How can i set the packet size in the synflood attack on metasploit v5.0.13? Metasploit was pre-installed on Kali Linux. I use the auxiliary dos/tcp/synflood and i set only the RPORT and RHOST. In wireshark i notice that only the window size changes during the attack but the length is 0. In the windows task manager i notice that only CPU usage increases not memory.
Posted by Christos Nikas 6 months ago
Our goal is to have business managers request a new Rapid 7 scan via ServiceNow, once data collected (e.g., application name, policy, etc.) would be sent to Rapid 7 via command line for execution. Would be nice to have the Rapid 7 scan results sent back the requestor via e-mail.
Posted by Praveen 6 months ago
Another question was asked for this, but the linked document is no longer available. I have some internet-facing cloud assets I would like to scan, but they are currently locked down to only accept traffic from pre-approved systems.
Posted by Christopher Ward 6 months ago
Hi Rapid7 community, I am inquiring about a way for a dockerize an insightVM agent and scan the underlying host, assuming there is sufficient privileges to do so. The agent in the docker container can then send that info back to InisghtvM. Thank you
Posted by Nick Kwiecien 6 months ago
Are we able to get the following information from our Rapid7 Product? 1. Number of new vulnerabilities over a user defined period 2. Number of vulnerability remediation’s over a user defined period Example: New vulnerabilities from 01/01/2019 to 02/15/2019 Number of vulnerabilities remediated from 01/01/2019 to 02/15/2019
Posted by David Miller 6 months ago
Is there a way in Rapid7 Vulnerability Scans to create a field with a unique identifier number when the vulnerability is first found (New) so that it can mapped back with future scans with that same unique identifier? Example: Day 1 Scan 1/1/2019: (Unique ID 00001) New - 10.10.10.1 High Certificate Expired 1/1/2019 Day 2 Scan 1/2/2019: (Unique ID 00002) New - 10.10.10.2 Med dns-bind-cve-2019-6465 1/2/2019 (Unique ID 00001) Open - 10.10.10.1 High Certificate Expired 1/1/2019
Posted by Frank Perkins 6 months ago
Before the switch to Rapid7 I was able to search multiple log sets at a time. I can't seem to be able to do this anymore and I have to go through each log set individually. Can you show me where I can access this functionally?
Posted by Alexander Mellor 6 months ago
I have a query that I need to exclude specific categories and vulnerabilities; all the while including some categories. There are some vulnerabilities that come up that are included in several of the categories. Well i only need it to come up for one category not all. For example Microsoft patch and Microsoft have cve iud 123 vulnerability. I want to exclude Microsoft but at the same time include Microsoft patch. ANY suggestions?? Anyone use reports as sql .
Posted by Vanessa villalpando 6 months ago
Hi I created a scan template successfully use the post method.But when i use the put method to update this scan template,the server returns a response with status 400,and the error message is "Can't modify global scan templates through the API." Why this happen and how can i resolve it?
Posted by Jim 6 months ago
On the Top (Number) Remediations by Risk report it will list the remediation, the number of affected assets, risk, etc. Is there a way to pull the list of assets associated with the remediation listed? You can search for assets associated with a specific vulnerability, but the issue is that some applications can have multiple vuls that affect different versions. You can look up a specific vul and it may not include all the assets. I'm curious how to get the list of assets this report is saying needs the recommended remediation.
Posted by Russ Davis 6 months ago
I am attempting to run a SQL report starting from the fact_asset_scan_vulnerability_instance table but I am finding that the query response times are poor. A simple COUNT(*) FROM fact_asset_scan_vulnerability_instance takes 5+ hours to count 1.5 million entries which doesn't lead to expanding the query if I can only run one attempt per business day. Is it just my environment? Does anyone query this table via SQL? If so, what sort of response times do you get (and for how many entries)?
Posted by Paul Connolly 6 months ago
I am getting an error when installing Metasploit framework on Windows 10. "Setup ended prematurely." Metasploit works but I can't init the Database. I've tried msfdb delete, msfdb reinit but nothing works. I downloaded an older version of framework and ran installation with my Anti Virus off (Webroot found problems when installing but I restored and allowed.) Is there a way to uninstall framework? It's not in control panel so I deleted the C:/ folder and it's (corrupt database) from C:/Users/Me. So how can I run Metasploit framework and install it correctly? (msfdb init?) Please reply. Thanks!
Posted by Mike Held 6 months ago
Hi, this is probably an easy question. I have Metasploit Pro on Windows 10. I am trying to exploit the vulnerability "exploit/linux/http/mailcleaner_exec". I am getting 2 errors : Exploit failed: Errno::ECONNRESET An existing connection was forcibly closed by the remote host. and Exploit aborted due to failure: unexpected-reply: Did not get cookie-set header from response. I understand the forcibly closed, but I'm not sure about Cookie. What should I do to fix this? Can I keep my connection from dropping and find a cookie-set header? Please reply. Thanks
Posted by Mike Held 6 months ago
Hey, I'm wondering how well Ivanti Service Management will work together with InsightVM? Is there a way to integrated not directly supported Ticket Management Solutions, how much workload will that take? Are there any disadvantes like features which are not possible? Best Regards Thorsten
Posted by Thorsten 6 months ago
Hello, I scanned a one website with External Audit ASV Scan type. After scan is complete, i was generated a report with PCI Host Details Report Template types. In this report, i see the IP address of host but i want to see FQDN name. How can i do FQDN based scan in InsightVM?
Posted by osman 6 months ago
Hello all, I have stored several credentials in one site in Nexpose. Unfortunately, I have lost all passwords which were stored in my desktop and need to retrieve them as soon as possible. I could see that passwords of credentials are stored but hidden when try to edit credential. I tried to modify the html code from "password" type to "text" type, however, the password is still hidden behind asterisks. Is there any way how to make it reveal the password? Thank you
Posted by Donggun Kim 6 months ago