I see this: https://kb.help.rapid7.com/v1.0/discuss/59ad56cb8756a2003700a2cd But all it says is that Windows 10 isn't on the list BUT doesn't say it won't work. Will it or not? I've not been able to get it to work on Windows 10.
Posted by Fred Marshall about a year ago
All I get in scanning 16 IP addresses (internal LAN addresses) is: Failed (java.io.IOException: The Nmap exit value is not zero: -1073741819 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) ) What is to be done. I've uninstalled and reinstalled a few times now...
Posted by Fred Marshall about a year ago
Apparently Community changed.. I missed that one. So where are the comparable old forums with API script examples, people helping one another with API scripts, Custom SQL examples, people helping people with Custom SQL queries, and so forth? I'm not seeing any way to filter by product or sub-category and it makes it impossible to actually find the content I'm looking for.
Posted by Nate about a year ago
I have found many vulnerability databases online that contain confirmed vulnerabilities through crowdsourcing; however, they have yet to be assigned a CVE ID. Is there a way to scan for vulnerabilities without CVE IDs? Thanks
Posted by Devon Lewis about a year ago
Hi, When I'm trying to get a meterpreter session, all I get is this: msf exploit(handler) > exploit -j [*] Exploit running as background job 0. [*] Started reverse TCP handler on 10.0.2.7:4444 No 'Starting payload' or something in that direction. What do I need to do? I ran the payload on my target device. I ran it with and without admin privileges. I tried 100 different ways because I already asked this question on many forums. Hope you can help me.
Posted by Zoey about a year ago
Hello, i'm currently attempting to use brute force and I keep getting this stack trace: [*] [2017.11.27-15:38:25] This may take a while... [*] [2017.11.27-15:38:25] Creating mutated credential(s) for login 0 / 966 (0%) | Time: 00:00:00 | ETA: ??:??:?? [-] [2017.11.27-15:38:25] Auxiliary failed: NoMethodError undefined method `data' for nil:NilClass [-] [2017.11.27-15:38:25] Call stack: [-] [2017.11.27-15:38:25] C:/metasploit/apps/pro/modules/auxiliary/pro/bruteforce/quick.rb:148:in `block in apply_mutations' [-] [2017.11.27-15:38:25] C:in `each' [-] [2017.11.27-15:38:25] C:in `each' [-] [2017.11.27-15:38:25] C:/metasploit/apps/pro/modules/auxiliary/pro/bruteforce/quick.rb:146:in `apply_mutations' [-] [2017.11.27-15:38:25] C:/metasploit/apps/pro/modules/auxiliary/pro/bruteforce/quick.rb:76:in `run' I'm currently on a Windows 10 machine running Metasploit Pro 4.14.1 - Update 2017111501
Posted by Austin Wolfson about a year ago
I'm wondering if there is a way to automate the uninstall of the Rapid7 Insight Agent. So far I've only been able to uninstall from the Control Panel. Is there a silent cmd line cmdlet that can do this? I don't see and unistall.exe in the program directory either. thanks
Posted by josh horner about a year ago
We have a weekly SQL report that is telling us whether a scan was 'scheduled' or whether it was 'manual'. When the scans are scheduled, we'd like to see which user actually scheduled that scan. Then we can move our scheduled recurring scans to a service account, and separate out those from any one-off scans we schedule to run outside of business hours. Alternately if we can just report on which ones are recurring in the first place, that would accomplish the same thing. I can't seem to find these fields in the 'fact_scan' or 'dim_scan' schema, though. Is there a way to get this data without resorting to the Ruby gem? SELECT dim_site.name, started, finished, round(extract(EPOCH FROM (finished))-extract(EPOCH FROM (started))) as 'duration(s)', COUNT (asset_id) as assets, dss.description as status, dst.description as type FROM dim_scan JOIN dim_site_scan USING (scan_id) JOIN dim_site USING (site_id) JOIN dim_scan_type dst USING (type_id) JOIN dim_scan_status dss USING (status_id) JOIN dim_site_asset dsa USING (site_id) WHERE started > (current_date - interval '7 days') GROUP BY dim_site.name, started, finished, status, type ORDER BY started
Posted by Craig Rickel about a year ago
Hello and thanks for providing this forum. Our IT staff request that we provide them with reports that list vulnerability remediation grouped by server. They do not patch on a vulnerability by vulnerability basis, but rather sit at a server and remediate all of the vulnerabilities, and then move to the next server. I am looking for a template or SQL query that will list this information in the following way, or something similar if possible: Server001 Update to the latest version of Adobe Acrobat Server001 Update to the latest version of Java Server002 Update to the latest version of Mozilla Firefox They are not interested in how many vulnerabilities are present on each machine, that is our concern as the Security team. They are only interested in what needs to be done on each machine, grouped by machine. Thank you very much, and please have a nice day.
Posted by Monty Palmer about a year ago