Hi, I'm scanning a french OS with template CIS. Administrators is Administrateurs in french. So because of that I have some false checks with CIS. So I would like to modify some checks. I did a copy and after that I opened the files in the directory \\...\custom-policy\... It's not easy to change the files. How can I do ?
Posted by gerard 12 months ago
Currently Cross-Site Request Forgery (CSRF) is set to Low in AppSpider. We want to change this in to a Medium for all our scans. When I go into Advanced Options -> AttackPolicyConfig -> AttackPolicyModuleList -> CrossSite Request Forgery (CSRF) -> Severity to Medium. I saved and reran. But the scan is still showing these vulnerabilities as Low. Any ideas?
Posted by chris birely 12 months ago
I'm using the query below and filtering based on asset group (ex: servers, clients, or net gear) and need to add a column that shows total assets for each site. Is that possible, if so how? SELECT ds.name, dsc.finished AS last_scanned, dss.description, fs.vulnerabilities, fs.critical_vulnerabilities, fs.moderate_vulnerabilities, fs.malware_kits, fs.exploits, fs.riskscore FROM fact_site fs JOIN dim_site ds USING (site_id) JOIN dim_scan dsc ON ds.last_scan_id = dsc.scan_id JOIN dim_scan_status dss USING (status_id) ORDER BY ds.name ASC
Posted by Doug Schaible 12 months ago
We have over a thousand printers and, when scanned on port 9100, many of them print out 10 pages of garbage. How do other people handle this? I'm being asked by the help desk and the networking team to just "not scan port 9100 or exclude all printers from scans" but that is a terrible solution that increases our risk level. At the same time, wasting 5,000 sheets of paper a day and wasting people's time is a terrible solution.
Posted by Jasey DePriest 12 months ago
I just want to check the status of questions I've already asked, but I have to ask a new question to be able to log in. Why isn't there a profile or account page for users? Why don't have I have a dashboard that can easily show me questions I've asked, tried to answer, or just "liked"?
Posted by Jasey DePriest 12 months ago
Hello, Can someone please give me a hand updating the SQL query below to include the last scan date associated with each asset in the SQL query below? WITH assets_scanned_today AS ( SELECT DISTINCT(asset_id) FROM dim_asset_scan WHERE scan_finished > (NOW() - INTERVAL '27 hours') ) SELECT dt.tag_name AS tag_name, da.asset_id, da.ip_address, sites AS name, COALESCE(da.host_name, 'R7-DEV-ID-' || da.asset_id) devicename, da.mac_address, dos.description AS operating_system FROM dim_asset da JOIN dim_tag_asset USING (asset_id) JOIN dim_scope_tag USING (tag_id) JOIN dim_tag dt USING (tag_id) JOIN dim_operating_system dos USING (operating_system_id) JOIN dim_site_asset sa USING (asset_id) WHERE asset_id IN (SELECT asset_id FROM assets_scanned_today) ORDER BY dt.tag_name, da.ip_address
Posted by Chad Viola 12 months ago
I am fairly new to Metasploit (and subsequently Meterpreter) so please bear that in mind in your response.. I have a root access to a VPS with at dedicated IP address. In this scenario, the target machine is running Windows and is inside a remote network. Setting aside the logistics of firewalls and AV software, is there a way to use my VPS as a static point of connection (listener?) for Meterpreter? Or is it possible to use my VPS as just a passthrough for Meterpreter, where the intending end point is the attackers private network? I took a look at an article that talks about using portfwd in Meterpreter but it appears as though I would have to have Meterpreter installed on my VPS in order to use portfwd...? Any and all knowledge/advice/criticism/expertise and welcomed and thanked. Tony
Posted by Tony W 12 months ago
So I installed Metasploit and went activating it and got this error message: Activation Failed: The connection was refused by the remote host (127.0.0.1:50505). How do I fix this?
Posted by Andrew de Jong about a year ago
Hi How can I find the port number where a vulnerability exists? Specifically if two instances of tomcat are running on different ports how that be reported to me? How can I identify vulnerability belongs to which? thanks.
Posted by NJ about a year ago
ok, so i have a car that has android installed on the screen. you know, you can download apps and stuff on it. normal android just designed like tablet. so i thought to myself:" i know how to hack android (kali linux APK trojan), what will happend if i hacked the car?" by "what will happend" i mean what can i do? remotely drive it or just regular things like sysinfo. thanks for help!
Posted by ori shamir about a year ago
Host: Ubuntu 16.04 Virtualbox 5.2.2 Having installed the VM on virtualbox it seems fine. The next time though upon starting up, the "Starting up... Loading, please wait..." Shows up for about 3 minutes. After that, this shows "Check root= bootarg cat /proc/cmdline or missing modules, devices: cat /proc/modules ls /dev Reading all physical volumes. This map take a while... ALERT! /dev/mapper/metasploitable-root does not exist. Dropping to a shell!" Its seems weird because it works fine the first time it is installed, but after that, the metasploitable-root file is missing and I have no idea why or how to fix it.
Posted by Martin Isaksson about a year ago
We have an external webpage on AWS for a landing page that also contains a training module. If I copied the source code of the external landing to the Metasploit landing page would that work? There is a link on the landing page to a training module that is also hosted on AWS. Thanks, Mike
Posted by Mike Sotace about a year ago
I am evaluating the trial version of your product and I would like to know how the risk score is being calculated in Rapid7. I read about the temporal and weighted model of risk score calculation but I was unable to understand the weighted model. On what basis is the weighted risk score calculated?
Posted by Priyanka Sunil Nair about a year ago