I've tried HTML and BBCode and little WikiText but can't seem to figure out which markup language works. It's actually weird that there isn't a little toolbar or something on the text entry field and helps with some common markups like italics, bold, and code blocks. Not a fan of whatever this is supposed to be.
Posted by Jasey DePriest about a year ago
I am trying to build a SQL Query to pull only systems that were live during the most recent scan in a particular site. I have the various attributes mapped out but just can't get the JOINs right. What I have so far is this: <code> SELECT da.asset_id, da.ip_address, da.host_name AS hostname, da.mac_address, da.sites AS site_list, da.last_assessed_for_vulnerabilities AS last_scan_per_asset, das.scan_finished AS last_scan_per_scan FROM dim_asset da JOIN dim_asset_scan das USING (asset_id) JOIN dim_site ds ON ds.last_scan_id = das.scan_id ORDER BY da.host_name, da.ip_address </code> It shows me every asset with its last scan date, not just assets that were live on the last scan. These are the attributes I've been trying to create relationships with. dim_site.last_scan_id dim_asset.last_assessed_for_vulnerabilities dim_asset_scan.finished dim_scan.finished I've tried to JOIN where dim_site.last_scan_id matches dim_scan.scan_id where dim_scan.scan_id matches dim_asset_scan.scan_id I've also tried matching in timestamps. Where I want an asset included only if dim_asset.last_assessed_for_vulnerabilities matches dim_scan.finished But I cannot get the syntax correct. The SQL always fails validation when I try to add in the additional logic. Thanks! Jasey
Posted by Jasey DePriest about a year ago
Hello Rapid 7 Team, I've Been trying to create a Remediation project and display results. However, I don’t get why nothing is coming up. Not sure if something from the internal side or maybe something isn’t configured correctly? Should I contact my CSM? Been using these steps below as well as the demo for InsightVM. It’s very Straightforward, but I’ll keep trying. Creating a Remediation Project https://insightvm.help.rapid7.com/v1.0/docs/remediation-workflow 1. Create a remediation project from within the Dashboard or from the Projects tab. 2. If you are within the Dashboard, expand the card showing assets by risk and vulnerabilities to view a list of assets. If desired, you can apply an existing filter or create a new query. 3. Select the assets you want to include and add them to create a Static Remediation Project. For Dynamic Remediation Projects, use the asset and vulnerability filters to define the scope of the solutions that will populate the project. 4. Name the project and assign it to one or more Security Console users. DEMO https://information.rapid7.com/insightvm-product-demo-august-thanks.html?aliId=19803371 Any help would be great. Thank you.
Posted by Kenneth Boadu about a year ago
My company has changed their methodology for scanning configuration policy. I've got a number of systems that report on platforms that don't apply ex. Routers reporting Windows compliance results. Sometimes the results are 0% and sometimes they are higher. I need to have all of this cleared out. It messes up my reporting and there is not way to get these systems properly identified to eliminate the incorrect policy checks. I've thought of deleting the assets, but I'm not sure that's the best solution.
Posted by John Booth about a year ago
Hello, I get "login failed" on both port 139 and 445. The credentials are obviously valid since I can connect from the same Win10 machine. The server has been hardened and it only supports SMB v2.I also tried setting various advanced SMB:: parameters to no avail. I ran Wireshark and Metasploit offers LANMAN and NT LANMAN version 1.0 and 0.12 which are not accepted by the remote server so in the next packet it closes the connection. I have the same issues also for the smb_ms17_010 scanner. Is SMB2 currently not supported by Metasploit modules? Thank you, Luke
Posted by Luke about a year ago
NEXPOSE - API Revive DHCP Service Dynamic Connection I find that my DHCP Service connection within Nexpose does not tend to re-establish properly after application upgrades or any sort of service disruption. I ultimately end up re-saving the existing connection configurations for a discovery connection to be established. I'm looking at writing a monitor to watch discovery connections and re-create them if they are unavailable for more than a specified time limit. Has anyone already written something similar or better until the service is more reliable?
Posted by BrianWGray about a year ago
I've written a short test script to be able to create a new DAG. Here's the code. It executes without errors on a local account that has global admin to the nexpose instance. assetarray =  nxpcon.login if nxpcon.session_id puts "logged in" assetarray << Criterion.new("IP_ADDRESS","IS","192.168.1.1") assetarray << Criterion.new("IP_ADDRESS","IS","192.168.1.2") crag = Criteria.new(assetarray,"OR") dag = DynamicAssetGroup.new('test',crag,'test description') dag.save(nxpcon) end
Posted by Brian Bagent about a year ago
Hello. I installed Metasploit but after installing it I don't get an option to create a username and password,so I can't login. Also when I downloaded it I was expecting to receive an email and I am still to get the email.
Posted by Gbenga Sogbetun about a year ago
As a customer moves to aggressively remediate findings, the issue surfaced with detected internal assets and cert issues. Although this is not to be dismissed, I would like to find a way to add a exception targeting findings with "ssl-self-signed-certificate" and "ts-untrusted-ca" findings. One approach is to create a dynamic asset group targeting internally facing assets with any certificate issue in the vulnerability title. This seems a bit risky, since there is no specific way to mark these, its possible to miss something important. Any suggestions?
Posted by JC about a year ago
Hello, I have Kali Linux 64-bit on VMware Player 14 and Windows Server 2016 Host. I scanned my target with Rapid7 Nexpose (or InsightVM) and found a Vulnerability. Now, I'm in Kali VM with Metasploit. After navigating to "use auxiliary/scanner/ntp/ntp_unsettrap_dos" I enter in the RHOST and run. I get the error: Auxiliary failed: NoMethodError undefined method `size' for #<Rex::Proto::NTP::NTPControl:0x0055d6437416b0> Does anyone know how I can fix this problem? I don't know what 'size' is. I tried "set NUM 0" but I got the same error. "Show options" shows: msf auxiliary(ntp_unsettrap_dos) > show options Module options (auxiliary/scanner/ntp/ntp_unsettrap_dos): Name Current Setting Required Description ---- --------------- -------- ----------- BATCHSIZE 256 yes The number of hosts to probe in each set FILTER no The filter string for capturing traffic INTERFACE no The name of the interface PCAPFILE no The name of the PCAP capture file to process RHOSTS X.X.X.X yes The target address range or CIDR identifier RPORT 123 yes The target port (UDP) SNAPLEN 65535 yes The number of bytes to capture THREADS 16 yes The number of concurrent threads TIMEOUT 100000000 yes The number of seconds to wait for new data I obvisouly marked out the RHOSTS. Can anyone help me with this error so I can run Metasploit? Please reply. Thanks!
Posted by Mike Held about a year ago
Je viens d'installer Rapid7 Security console de Nexpose sur un serveur sous Windows Server 2012 R2, quand je lance la console depuis le lien https://localhost:3780 et je me logue je reçois le message suivant (VM has reported the following error:Critical error during initialization: null). Durant l'instalation un fichier nommé error est généré sur le bureau du VM, ci-dessous son contenu. In action "nexserv.ico [Run script]" (screen "CustomInstallationScreen"), property "Script": java.io.FileNotFoundException: C:\Program Files\rapid7\nexpose\nsc\nexserv.ico (Accès refusé) at java.io.FileOutputStream.open0(Native Method) at java.io.FileOutputStream.open(FileOutputStream.java:270) at java.io.FileOutputStream.<init>(FileOutputStream.java:213) at java.io.FileOutputStream.<init>(FileOutputStream.java:162) at com.exe4j.runtime.util.FileUtil.copyFile(FileUtil.java:20) at com.install4j.script.I4jScript_Internal_157.eval(I4jScript_Internal_157.java:6) at com.install4j.script.I4jScript_Internal_157.evaluate(I4jScript_Internal_157.java:*29) at com.install4j.runtime.installer.helper.Script.evaluate(Script.java:33) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:188) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:182) at com.install4j.runtime.beans.actions.control.RunScriptAction.execute(RunScriptAction.java:34) at com.install4j.runtime.beans.actions.SystemInstallOrUninstallAction.install(SystemInstallOrUninstallAction.java:29) at com.install4j.runtime.installer.ContextImpl$7.executeAction(ContextImpl.java:1668) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1659) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1656) at com.install4j.runtime.installer.helper.comm.actions.FetchObjectAction.execute(FetchObjectAction.java:14) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionDirect(HelperCommunication.java:274) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionInt(HelperCommunication.java:249) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionChecked(HelperCommunication.java:187) at com.install4j.runtime.installer.helper.comm.HelperCommunication.fetchObjectChecked(HelperCommunication.java:170) at com.install4j.runtime.installer.ContextImpl.performActionIntStatic(ContextImpl.java:1656) at com.install4j.runtime.installer.InstallerContextImpl.performActionInt(InstallerContextImpl.java:151) at com.install4j.runtime.installer.ContextImpl.performAction(ContextImpl.java:1103) at com.install4j.runtime.installer.controller.Controller.executeAction(Controller.java:368) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:334) at com.install4j.runtime.installer.controller.Controller.executeActionGroup(Controller.java:405) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:339) at com.install4j.runtime.installer.controller.Controller.handleCommand(Controller.java:195) at com.install4j.runtime.installer.controller.Controller.start(Controller.java:94) at com.install4j.runtime.installer.Installer.runInProcess(Installer.java:59) at com.install4j.runtime.installer.Installer.main(Installer.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:65) at com.exe4j.runtime.WinLauncher.main(WinLauncher.java:101) at com.install4j.runtime.launcher.WinLauncher.main(WinLauncher.java:26)
Posted by Walid Daidai about a year ago
How do you delete a recurring report? We have some recurring reports that are no longer needed. I can see the reports scheduled in the Calendar. I cannot find where these scheduled items are stored so that I can delete and prevent them from running again.
Posted by Scott Meyer about a year ago