it off. If not, I can keep looking. Thanks for your patience!

[emilyanncr]

I'm so sorry for my delayed response. You mean like a .XML result file? I tried but am not able to do so. It says try again with a PNG. GIF, JPG, etc.

[pbarry-r7]

Hi @Occupy4Elephants! Yeah, since the issue is with import of an Acunetix output XML file into the MSF DB, I didn't know if you had an XML file handy that you had tested with which showed the vulns not properly being imported (which you would be willing to share with me to help get me moving forward with a failure case). No worries, I think we might have an Acunetix XML stashed away here I can try this week. Cheers!

[emilyanncr]

sure I'd be happy to provide you with one privately. Is there a way to do that? Sorry, I'm really new here. It happened again today with a different scan.
This particular site finished with 88 alerts, 16 of which were high yet you see there's nothing listed. Also many other ports/services are in use, although only port 80 is updated.

[pbarry-r7]

Hey @Occupy4Elephants, apologies for the delay in response. I'd love to have a copy of that XML file to test with. If you're comfortable with email, you could send it as an attachment to msfdev at metasploit dot com, which I have access to. Or you could email that same address with your email address, and I can share a box folder just between us for the file handoff. Thanks!

[emilyanncr]

sure thing! I just send you an email. No worried about tardy replies, I'm having same issue here. Thank you! xoxo

[pbarry-r7]

Awesome, email received, thanks much! I'm traveling this week, will circle back on this next week. Cheers!!

[emilyanncr]

awesome! thank you! hope you're enjoying the holidays xo

[pbarry-r7]

Oof, this item didn't get timely attention, my apologies. PR is up to fix the behavior, it works with the existing Metasploit paradigm of considering web vulnerabilities as a special type of vulnerability, so you'll be able to see web vulns imported from Acunetix XML files via the MSF wmap plugin (specifically: wmap_vulns -l).