I'm having problems getting a SQL query to give me one of the categories I need (asset tags). I'm trying to pull high level statistics for a simple monthly metrics report. Any suggestions? here is what I have so far dt.tag_name AS "Asset Category", COUNT(da.asset_id) AS "Asset ID", SUM(fa.vulnerabilities) AS "Total Vulnerabilities", SUM(fa.severe_vulnerabilities) AS "Severe Vulnerabilities", SUM(fa.moderate_vulnerabilities) AS "Moderate Vulnerabilities", SUM(fa.critical_vulnerabilities) AS "Critical Vulnerabilities" FROM dim_asset da JOIN fact_asset fa USING(asset_id) JOIN dim_tag_asset dta USING(asset_id) JOIN dim_tag as dt USING(tag_id) GROUP BY dt.tag_id, dt.tag_name ORDER BY dt.tag_name
Posted by Billy johnson 10 months ago
Hello, I am trying to use Metasploit Community and Framework on Windows to scan my Metasploitable 2 VM on VMware. After installing metasploitable, I tried to scan with Metasploit Community. After adding the IP from Metasploitable (ifconfig) it shows no hosts discovered. I tried Zenmap on Windows and it came up with nothing for the VM. I added -Pn to Nmap and it found the VM host. I tried running Metasploit Community with the custom nmap -PN, and it found the host but no services or anything else. Metasplotiable is using NAT and Host Only. That's my 2 VMware adapters VMnet1 and VMnet8 using NAT and Host-Only. I tried Host-Only but still not working. I'm not sure if this is a problem for Metasploitable or VMware. I played with the Virtual Network Editor but don't know what I'm doing and kept default. Is there a way to set all my VM's to ping to each other? Please reply with help on getting Hosts on Metasploit Community and setting up Metasploitable 2. Thanks
Posted by Mike Held 10 months ago
Can Nexpose retrieve credentials through either a GET cmd or a direct connection to Password Manager Pro in order to conduct a credentialed scan? If this isn't possible...is it possible to import a batch of credentials into Nexpose?
Posted by Renn Amstead 10 months ago
So I was testing some payloads on a targeted windows machine over WAN. So far so good, but then a session opened . The sessions wasn't my targeted machine, it was another IP ADDRESS from Avast. I have no idea how is this possible. If someone can explain me what is this please respond. Thank you, Adrian
Posted by Adrian Furo 10 months ago
Nexpose installed on a Win2008R2 server. The console fails to load when connecting to the web site. It makes it to about 94% before it just stops, and the services shut themselves down. Initially we thought it was due to a space issue, we were very low. But now have 100+ GB free on the drive Nexpose is installed in and the warnings are gone from the logs. I'm not entire sure where to look in the logs for a possible misstep, this seems to be about the point where it all goes south: 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Accepting web server logins. 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Security Console web interface ready. Browse to https://localhost:3780/ 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Initializing data warehouse export service... 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Initializing NSX connection manager... 2018-06-18T16:55:51 [INFO] [Thread: Security Console] [Started: 2018-06-18T16:55:51] [Duration: 0:00:00.009] Completed initializing NSX connection manager. 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Initializing IDP credential provider. 2018-06-18T16:55:51 [INFO] [Thread: Policy Usage Statistics Status] Starting policy usage statistics status task. 2018-06-18T16:55:51 [INFO] [Thread: Security Console] [Started: 2018-06-18T16:55:51] [Duration: 0:00:00.004] Completed initializing IDP credential provider. 2018-06-18T16:55:51 [ERROR] [Thread: Security Console] Error during server initialization. java.lang.NullPointerException: null at com.rapid7.nexpose.nsc.NSC.initSubsystems(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.run(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.main(Unknown Source) [nsc.jar:na] 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Shutting down immediately 2018-06-18T16:55:51 [INFO] [Thread: Security Console] Shutting down Quartz scheduler. Error during initialization, then everything starts shutting itself down. The person assigned to my R7 case keeps point to space as a problem but I have cleaned out more and more and it's not resolving anything (as mentioned, warnings are gone, too)
Posted by Russ Davis 10 months ago
Hello, I'm seeing the message at the bottom of the application that says a new version is available to install. I closed the app like usual but it just re-installs my current version of 22.214.171.124. I've even tried going to the AppSpider download page manually and it's also wanting to just install the old 126.96.36.199. Is there an issue with this release? Is there an issue with the version number maybe? Should the new one be 7.0.61? Just taking a shot in the dark there. Thanks, --Matt
Posted by Matt Johnson 10 months ago
/usr/share/metasploit-framework/lib/msf/core/payload/android.rb:92:in `not_after=': bignum too big to convert into `long' (RangeError) from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:92:in `sign_jar' from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:123:in `generate_jar' from /usr/share/metasploit-framework/lib/msf/core/payload/android.rb:38:in `generate' from /usr/share/metasploit-framework/lib/msf/core/payload.rb:204:in `size' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:158:in `block (2 levels) in recalculate' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:102:in `each_pair' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:102:in `block in recalculate' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:98:in `each_pair' from /usr/share/metasploit-framework/lib/msf/core/payload_set.rb:98:in `recalculate' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:251:in `block in load_modules' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:248:in `each' from /usr/share/metasploit-framework/lib/msf/core/modules/loader/base.rb:248:in `load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:119:in `block in load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:117:in `each' from /usr/share/metasploit-framework/lib/msf/core/module_manager/loading.rb:117:in `load_modules' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:41:in `block in add_module_path' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `each' from /usr/share/metasploit-framework/lib/msf/core/module_manager/module_paths.rb:40:in `add_module_path' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:50:in `block in init_module_paths' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:49:in `each' from /usr/share/metasploit-framework/lib/msf/base/simple/framework/module_paths.rb:49:in `init_module_paths' from /usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:196:in `initialize' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `new' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `driver' from /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start' from /usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start' from /usr/bin/msfconsole:48:in `<main>'
Posted by Shivam 10 months ago
Hi, I've installed Nexpose community and get the following error when I try a scan. Any clue what the problem is? (java.io.IOException: The Nmap exit value is not zero: 1 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:748) ) I am on Windows 7 64bit, using the local scan engine. Thank you
Posted by John Erickson 10 months ago
I am trying to build a basic automated report for server review self service with the following query. Borrowing from another post and adding my own SQL on top, my error states: Error:column css.credential_status_description does not exist Character:946 I only get an error when adding in the SELECT for creds_status. All documentation web and PDF states that column does indeed exist. I have returned results for that column in a straightforward query. Help. My Query is: WITH all_tags AS ( SELECT asset_id, tag_name AS all_tags FROM dim_tag JOIN dim_tag_asset dta USING (tag_id) GROUP BY asset_id, tag_name ), policy_set AS ( SELECT asset_id, description AS policy_set FROM fact_asset_policy_rule JOIN dim_policy_result_status dprs USING (status_id) GROUP BY asset_id, description ), policy_rules AS ( SELECT asset_id, title AS policy_rules FROM fact_asset_policy_rule JOIN dim_policy_rule USING (rule_id) GROUP BY asset_id, title ), creds_status AS ( SELECT asset_id, credential_status_description AS creds_status FROM dim_asset_service_credential JOIN dim_credential_status USING (credential_status_id) GROUP BY asset_id, credential_status_description ) SELECT ip_address as "IP Address", host_name as "Hostname", dos.description AS "OS", alt.all_tags as "Tags", ps.policy_set as "Policy Status", pr.policy_rules as "Policy Rule", css.credential_status_description as "Credential Status" FROM dim_asset JOIN dim_operating_system dos USING (operating_system_id) LEFT OUTER JOIN all_tags alt USING (asset_id) LEFT OUTER JOIN policy_set ps USING (asset_id) LEFT OUTER JOIN policy_rules pr USING (asset_id) LEFT OUTER JOIN creds_status css USING (asset_id) Matt
Posted by Matthew Swenk 10 months ago
We installed version 2.2.0 (we also have 1.2.2 installed) on our servicenow developer instance and when we try to run Nexpose Integration Last Scan (first run of the application, section 4), it is immediately failing with the error : "Encountered error running the integration. ReferenceError: "sn_automation" is not defined." Any assistance is appreciated. Thanks. Patrick Hames
Posted by Patrick Hames 10 months ago
Hello , I'm running kali linux and my virtual-box has metasploitable 2 I made an Nmap scan and found a lot of opened port and I want to exploit port 512/tcp open exec 513/tcp open login 514/tcp open shell When I made research i found I can access with root privileges if i type rlogin -l root <ip-of-metasploitable> When I run that I get this error root@kali:~# rlogin -l root 192.168.43.113 rlogind: Host address mismatch. any help please
Posted by Ayoub Elaich 10 months ago
System event error provided ======================================== Python could not construct the class instance Traceback (most recent call last): File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\persistence\winsvc.py", line 26, in __init__ File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\agent.py", line 206, in __init__ File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\agent_config.py", line 640, in __init__ File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\agent_config.py", line 645, in _load_config File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\agent_config.py", line 482, in validate File "E:\jenkins\WORKSP~1\PYD4C1~1\agent\agent_config.py", line 600, in _check_type ValueError: client_crt is required %2: %3
Posted by Rony Chudnovsky 10 months ago
I'm trying to execute a custom query in InsightIDR to search for top abused domains. This is my query: public_suffix = xyz OR biz OR ga OR gg OR men OR cf OR ga OR tk OR work OR top OR click OR ml However I also get .com results. What am I doing wrong?
Posted by Ciber Seg 10 months ago
When I run the following: select da.ip_address, da.host_name, dos.name as OS, dos.version as OS_Version, dp.title as Policy_Title, dpr.title as Rule_Name, dpr.description as Rule_Description, dprs.description as Complaince_Status from fact_asset_policy_rule as fpr join dim_asset as da on fpr.asset_id = da.asset_id join dim_operating_system as dos using (operating_system_id) join dim_policy as dp on fpr.policy_id = dp.policy_id join dim_policy_rule as dpr on fpr.rule_id = dpr.rule_id join dim_policy_result_status as dprs on fpr.status_id = dprs.status_id I get duplicate returns based upon how many times the server was scanned, but there in no associated scan date provided. Software certificate installation files must be removed from a system. Software certificate installation files must be removed from a system. Software certificate installation files must be removed from a system. How do I get the date for each of the scans, so that I can filter out the old scans?
Posted by Stephen R. Harashack 10 months ago