Knowledge Base

Ask A Question

Questions

5

Please Help (https://localhost:3790) Setup Error

If you could help me identify a problem with Metasploit I would greatly appreciate it. After installing, and running the https://localhost:3790 (Metasploit ui) I get this error: "PG::ConnectionBad (could not connect to server: Connection refused (0x0000274D/10061) Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 7337? could not connect to server: Connection refused (0x0000274D/10061) Is the server running on host "localhost" (127.0.0.1) and accepting TCP/IP connections on port 7337? ): activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `initialize' activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `new' activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:651:in `connect' activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:242:in `initialize' activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `new' activerecord (4.2.10) lib/active_record/connection_adapters/postgresql_adapter.rb:44:in `postgresql_connection' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:438:in `new_connection' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:448:in `checkout_new_connection' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:422:in `acquire_connection' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in `block in checkout' C:/metasploit/ruby/lib/ruby/2.3.0/monitor.rb:214:in `mon_synchronize' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in `checkout' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in `block in connection' C:/metasploit/ruby/lib/ruby/2.3.0/monitor.rb:214:in `mon_synchronize' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in `connection' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:571:in `retrieve_connection' activerecord (4.2.10) lib/active_record/connection_handling.rb:113:in `retrieve_connection' activerecord (4.2.10) lib/active_record/connection_handling.rb:87:in `connection' activerecord (4.2.10) lib/active_record/query_cache.rb:51:in `restore_query_cache_settings' activerecord (4.2.10) lib/active_record/query_cache.rb:43:in `rescue in call' activerecord (4.2.10) lib/active_record/query_cache.rb:31:in `call' activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call' activesupport (4.2.10) lib/active_support/callbacks.rb:88:in `__run_callbacks__' activesupport (4.2.10) lib/active_support/callbacks.rb:778:in `_run_call_callbacks' activesupport (4.2.10) lib/active_support/callbacks.rb:81:in `run_callbacks' actionpack (4.2.10) lib/action_dispatch/middleware/callbacks.rb:27:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/remote_ip.rb:78:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call' railties (4.2.10) lib/rails/rack/logger.rb:38:in `call_app' railties (4.2.10) lib/rails/rack/logger.rb:20:in `block in call' activesupport (4.2.10) lib/active_support/tagged_logging.rb:68:in `block in tagged' activesupport (4.2.10) lib/active_support/tagged_logging.rb:26:in `tagged' activesupport (4.2.10) lib/active_support/tagged_logging.rb:68:in `tagged' railties (4.2.10) lib/rails/rack/logger.rb:20:in `call' request_store (1.4.0) lib/request_store/middleware.rb:19:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/request_id.rb:21:in `call' rack (1.6.8) lib/rack/methodoverride.rb:22:in `call' rack (1.6.8) lib/rack/runtime.rb:18:in `call' activesupport (4.2.10) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call' actionpack (4.2.10) lib/action_dispatch/middleware/static.rb:120:in `call' rack (1.6.8) lib/rack/sendfile.rb:113:in `call' railties (4.2.10) lib/rails/engine.rb:518:in `call' railties (4.2.10) lib/rails/application.rb:165:in `call' railties (4.2.10) lib/rails/railtie.rb:194:in `public_send' railties (4.2.10) lib/rails/railtie.rb:194:in `method_missing' thin (1.7.2) lib/thin/connection.rb:86:in `block in pre_process' thin (1.7.2) lib/thin/connection.rb:84:in `catch' thin (1.7.2) lib/thin/connection.rb:84:in `pre_process' thin (1.7.2) lib/thin/connection.rb:53:in `process' thin (1.7.2) lib/thin/connection.rb:39:in `receive_data' eventmachine (1.2.5) lib/eventmachine.rb:194:in `run_machine' eventmachine (1.2.5) lib/eventmachine.rb:194:in `run' thin (1.7.2) lib/thin/backends/base.rb:73:in `start' thin (1.7.2) lib/thin/server.rb:162:in `start' thin (1.7.2) lib/thin/controllers/controller.rb:87:in `start' thin (1.7.2) lib/thin/runner.rb:203:in `run_command' thin (1.7.2) lib/thin/runner.rb:159:in `run!' thin (1.7.2) bin/thin:6:in `<top (required)>' thin_service.rb:68:in `load' thin_service.rb:68:in `block in service_init' HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=utf-8 Content-Length: 3614 X-Request-Id: 03d50b9b-8a51-47ee-9543-204e10e567d5 X-Runtime: 4.056651 Connection: close Server: thin <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!-- NOTE: This file is loaded via file:/// not https://. It is very important that all links be relative to the current directory. DO NOT RELY ON ROOT LINKS: (.e.g. /foo/bar) --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html;charset=UTF-8" /> <title>Bam! Application Error</title> <link rel="stylesheet" type="text/css" href="/errors.css" /> </head> <body><div id='wrap'> <div class='orange-strip'> </div> <div class='r7bottom-strip'> </div> <script type='text/javascript'> var div = document.createElement && document.createElement('div'); if (div) div.innerHTML = '<svg/>'; window['hasSvg'] = (div.firstChild && div.firstChild.namespaceURI == 'http://www.w3.org/2000/svg'); // check for SVG support. if supported, add some styles if (!window['hasSvg']){ document.body.onload = function() { document.body.style.padding = 0; document.body.style.margin = 0; document.body.style.background = '#f3f3f3'; document.body.style.backgroundImage = 'url(/assets/tileable_contours_white.jpg)'; document.body.style.backgroundRepeat = 'repeat'; var bottom = document.getElementsByClassName('r7bottom-strip')[0]; bottom.style.display = 'none'; var svn = document.getElementsByClassName('seven-bg')[0]; svn.style.display = 'none'; var svg = document.getElementsByTagName('svg')[0]; svg.parentNode.removeChild(svg); } } </script> <script>if (!window['hasSvg']) document.write('<!--');</script> <svg class='seven-bg' preserveAspectRatio="none" version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 200 100" enable-background="new 0 0 200 100" xml:space="preserve"> <pattern id="img1" patternUnits="userSpaceOnUse" width="100" height="100"> <image preserveAspectRatio="xMinYMin" xlink:href="/assets/tileable_contours_white.jpg" x="0" y="0" width="100" height="100" /> </pattern> <g> <image overflow="visible" opacity="0.2" width="954" height="517" xlink:href="/seven_shadow.png" transform="matrix(0.24 0 0 0.24 -19.0732 -11)"> </image> </g> <polyline fill="url(#img1)" points="0.148,0 199.801,0 142.437,100 0.148,100 0.148,100 44.406,32.874 -2.08,32.874 -5.073,0.785 "/> </svg> <script>if (!window['hasSvg']) document.write('-->');</script> <div id='box-wrap'> <div id="box"> <div class="dialog-row"> <div class="before"></div> <div class="center" id="frame"> <div class='stripe'></div> <img src="/logo_pro_black_new_overlay.png" class='header'> <img src="/r7logo_new_dark.png" class='logo'> <div class="content"> <p class="justify">The Metasploit application encountered an error and was not able to process your request. If the problem persists, please visit the <a href="http://www.rapid7.com/customers/customer-login.jsp">Rapid7 Customer Center</a>. Users of the Community Edition are encouraged to use the <a href="https://community.rapid7.com/community/metasploit/">Rapid7 Community forums</a> for assistance. </p> <p style='text-align:center'><b><span style='font-size:1.5em'>&raquo;</span> Return to your <a href="javascript:history.back()">previous location</a></b></p> </div> </div> </div></div> </body> </html> "

Posted by Amy Hicks 11 months ago

13

Using the new RESTful API v3

I am using Alteryx to delete assets that I group using dynamic asset groups. I have a workflow in Alteryx where you just have to change the asset group IDs in the first step and let it run. I do not know if we can do attachments so here is the XML. If you have Alteryx, just save it as a .yxmd file. ```xml <?xml version="1.0"?> <AlteryxDocument yxmdVer="11.7"> <Nodes> <Node ToolID="5"> <GuiSettings Plugin="AlteryxBasePluginsGui.TextInput.TextInput"> <Position x="54" y="126" /> </GuiSettings> <Properties> <Configuration> <NumRows value="2" /> <Fields> <Field name="url" /> </Fields> <Data> <r> <c>https://nexposeconsole:3780/api/3/asset_groups/74/assets</c> </r> <r> <c>https://nexposeconsole:3780/api/3/asset_groups/75/assets</c> </r> </Data> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxTextInput" /> </Node> <Node ToolID="6"> <GuiSettings Plugin="AlteryxConnectorGui.Download.Download"> <Position x="162" y="126" /> </GuiSettings> <Properties> <Configuration> <URLField>url</URLField> <OutputMode>String</OutputMode> <CodePage>65001</CodePage> <EncodeURLs value="True" /> <Headers> <NameValues> <Item name="Authorization" value="Basic NzAwNjc6b2tvbzNvaFc=" /> </NameValues> <Fields orderChanged="False"> <Field name="url" selected="False" /> <Field name="*Unknown" selected="False" /> </Fields> </Headers> <Payload> <HTTPAction>GET</HTTPAction> <QueryStringBodyMode>Compose</QueryStringBodyMode> <ComposeNameValues /> <ComposeFields orderChanged="False"> <Field name="url" /> <Field name="*Unknown" selected="False" /> </ComposeFields> </Payload> <UserName /> <Password /> <numConnections>2</numConnections> <Timeout>600</Timeout> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxConnectorEngine.dll" EngineDllEntryPoint="AlteryxDownload" /> </Node> <Node ToolID="8"> <GuiSettings Plugin="AlteryxBasePluginsGui.JSONParse.JSONParse"> <Position x="282" y="126" /> </GuiSettings> <Properties> <Configuration> <JSON_Field>DownloadData</JSON_Field> <IncludeInOutput value="False" /> <SingleField value="True" /> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxJSONParse" /> </Node> <Node ToolID="9"> <GuiSettings Plugin="AlteryxBasePluginsGui.Filter.Filter"> <Position x="390" y="126" /> </GuiSettings> <Properties> <Configuration> <Expression>Contains([JSON_Name],"links") AND Contains([JSON_Name],"id")</Expression> <Mode>Custom</Mode> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText>Contains([JSON_Name],"links") AND Contains([JSON_Name],"id")</DefaultAnnotationText> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxFilter" /> </Node> <Node ToolID="10"> <GuiSettings Plugin="AlteryxBasePluginsGui.TextInput.TextInput"> <Position x="390" y="54" /> </GuiSettings> <Properties> <Configuration> <NumRows value="1" /> <Fields> <Field name="url" /> </Fields> <Data> <r> <c>https://nexposeconsole:3780/api/3/assets/</c> </r> </Data> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxTextInput" /> </Node> <Node ToolID="14"> <GuiSettings Plugin="AlteryxBasePluginsGui.AlteryxSelect.AlteryxSelect"> <Position x="486" y="114" /> </GuiSettings> <Properties> <Configuration> <OrderChanged value="False" /> <CommaDecimal value="False" /> <SelectFields> <SelectField field="JSON_ValueString" selected="True" /> <SelectField field="*Unknown" selected="False" /> </SelectFields> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxSelect" /> </Node> <Node ToolID="15"> <GuiSettings Plugin="AlteryxBasePluginsGui.AppendFields.AppendFields"> <Position x="618" y="102" /> </GuiSettings> <Properties> <Configuration> <CartesianMode>Allow</CartesianMode> <SelectConfiguration> <Configuration outputConnection="Output"> <OrderChanged value="False" /> <CommaDecimal value="False" /> <SelectFields> <SelectField field="Target_url" selected="True" type="V_WString" size="128" /> <SelectField field="Source_JSON_ValueString" selected="True" rename="id" /> <SelectField field="*Unknown" selected="True" /> </SelectFields> </Configuration> </SelectConfiguration> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxAppendFields" /> </Node> <Node ToolID="17"> <GuiSettings Plugin="AlteryxBasePluginsGui.Formula.Formula"> <Position x="714" y="102" /> </GuiSettings> <Properties> <Configuration> <FormulaFields> <FormulaField expression="[url] + [id]" field="url" size="128" type="V_WString" /> </FormulaFields> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText><![CDATA[url = [url] + [id] ]]></DefaultAnnotationText> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxFormula" /> </Node> <Node ToolID="18"> <GuiSettings Plugin="AlteryxBasePluginsGui.AlteryxSelect.AlteryxSelect"> <Position x="798" y="102" /> </GuiSettings> <Properties> <Configuration> <OrderChanged value="False" /> <CommaDecimal value="False" /> <SelectFields> <SelectField field="id" selected="False" /> <SelectField field="*Unknown" selected="True" /> </SelectFields> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxSelect" /> </Node> <Node ToolID="19"> <GuiSettings Plugin="AlteryxConnectorGui.Download.Download"> <Position x="906" y="102" /> </GuiSettings> <Properties> <Configuration> <URLField>url</URLField> <OutputMode>String</OutputMode> <CodePage>65001</CodePage> <EncodeURLs value="True" /> <Headers> <NameValues> <Item name="Authorization" value="Basic NzAwNjc6b2tvbzNvaFc=" /> </NameValues> <Fields orderChanged="False"> <Field name="url" selected="False" /> <Field name="*Unknown" selected="False" /> </Fields> </Headers> <Payload> <HTTPAction>DELETE</HTTPAction> <QueryStringBodyMode>Compose</QueryStringBodyMode> <ComposeNameValues /> <ComposeFields orderChanged="False"> <Field name="url" /> <Field name="*Unknown" selected="False" /> </ComposeFields> </Payload> <UserName /> <Password /> <numConnections>32</numConnections> <Timeout>1800</Timeout> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxConnectorEngine.dll" EngineDllEntryPoint="AlteryxDownload" /> </Node> <Node ToolID="20"> <GuiSettings Plugin="AlteryxBasePluginsGui.BrowseV2.BrowseV2"> <Position x="1002" y="102" /> </GuiSettings> <Properties> <Configuration> <TempFile>C:\Users\70067\AppData\Local\Temp\Engine_12420_d4696e9d270645cc83b4a594da21ebc4_\Engine_8880_a37de90efc084fb08e51d01450242f6d_.yxdb</TempFile> <TempFileDataProfiling /> <Layout> <ViewMode>Single</ViewMode> <ViewSize value="100" /> <View1> <DefaultTab>Profile</DefaultTab> <Hints> <Table /> </Hints> </View1> <View2 /> </Layout> </Configuration> <Annotation DisplayMode="0"> <Name /> <DefaultAnnotationText /> <Left value="False" /> </Annotation> </Properties> <EngineSettings EngineDll="AlteryxBasePluginsEngine.dll" EngineDllEntryPoint="AlteryxBrowseV2" /> </Node> </Nodes> <Connections> <Connection> <Origin ToolID="5" Connection="Output" /> <Destination ToolID="6" Connection="Input" /> </Connection> <Connection> <Origin ToolID="6" Connection="Output" /> <Destination ToolID="8" Connection="Input" /> </Connection> <Connection> <Origin ToolID="8" Connection="Output" /> <Destination ToolID="9" Connection="Input" /> </Connection> <Connection> <Origin ToolID="9" Connection="True" /> <Destination ToolID="14" Connection="Input" /> </Connection> <Connection> <Origin ToolID="10" Connection="Output" /> <Destination ToolID="15" Connection="Targets" /> </Connection> <Connection> <Origin ToolID="14" Connection="Output" /> <Destination ToolID="15" Connection="Source" /> </Connection> <Connection> <Origin ToolID="15" Connection="Output" /> <Destination ToolID="17" Connection="Input" /> </Connection> <Connection> <Origin ToolID="17" Connection="Output" /> <Destination ToolID="18" Connection="Input" /> </Connection> <Connection> <Origin ToolID="18" Connection="Output" /> <Destination ToolID="19" Connection="Input" /> </Connection> <Connection> <Origin ToolID="19" Connection="Output" /> <Destination ToolID="20" Connection="Input" /> </Connection> </Connections> <Properties> <Memory default="True" /> <GlobalRecordLimit value="0" /> <TempFiles default="True" /> <Annotation on="True" includeToolName="False" /> <ConvErrorLimit value="10" /> <ConvErrorLimit_Stop value="False" /> <CancelOnError value="False" /> <DisableBrowse value="False" /> <EnablePerformanceProfiling value="False" /> <DisableAllOutput value="False" /> <ShowAllMacroMessages value="False" /> <ShowConnectionStatusIsOn value="True" /> <ShowConnectionStatusOnlyWhenRunning value="True" /> <ZoomLevel value="0" /> <LayoutType>Horizontal</LayoutType> <MetaInfo> <NameIsFileName value="True" /> <Name>Delete Assets in Asset Group</Name> <Description /> <RootToolName /> <ToolVersion /> <ToolInDb value="False" /> <CategoryName /> <SearchTags /> <Author /> <Company /> <Copyright /> <DescriptionLink actual="" displayed="" /> <Example> <Description /> <File /> </Example> </MetaInfo> <Events> <Enabled value="True" /> </Events> </Properties> </AlteryxDocument>

Posted by Jasey DePriest 11 months ago

1

Scan Problem

Hi, I have a problem with Nexpose. When i want to do a scan (On a site or just on a IP), i have an error : Scan action failed : java.lang.runtimeexception : Error while parsing apple-safari-cve-2017-13866.xml. When i come back to the welcome page of my software, i can see that the scan is running but detect anything. In order to stop the scan i have to reboot the computer where nexpose is installed. Below you can find an extract of the nsc.log : 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] Entry debian-upgrade-openjdk-8.sol not found in C:\Program Files\rapid7\nexpose\plugins\java\1\DebianDEBScanner\1\solns.jar. Please update to the latest product version. 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] debian-upgrade-openjdk-8.sol not found. Please update to the latest product version. 2018-01-09T23:02:07 [ERROR] [Thread: Scheduled Execution Thread: Daily History Updater [SiloID: default]DailyHistoryJob-default|RiskUpdateJob-default|DailyAssetGroupUpdateJob-default] Unable to execute scheduled job. For you information i have the last version of Nexpose (Version 6.4.67,Edition Enterprise). Can you help me please ? Thanks in advance. Regards Olivier DONDEYNE +33 5 57 10 95 02

Posted by Olivier Dondeyne 11 months ago