Hi, I am running metaspoilt on Fedora Linux 27. I am able to use non root user to run msfconsole and connect to msf database. But when try to do port scan, I have the following errors. msf > use auxiliary/scanner/portscan/syn msf auxiliary(scanner/portscan/syn) > run SIOCSIFFLAGS: Operation not permitted [-] Auxiliary failed: RuntimeError enp5s0: You don't have permission to capture on that device (socket: Operation not permitted) [-] Call stack: [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/exploit/capture.rb:124:in `open_live' [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/exploit/capture.rb:124:in `open_pcap' [-] /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/portscan/syn.rb:58:in `run_batch' [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/auxiliary/scanner.rb:215:in `block in run' [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/thread_manager.rb:100:in `block in spawn' [*] Auxiliary module execution completed When I use root to do msfconsole or from non root user to do sudo msfconsole, it is unable to connect to database msf > db_status [*] postgresql selected, no connection I was clueless how to solve the error, really appreciate someone that can help? Thank you
Posted by JT Lai 6 months ago
Wanted to remove some static sites in favor of dynamic sites - Created connections to our vSphere - created the sites using the new vSphere connections to discover the assets - deleted the old static sites - all the data seems to be unaffected except from the Trends Report which only shows about the last month's worth of data - anyone have any idea's?
Posted by David Miller 6 months ago
I have installed Rapid7 in ubuntu in one of the machine. I am trying to login via web browser from different machine like https://<public ip address of the installed machine> :3780/ Port 3780 is open but still I am unable to open the URL. It says This site can’t be reached
Posted by rajith 6 months ago
Hi, We want to make the pre-authorized scanner immutable in AWS and wondering if you can call the API to generate a shared secret so we can deploy the scanners via Terraform. We don't want to use VPC peering as this is viewed as a security risk should the main account get compromised, they'd have access to all of our other accounts. Thanks, James
Posted by James Boothby 7 months ago
I have install Metasplot pro with trial key. And after I launch console it write to me: Warning! The following modules could not be loaded! C:/metasploit/apps/pro/vendor/bundle/rudy/2.3.0/gems/metasplot-framework-4.17.11/modules/auxiliary/dos/smb/smb_loris.rb: Msf::Modules::Error Failed to load module <dos/smb/smb_loris from C:/metasploit/apps/pro/vendor/bundle/rudy/2.3.0/gems/metasplot-framework-4.17.11/modules/auxiliary/dos/smb/smb_loris.rb> due to Invalid module <no MetasplotModule class or module name> But i have file in the following folder with following name! Any solutions?
Posted by Fozzy 7 months ago
This video shows how Jenkins integration works on Rapid7 InsightVM to assess vulnerabilities of Docker Images before they go production which is detailed at https://insightvm.help.rapid7.com/docs/containers-cicd-plugin https://youtu.be/5zjEHBANgbg
Posted by Omer SEN 7 months ago
Hi, I'd like to remove all the assets associated with a tag in Nexpose using Ruby client. But the assets are not being cleared after saving the tag. Any thoughts? tag = Nexpose::Tag.load(connection,tag_id) puts tag.associated_asset_ids // Lists all the asset ids tag.associated_asset_ids.clear puts tag.associated_asset_ids // It is empty tag.save(connection) Also, I'd like to know if it's a good practice to always delete the tags (maybe 2K) and create new ones on daily basis?
Posted by Anvesh Samineni 7 months ago
Dear Team, Greetings! We are new to Insight. The plan is to install Linux_Insight_Agent.zip as shared by our client and here is the zip content. -agent_installer.sh -cafile.pem -client.crt -client.key -config.json I have been going through your website to understand the process. However I had below questions. Q1) The current linux server version does not seem to be matching with what you mention in your website, so can we really proceed with the Linux_Insight_Agent setup as mentioned above? our server shows this version [wcsadmin@sit-wcs-01 bin]$ uname -r 3.10.0-514.2.2.el7.x86_64 which is not matching with yours mentioned in https://insightagent.help.rapid7.com/docs/operating-system Q2) It was told to disable auditd service in Linux? Will it not impact the existing linux applications? I see this is already installed in our machines at /var/log/audit (hope this is one? also please let us know how can we disable that) Q3) Should we install the insight Agent as root user or a separate use has to be created or can we use one of existing users like wcsadmin? Q4) Are we supposed to take any backup files on servers before proceeding with installation? Q5) Please brief the procedure of testing after the installation process. Please explain the entire process clearly so that we don't run into issues. Expecting your valuable reply at the earliest. Thank you very much. Best Regards, MuraliKrishna
Posted by MuraliKrishna 7 months ago
How can i tell if it is working, i have used netstat and found multiple things running on 0.0.0.0:3790 127.0.0.1:3790 etc thus i assume it is running furthermore which browsers should i try, so far i habe used chrome thanks
Posted by not a chancw 7 months ago
Hi Team I am new to Rapid 7 / Nexpose Vulnerability tool Is there any way I can get the Vulnerability report by each application wise counts like Windows 2008 - 200 Vuln count - ( 50 Low, 125 - Medium and 25 HIgh severity Windows 2012 - 175 Vuln count ( ||) Windows 2003 - Adobe reader Adobe flash Adobe coldfusion MS outlook IIS MS office etc.
Posted by Vishu Kumar 7 months ago
I have created "SCAP Compatible XML Export template" report and when i tried to download the report and saved as XML. Its downloading with no tag. Previously we use to get the report with tag. Is there anything missing and how to troubleshoot on this issue.
Posted by Sandoss Kumar 7 months ago
Hi, I am using Kali Linux in Virtualbox I do following commands use exploit/multi/handler set PAYLOAD windows/meterpreter/reverse_http set LHOST 10.0.2.15 set LPORT 8080 exploit After that, only I get this: http://prntscr.com/kvedxl The payload handler not starting. Any advice.. Thank you!
Posted by emo 7 months ago