Skip to content

Fix nessus service import crash#21044

Merged
adfoster-r7 merged 1 commit intorapid7:masterfrom
adfoster-r7:fix-nessus-service-import-crash
Mar 2, 2026
Merged

Fix nessus service import crash#21044
adfoster-r7 merged 1 commit intorapid7:masterfrom
adfoster-r7:fix-nessus-service-import-crash

Conversation

@adfoster-r7
Copy link
Contributor

@adfoster-r7 adfoster-r7 commented Mar 2, 2026
edited
Loading

Fix nessus service import crash

Verification

Original command:

db_import example.nessus

Test data which caused the issue, protocol RMI-P4

<ReportItem port="50204" svc_name="RMI-P4" protocol="tcp" severity="0" pluginID="11219" pluginName="Nessus SYN scanner" pluginFamily="Port scanners">
<ReportItem port="50204" svc_name="unknown" protocol="RMI-P4" severity="0" pluginID="93374" pluginName="SAP RMI-P4 Protocol Detection" pluginFamily="Service detection">

Other issues spotted which will need to be fixed:

[03/02/2026 17:40:20] [d(0)] core: Skipping service since it is not a Hash or Mdm::Service: NilClass

Potential fix, but it looks like vulns shouldn't be importing for everything in the nessus file:

--- a/lib/msf/core/db_manager/import/nessus/xml/v2.rb
+++ b/lib/msf/core/db_manager/import/nessus/xml/v2.rb
@@ -121,8 +121,9 @@ module Msf::DBManager::Import::Nessus::XML::V2
       info[:name] = name
     end
 
+    service = nil
     if port.to_i != 0
-      msf_import_service(info)
+      service = msf_import_service(info)
     end
 
     if nasl.nil? || nasl.empty? || nasl == 0 || nasl == "0"
@@ -164,6 +165,7 @@ module Msf::DBManager::Import::Nessus::XML::V2
       :info => description ? description : "",
       :refs => refs,
       :task => task,
+      :service => service
     }
 
     if port.to_i != 0

adfoster-r7
adfoster-r7 commented Mar 2, 2026
View reviewed changes
lib/msf/core/db_manager/import/nessus/xml/v2.rb

next if proto.casecmp?('icmp')
unless Mdm::Service::PROTOS.include?(proto)
elog("Unknown protocol '#{proto}' for #{addr}:#{port} for nessus import, defaulting to tcp")
Copy link
Contributor Author

@adfoster-r7 adfoster-r7 Mar 2, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The print_* methods would be nicer here, but we don't have access to them in this context unfortuantely.

@adfoster-r7 adfoster-r7 force-pushed the fix-nessus-service-import-crash branch from 20d2d9e to f1cbb90 Compare March 2, 2026 19:44
@github-project-automation github-project-automation bot moved this from Todo to In Progress in Metasploit Kanban Mar 2, 2026
@adfoster-r7 adfoster-r7 merged commit 88216de into rapid7:master Mar 2, 2026
46 of 48 checks passed
@adfoster-r7 adfoster-r7 deleted the fix-nessus-service-import-crash branch March 2, 2026 20:45
@github-project-automation github-project-automation bot moved this from In Progress to Done in Metasploit Kanban Mar 2, 2026
@adfoster-r7
Copy link
Contributor Author

adfoster-r7 commented Mar 2, 2026

Release Notes

Fixes a crash when using db_import on a nessus with protocols other than tcp or udp

@adfoster-r7 adfoster-r7 added the rn-fix release notes fix label Mar 2, 2026
@adfoster-r7 adfoster-r7 mentioned this pull request Mar 3, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sjanusz-r7 sjanusz-r7 sjanusz-r7 approved these changes

Assignees

No one assigned

Labels

rn-fix release notes fix

Projects

Metasploit Kanban
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adfoster-r7 @sjanusz-r7