Hello. I installed Metasploit but after installing it I don't get an option to create a username and password,so I can't login. Also when I downloaded it I was expecting to receive an email and I am still to get the email.
Posted by Gbenga Sogbetun about a year ago
As a customer moves to aggressively remediate findings, the issue surfaced with detected internal assets and cert issues. Although this is not to be dismissed, I would like to find a way to add a exception targeting findings with "ssl-self-signed-certificate" and "ts-untrusted-ca" findings. One approach is to create a dynamic asset group targeting internally facing assets with any certificate issue in the vulnerability title. This seems a bit risky, since there is no specific way to mark these, its possible to miss something important. Any suggestions?
Posted by JC about a year ago
Hello, I have Kali Linux 64-bit on VMware Player 14 and Windows Server 2016 Host. I scanned my target with Rapid7 Nexpose (or InsightVM) and found a Vulnerability. Now, I'm in Kali VM with Metasploit. After navigating to "use auxiliary/scanner/ntp/ntp_unsettrap_dos" I enter in the RHOST and run. I get the error: Auxiliary failed: NoMethodError undefined method `size' for #<Rex::Proto::NTP::NTPControl:0x0055d6437416b0> Does anyone know how I can fix this problem? I don't know what 'size' is. I tried "set NUM 0" but I got the same error. "Show options" shows: msf auxiliary(ntp_unsettrap_dos) > show options Module options (auxiliary/scanner/ntp/ntp_unsettrap_dos): Name Current Setting Required Description ---- --------------- -------- ----------- BATCHSIZE 256 yes The number of hosts to probe in each set FILTER no The filter string for capturing traffic INTERFACE no The name of the interface PCAPFILE no The name of the PCAP capture file to process RHOSTS X.X.X.X yes The target address range or CIDR identifier RPORT 123 yes The target port (UDP) SNAPLEN 65535 yes The number of bytes to capture THREADS 16 yes The number of concurrent threads TIMEOUT 100000000 yes The number of seconds to wait for new data I obvisouly marked out the RHOSTS. Can anyone help me with this error so I can run Metasploit? Please reply. Thanks!
Posted by Mike Held about a year ago
Je viens d'installer Rapid7 Security console de Nexpose sur un serveur sous Windows Server 2012 R2, quand je lance la console depuis le lien https://localhost:3780 et je me logue je reçois le message suivant (VM has reported the following error:Critical error during initialization: null). Durant l'instalation un fichier nommé error est généré sur le bureau du VM, ci-dessous son contenu. In action "nexserv.ico [Run script]" (screen "CustomInstallationScreen"), property "Script": java.io.FileNotFoundException: C:\Program Files\rapid7\nexpose\nsc\nexserv.ico (Accès refusé) at java.io.FileOutputStream.open0(Native Method) at java.io.FileOutputStream.open(FileOutputStream.java:270) at java.io.FileOutputStream.<init>(FileOutputStream.java:213) at java.io.FileOutputStream.<init>(FileOutputStream.java:162) at com.exe4j.runtime.util.FileUtil.copyFile(FileUtil.java:20) at com.install4j.script.I4jScript_Internal_157.eval(I4jScript_Internal_157.java:6) at com.install4j.script.I4jScript_Internal_157.evaluate(I4jScript_Internal_157.java:*29) at com.install4j.runtime.installer.helper.Script.evaluate(Script.java:33) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:188) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:182) at com.install4j.runtime.beans.actions.control.RunScriptAction.execute(RunScriptAction.java:34) at com.install4j.runtime.beans.actions.SystemInstallOrUninstallAction.install(SystemInstallOrUninstallAction.java:29) at com.install4j.runtime.installer.ContextImpl$7.executeAction(ContextImpl.java:1668) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1659) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1656) at com.install4j.runtime.installer.helper.comm.actions.FetchObjectAction.execute(FetchObjectAction.java:14) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionDirect(HelperCommunication.java:274) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionInt(HelperCommunication.java:249) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionChecked(HelperCommunication.java:187) at com.install4j.runtime.installer.helper.comm.HelperCommunication.fetchObjectChecked(HelperCommunication.java:170) at com.install4j.runtime.installer.ContextImpl.performActionIntStatic(ContextImpl.java:1656) at com.install4j.runtime.installer.InstallerContextImpl.performActionInt(InstallerContextImpl.java:151) at com.install4j.runtime.installer.ContextImpl.performAction(ContextImpl.java:1103) at com.install4j.runtime.installer.controller.Controller.executeAction(Controller.java:368) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:334) at com.install4j.runtime.installer.controller.Controller.executeActionGroup(Controller.java:405) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:339) at com.install4j.runtime.installer.controller.Controller.handleCommand(Controller.java:195) at com.install4j.runtime.installer.controller.Controller.start(Controller.java:94) at com.install4j.runtime.installer.Installer.runInProcess(Installer.java:59) at com.install4j.runtime.installer.Installer.main(Installer.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:65) at com.exe4j.runtime.WinLauncher.main(WinLauncher.java:101) at com.install4j.runtime.launcher.WinLauncher.main(WinLauncher.java:26)
Posted by Walid Daidai about a year ago
How do you delete a recurring report? We have some recurring reports that are no longer needed. I can see the reports scheduled in the Calendar. I cannot find where these scheduled items are stored so that I can delete and prevent them from running again.
Posted by Scott Meyer about a year ago
Hello, I'm currently unable to install appspider on my system. The installation log shows, that the signature check fails after downloading the GUI resources during the installation process. A manual installation of the resources did not solve the problem. How can I proceed with the installation?
Posted by Tobias Ludwig about a year ago
Is it possible to run nexpose scan against your environment. We have a windows server box that host multiple Linux servers, of which one of them houses the nexpose scan engine. If it possible, how do we do it? What do need to avoid? In the online documentation https://metasploit.help.rapid7.com/v1.1/docs/discovery-scan - where would I reference it?
Posted by Gene about a year ago
I am looking for a very simple report or export that will give me a count of "like devices" or "like O/S's" based on a discovery scan. Kind of like the example below. My management is interested in an inventory type report that is emailed directly from Nexpose after a monthly discovery scan is run. Discovery SCAN Report & Review US Discovery SCAN = 2,000 Total IP's Discovered Desktops = 50 Servers = 60 Firewalls = 5 Routers = 15 Switches = 100 . . .
Posted by Mario Aguilar about a year ago
![Our Nexpose Issue](https://imgur.com/mYuShxG "Our Nexpose Issue") Distributor ID: Ubuntu Description: Ubuntu 14.04.5 LTS Release: 14.04 Codename: trusty After applying updates, our web-interface no longer finishes "Loading". We are unable to click on and use any elements of the web-interface. Anyone else had this happen to them?
Posted by Dustin Davis about a year ago
While attempting to setup LDAP/AD authentication I was unable to see results from the logs. Is there some other location or did I not set it up properly? I am looking in /var/log/auth.log and when attempting to log in with my test user I do not get any feedback in the log file. This is with an updated install Ubuntu 16.04 with the InsightSetup-Linux-64 binary.
Posted by Richard Anderson about a year ago
Hello Expert, I would like to do a SQL query with Hostname,Os, IP, protocole used like SSH or snmp and credentials status I start my query with this: SELECT asset_id, name, credential_status_description, FROM dim_asset_service_credential JOIN dim_credential_status USING(credential_status_id) JOIN dim_service USING(service_id) What shoul i add to achive my query. Thank You Sebas
Posted by sebas about a year ago
Hey all, I've been playing around with the reverse http payloads on my Kali machine. Now inside the LAN I've configured them all good, everything's very simple. However when configuring the payload to work over WAN, I've configured as following : On the payload itself : Lhost - Public IP (The WAN leg of my router) Lport - My external port On the handler itself : Lhost - Private IP (The IP of the kali machine at the router's internal LAN interface 10.0.0.0/24 range) Lport - Same as my external port, though it makes no difference since I'm using port forwarding and can set it to whatever I like. On the router I've configured forwarding from the external port to the handler's IP and port configured. I've done port forwarding to another server in my LAN, and it works great for the past few months. If I use the reverse shell on a workstation inside the LAN (For example 10.0.1.15), even though the payload sends the shell to the router WAN leg (72.x.x.x) it still reaches the handler (10.0.0.200) However when attempting to do so from outside the LAN, nothing happens. For testing purposes I've put up an apache service on the kali machine, set it up and made it accessible from the LAN. Set up port forwarding to it, and tested accessing it from the public IP. When I've tried from the LAN, it worked. But when attempting to access it from the WAN, the browser says the response took too long, behaving like the packet got dropped from a firewall. This behavior sounds more related to the specific Kali machine I'm using, however I've disabled it's firewall (Which it didn't have to begin with, downloaded ufw and then disabled it lol). TL;DR My Kali machine responds to requests sent to the WAN IP if being requested from a LAN station, but does not respond to requests sent to the WAN IP from a WAN station. Will appreciate any attempt to help!
Posted by Yigal van Dongen about a year ago
We recently had to reinstall Nexpose and when we did it reset the auto-incremental site id back to 1. This is causing an issue with an external application which uses the id within our database. Now when we import scan data into our database we have duplicate Nexpose id's from older scan executions. My question is... Is there some way within Nexpose to set the auto-incremental id to a id higher than what we already are using? Instead of integer values can we use GUID's perhaps? Thanks Bill
Posted by Bill Owens about a year ago