I'm trying to authentication to MSSQL Server 2016 for policy assessment. I am getting the sql authentication error of 18452. [<host>:<nonstandard_port>/tcp] java.sql.SQLException: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. The managed credential is the same as I use for 2012 and 2014 MSSQL authentication without issue. SQL authentication is not going to be available to me, I have to use windows integrated. I've done some research but that particular error code doesn't return any useful information specific to MSSQL 2016. I get the same error when trying to authenticate remotely from the SQL Management Studio. I'm pretty sure that the issue is related to the SQL Server configuration but am not quite sure how to tackle that.
Posted by chris zieg 9 months ago
I am very new to hacking and am downloading software to help me along. I downloaded Metasploit but didn't bother changing the Host Server from localhost because I didn't know it would matter. Once again, very new to this. Now I can't open the program because it claims the connection is insecure. Is there a way to change the host server or should I delete and re-download the program? Also, are there any must-have programs I should get? Thanks
Posted by Daisy Rachel Elliott 10 months ago
root@kali:~# service postgresql start root@kali:~# msfconsole /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:87:in `not_after=': bignum too big to convert into `long' (RangeError) from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:87:in `sign_jar' from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:118:in `generate_jar' from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:38:in `generate' from /usr/share/metasploit-framework/lib/msf/core/payload.rb:204:in `size' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:158:in `block (2 levels) in recalculate' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:102:in `each_pair' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:102:in `block in recalculate' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:98:in `each_pair' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:98:in `recalculate' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:251:in `block in load_modules' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:248:in `each' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:248:in `load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:119:in `block in load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:117:in `each' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:117:in `load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:41:in `block in add_module_path' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `each' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `add_module_path' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:50:in `block in init_module_paths' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:49:in `each' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:49:in `init_module_paths' from /usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:219:in `initialize' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `new' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `driver' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start' from /usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start' from /usr/bin/msfconsole:48:in `<main>'
Posted by Zero Nairo 10 months ago
I have scans running roughly all day. I see engines abort regularly, but seem to pick up fine on the next scheduled scan. What are common causes of scan engines aborting and solutions to help prevent them when possible?
Posted by Charles Burch 10 months ago
I have been running "Web App Test" in "Metasploit Pro 4.14.2 - Update 2018061801" using a trial license running on Ubuntu 16.04 (in a VM). Most websites work exactly as expected but for some URLs (I am afraid I don't want to publically list my URL here, but it is a normal website running on Google App Engine) [*] [2018.06.27-15:49:59] Running Web App Test 1... [*] [2018.06.27-15:49:59] Processing target information... [+] [2018.06.27-15:50:00] Workspace:https://example.com Progress:1/1 (100%) Validating target URLs... [*] [2018.06.27-15:50:00] Validating 2 targets. [-] [2018.06.27-15:50:00] Invalid response from https://example.com:443/: CODE 0 [-] [2018.06.27-15:50:00] Invalid response from https://192.0.2.1:443/: CODE 0 [*] [2018.06.27-15:50:00] Validated 0 URLs. [*] [2018.06.27-15:50:00] Crawling URLs... [+] [2018.06.27-15:50:00] Workspace:https://example.com Progress:1/1 (100%) Completed. Where can I look to get more details on what is happening?
Posted by Barnaby Shearer 10 months ago
I have the integration between ADFS 3.0 and our On-Prem Nexpose console setup and working; however, I cannot seem to find the right syntax to keep the user from hitting the 'idpinitiatedsignon' page (where you select what site you are trying to sign into). With one of my other applications, I was able to put the 'Relaying Party' ID encoded within the IDP call behind 'LogintoRP' with no issues. However, trying to do this with Nexpose's Relay State, it does not seem to be working. Here is a quick 'sanitized' syntax of what I am doing: https://adfs.domain/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://rapid7.com/nsc/console/<string> I have been reading that I may have to use the 'RelayState' parameter but I am not exactly sure what the values would be. Does anyone have any experience or guidance using ADFS 3.0 in this manner? Thank you
Posted by Tony Hamil 10 months ago
Armitage is not woking with me but msfconsole is working good , when i lunch armitage and press connect it dose not ask me to connect with RPC like it was asking before!, and stuck in logging in and (connection time out or host refuse) , ( I'm using the default host and port). I'm using kali linux
Posted by Abdelfattah Mohamed 10 months ago
We created a policy template for Windows 2008R2 as described here (https://nexpose.help.rapid7.com/docs/working-with-policy-manager-results) then I scanned several Windows 2008R2 assets against the policy template. However, when I go to Reports and select a Policy Report and run it against the policy and assets scanned; the report only shows 1 asset. Does anyone know why I am missing the other assets? Or am I going about the reporting wrong with policy manager? thanks, andrew
Posted by Michael Moreno 10 months ago
The installer detected an incomplete installation of Nexpose at C:\Program Files\rapid7\nexpose Either a previous installation attempt is still running , or it terminated unexpectdly without being cancelled. ============================= Can you please help to uninstall on windows 64 bit system ?
Posted by Nagesh 10 months ago
I would like to get the list of hostname aliases (posted below the hardware address when viewing an asset) using SQL. Is this possible? Ultimately, I want to look for duplicate assets by aliases. There are times when I filter by hostname and get two results. One will show the hostname I looked for but with an outdated IP address (showing an old last scanned date). The other will show the correct IP for the asset I looked for but with the wrong hostname. When I click on the 2nd finding (correct IP, wrong hostname), I can see the correct hostname listed in the aliases section.
Posted by Anon 10 months ago
There are "cards" (graphs) on my Nexpose dashboard at exposure-analytics.insight.rapid7.com. Can I create my own cards (graphs)? Say by writing an sql query similar to what I do in Nexpose reports? This is suggested in the documentation, but I can't find details anywhere. Currently I run sql queries in Nexpose reports, export the results to Excel, and create Excel graphs. I'm wondering if I can do something similar directly on exposure-analytics.insight.rapid7.com and have the graphs appear on my dashboard.
Posted by e doberman 10 months ago
I created a site, chose 1 asset, added my credential for the target system using all audit scan template and then ran an audit report when finished. The target of evalution is windows 10, but i'm seeing everything from windows 10, Windows 7, server 2012, 2003, how do i filter out everything except the applicable OS
Posted by Mike Cloud 10 months ago
Nexpose sql query: Are duplicate rows in fact_asset_scan_vulnerability_instance normal? Or an indication of some other problem? I'm also finding records in fact_asset_date for assets that are not in dim_asset, that is, the foreign asset_id key in fact_asset_date is not in dim_asset.
Posted by e doberman 10 months ago
Hi, I see that Nexpose recommend to exclude scanning Load Balancers. Given the nature of common fault tolerant architectures in public cloud environments, load balancers are often deployed with an alias/cname attached for external connectivity. Question 1 What is the best approach to complete external scanning with a hosted scan engine of an AWS environment with: - Elastic Load Balancers - API Endpoints Question 2 I also noted that when using Dynamic Discovery, it will include instances without EIP addresses, but they will not appear in the asset list for the site configuration. Does this mean they wont actually be scanned? Any guidance is greatly appreciated. Thanks
Posted by Ciaran 10 months ago