Dear All, I'd like to know is it possible to compose attacking vector in such a way that, remote vicitim will not be required initially to interact with you, that is if OS is vulnerable then you'll execute the vulnerability succesfuly without vicitm perception. So far in the blogs, articles that I've read, usually suggest that you create a bait (PDF, Flash Player, etcc) then abet the victim to trigger it, but the real life scenerio may not work like that. Enticing someone to click a link or to download a crafted vulnerable file may sound suspicious and shrewdy end - user may immediately stop interacting. Aside from all that you will use your credibility. Regards
Posted by sblade about a year ago
Hi, i am new to Metasploit, I am using kali 2017.2. I was able to install kali in Vbox and win xp sp1 (64) and xp sp3. my problem is once I want to attack the victim machine, it shows everything, except the open session. 1. I double checked that kali and win xp can communicate each other (using nmap and ping) 2. check open ports in rhost (xp in my case) 3. I am using virtualBox for both kali and xp, putting them in internal network and configure the ips manually, but double check they can communicate as explained in 1. 4. I tried multiple exploits ms067, ms03... also (reverse_tcp, bind_tcp, shell), but no luck I am not really sure what is the problem, tutorials seem so simple, but when I am trying to do so it is kind of impossible to do. Any help!
Posted by Abdu Om about a year ago
During the initialization using nsc.sh console goes in maintenance mode and when i try logging into the web page (localhost:3780) only this message appears: Critical error during initialization: PreparedStatementCallback; bad SQL grammar [SELECT licmod_id, licmod_name FROM nxadmin.lic_modules]; nested exception is org.postgresql.util.PSQLException: ERROR: relation "nxadmin.lic_modules" does not exist Position: 45 I'm currently running nexpose on Kali linux 64 bit (i've installed it on port 54321 not to create conflicts with PostgreSQL)
Posted by Lorenzo De Luca about a year ago
When I attempt to scan over a wireless network, the nexpose scan fails with the error at bottom. Things to note: Pings throughout the network are successful, so even tuned the scan template to discover only using ICMP. Nexpose over the wired network flawless (so don't say Nmap isn't installed correctly) Browsers tried: Chrome, Mozilla and IE Observation: It's almost like it just doesn't want to use WiFi. There should almost be a setting in Nexpose where you can define what interface will be used to scan. Error: Failed (jave.io.IOException: The Nmap exit value is not zero: 255 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run (Unknown Source) at com.rapid7.nexpose.scan.Scan.start (Unknown Source) at com.rapid7.nexpose.snca.Scan.run (Unknown Source) at java.lang.Thread.run(Thread.java:745))
Posted by Matthew Crabbe about a year ago
I can't seem to get Nexpose to uninstall. I've tried via the Control Panel, and by running uninstall.exe -c from the command line. Both result in: The installer detected an incomplete installation of Nexpose at C:\Program Files\rapid7\nexpose. Either a previous installation attempt is still running, or it terminated unexpectedly without being cancelled. See the installation guide for instructions on manually removing installation files, or run the installer again. Finishing uninstallation... I tried ending the nexserv.exe and nexlaunch.exe processes first,and rebooting multiple times and nothing seems to work. Are there any instructions I could use for manually uninstalling it? We need to get the latest version installed and it won't run until the existing version is 'fully' uninstalled!
Posted by Charles Kunkel about a year ago
I see that RSA is used for encryption in Nexpose, as detailed in this page: https://nexpose.help.rapid7.com/docs/administration-maintenance#section-what-types-of-encryption-does-the-application-use- From that page: To ensure the security of the application, Nexpose uses the following types of encryption algorithm keys in these areas: Identification/authentication: RSA Credential password storage: RSA Connection to the Web interface: RSA and HTTP over SSL Credential encryption: 3DES encrypted with RSA Security Console to Scan Engine communication: TLSv1.2, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for backwards compatibility, and TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384. So is my installation of Nexpose vulnerable? I would be most concerned about the communication between console and engine.
Posted by Alan Rivaldo about a year ago
We are running Nexpose Rapid 7 with end point agents deployed on all assets. All of the assets in my environment are listed as having this vulnerability in the security console. I have checked the version of the endpoint agent on several machines and all are Version: 1.4.69. There are 3 logs within the Rapid7 folder: upgrade, upgrade_error, upgrade_manifest, all dated 10/11/2017. Can someone help me troubleshoot why the assets are showing up with this vulnerability when all seem to have the correct agent version installed. Thank you.
Posted by Kristi Brady about a year ago
I have already get a Meterpreter session, and run command 'sysinfo' on my target, it looks like this : meterpreter > sysinfo Computer : WIN-AL678DJCQIH OS : Windows 2012 R2 (Build 9600). Architecture : x64 System Language : zh_CN Domain : ***** Logged On Users : 16 Meterpreter : x86/windows >>> but when i run other commands , nothing echo back I wonder maybe the payload will run successful in 32 , but it can't run x64 Architecture . Am i right ?
Posted by Johnson Smith about a year ago
I am attempting to automate installation of Nexpose consoles. For engines, I can run the installer like so: ``` ./Rapid7Setup-Linux64.bin \ -q \ '-VconsoleAddress=SOMEADDRESS' \ '-VcommunicationDirectionChoice$Integer=1' \ '-Vfirstname=MY' \ '-Vlastname=NAME' \ '-Vcompany=MYCOMPANY' \ '-Vsys.component.typical$Boolean=false' \ '-Vsys.component.engine$Boolean=true' \ '-VinitService$Boolean=true' \ '-Dinstall4j.suppressUnattendedReboot=true' ``` I would think I can do something similar for the console, replacing component.typical with true, and leaving out the engine line, but I consistently get: ```` Unpacking JRE ... Starting Installer ... GLib-GIO-Message: Using the 'memory' GSettings backend. Your settings will not be saved or shared with other applications. The installation directory has been set to /opt/rapid7/nexpose. Rolling back changes... ```` I am sure I am missing some flags, but I have not been able to find documentation on what they would be.
Posted by Noah Birnel about a year ago
Hi, Does anyone experience a similar problem after migrating to the new AWS Asset Sync discovery connection: The connection is in state Connected, instances are imported into a site, however when choosing to scan a scan the following message is returned: "Scan action failed: The requested scan cannot run at this time. Targets are currently being verified for scanning. Scanning will start if the targets can get verified." I am confused because there is no mentioning of target verification in Nexpose user documentation. Any ideas on how to proceed are appreciated.
Posted by elenako about a year ago