Hey all...I was curious to see if anyone has come up with a successful SQL query that will pull CVE and their corresponding KBs? I read through SQL Query Export Example: Vulnerability Coverage. It states, "Wait, actually these are Microsoft advisories, so where are the KBs? I want the KBs!! Try expanding the example above for CVEs to pull out Microsoft KB references yourself. If you have trouble, just ask us for help for check out the other posts in the support forum for guidance." I have done a little bit of research and i'm not having any luck. I'm not the best at writing these, so I thought maybe this forum would be a great place to start. Thanks in advance!
Posted by David Nolen 8 months ago
Hi, Looking to run an exploit to take control of the AD , I have the following exploit but obviously need to connect to it first , using this http://www.hackingarticles.in/penetration-testing-windows-server-active-directory-using-metasploit-part-1/ https://www.rapid7.com/db/modules/post/windows/gather/enum_ad_users I assume I need Domain admin to get this. What do I need to start this exploit ? Thanks
Posted by paul smith 8 months ago
Attempting to run a query. Select report on selected assets. Attempt to make a selection of IP Addresses. Regardless of the criterion used, the query returned all the IP Addresses - apparently ignoring the report on selected assets criterion. The objective was to report on IP Addresses xxx.yyy.zzz.??? When using a WHERE clause in the query "WHERE ip_address like 'xxx.yyy.zzz%', no records were returned.
Posted by Ronald J. Dillon 8 months ago
1)I have created a custom tag which would include 20000 assets,is there a way to add all the assets in a go as I can see Nexpose allows only 500 at a time to add to a tag. 2)After creating a tag and then when we tie to the scan,will those assets added to the tag automatically get scanned?
Posted by MJ 8 months ago
Since the old community used to actually provide useful assistance and information and this new site is pretty much useless. Can anyone tell me where I can find information, examples, etc on Nexpose SQL Queries? Most of the searches for SQL Queries on this site say we don't provide any assistance with that (the old community used to). The Help KB has very few examples and no way to ask for assistance. Someone has to know where to get assistance or at the very least a cache of sql queries that I might be able to tweak to suit my needs.
Posted by Kevin Schramm 9 months ago
I am deploying a scan engine on Azure. I have followed the instructions here: https://kb.help.rapid7.com/docs/deploying-a-nexpose-scan-engine-in-microsoft-azure After the infrastructure is setup, following step 9, there is the instruction to: "Log in to the Nexpose console via the web browser" As a windows server person new to Linux, how exactly does one know what port to use? If I open an inbound rule to 80 and try to connect, it just refuses the connection like nothing is there. TIA!
Posted by James 9 months ago
Hi In our org there are a number of sources for vulnerability data - some produced by Rapid7 and some produced by other tools. Is there a way to import the vulnerability data produced by tools other than Rapid7/Nexpose into insightVM so that dashboards can be created for all vul's in one place ? e.g. is there a format for a csv file to allow it to be imported into InsightVM ? Thanks Stephen
Posted by Stephen Carolan 9 months ago
Hi everybody, i'm on a PC with Kali Linux OS. I've got metasploitable 2 installed on a VM (vmware). Everything works fine, but now I have to connect to the MS2 web application DVWA trough a local proxy (because i've to intercept traffic with Burpsuite). When i had Firefox ESR i had no problem even with proxy, but now i have Firefox Quantum (61.0.1 64 bits). When i change my network option to proxy 127.0.0.1:8080, i can't open my MS2 while i can easily reach MS2 without proxy. Is there a problem with Firefox quantum ? Can i solve this problem ? Thanks for your Help (I hope you've understood everything, because english is not my mother tongue) Francesco
Posted by francesco fortis 9 months ago
According to my PCI Host Details Report, I went from 100% PCI compliance to 55% compliance. All my assets have a PCI Compliance Status of Pass but the host report has started marking many Ciphers as failures like: Undefined CVE, TLS/SSL Server Supports The Use of Static Key Ciphers Undefined CVE, Diffie-Hellman group smaller than 2048 bits Undefined CVE, TLS/SSL Server Is Using Commonly Used Prime Numbers Just last week these were not failures and now they are, but just in the PCI Host Details report. When I look at the assets in InsightVM they all have a PCI Compliance Status of Pass. Am I missing something?
Posted by Scott Hoopes 9 months ago
No matter what I do, or browsers I try, the button for "download certificate" in insight ops to set up a Syslog trust for a firewall does not work. The button does not react, and I cannot download the cert. Where else can I get it, unencrypted logging is not an option.
Posted by Tyler Kerr 9 months ago