Hello, I would like to automate metasploit post exploitation. As I i received meterpreter revese tcp session it will automatically upload and execute an other exe on target machine. I could not figure out how to do that . Hope some one has already done this then Please let me know. Thank You Regards Michael
Posted by Michael about a year ago
Hello. I've recently been unable to login to Nexpose. A couple of months ago I installed Nexpose (on Windows Server 2012 R2) and logged in successfully a number of times to use the program. Today I tried to login again and am unable to. Figuring that I'm just misremembering my password, I followed the instructions on this page [https://kb.help.rapid7.com/v1.0/docs/resetting-a-password], but am unsure how to "run the console command in the .DLLCACHE\NEXSERVE.EXE window". When I navigate to that file and double-click "NEXSERVE.EXE" , I get a message that says, in part, "The program can't start because jvm.dll is mission from your computer." What am I missing? Can someone please point me in the right direction? Thanks!
Posted by Adrivium about a year ago
Hello. I've recently been unable to login to Metasploit. A couple of months ago I installed Metasploit (on Windows Server 2012 R2) and logged in successfully a number of times to use the program. Today I tried to login again and am unable to. Figuring that I'm just misremembering my password, I followed the instructions on this page [https://kb.help.rapid7.com/v1.0/docs/resetting-a-password], but am unsure how to "run the console command in the .DLLCACHE\NEXSERVE.EXE window". When I navigate to that file and double-click "NEXSERVE.EXE" , I get a message that says, in part, "The program can't start because jvm.dll is mission from your computer." What am I missing? Can someone please point me in the right direction? Thanks!
Posted by Adrivium about a year ago
We are just beginning to deploy the Insight Agents to our machines. We are seeing this error message below and was curious what it meant. RHEL7 is the OS. Error Dec 5, 2017 10:32:38 AM Job: agent.jobs.linux.ui_realtime failed, running with id: a1de7a4d-e3a2-4434-8a9a-94bd8ccebece
Posted by Peter Luger about a year ago
Hello, Can you please give me a bypass/Fix for this error in nexpose "Inconclusive host with excessive port connection failures" This was posted about before, but the link is broken so I cant find the fix. https://www.owler.com/reports/rapid7/rapid7-blog-inconclusive-host-with-excessive--port/1462402923133
Posted by Philip Wright about a year ago
Trying to install Metasploit Trial to test on Windows server 2012r2. Install process yields the following error: Problem running post-install step. Installation may not complete correctly Error running C:\metasploit/postgresql/scripts/serviceinstall.bat INSTALL: The metasploitPostgreSQL service could not be started The service did not report an error. After clicking OK, the install process continues, and then yields: Problem running post-install step. Installation may not complete correctly. Postgres failed to initialize After clicking OK, the install process continues, and then yields: Metasploit eventually finishes installation and attempts to start the connection to the database but that fails. Service starts and stops and will not stay started. And the product is unusable. Server is a standalone server in a domain, tried with no additional roles and features installed and then also tries after adding IIS to the server too. Installing as the domain administrator so permissions should not be a problem. Install has been attempted here multiple times. Also tried one installation using Server name rather than localhost and one using a different port number. Need suggestions before trial runs out - PLEASE!
Posted by Tom Gee about a year ago
I have created a customized policy for Windows 2012 R2 servers. We are using only this OS in our environment. Out of 45 servers 39 servers are showing 100% while rest of the servers are showing exact 54.55% for all. The error is - PROOF CONTENT The status of compliance for this rule was derived from its parent rule(s). If i login to the same servers using the same credentials used for scanning then i can see all polices are applied already. Like example Nexpose showing maximum password age 60 days policy as failed but i can see that policy already applied in that server. I checked under resultant set of policy. Please help me to resolve this issue.
Posted by Saikat Das about a year ago
I'm using Ubuntu Studios 16.04 with Virtualbox 5.2.2. When ever I try to run Metasploitable in Virtualbox i get a loading screen for approximately 5 minutes and then it says that /dev/mapper/metasploitable-root does not exist and that it is dropping to a shell! What is the problem and what can I do about it?
Posted by Martin Isaksson about a year ago
Hi all, I have a server which detected TLS Server Supports TLS version 1.0. It states TLSv 1.0 and 1.1 was detected on the server. After editing the windows server's registry to disable TLS 1.0 and 1.1 and scanning again, the vulnerability is still there. From Audit Report's Additional Information, it just says Successfully connected over TLSv1.0. Is there anything can check why this is happening even though windows registry already disable TLS v1.0 and 1.1? Regards
Posted by Wen Qi about a year ago
Dear All, As topic titile describes if I set the rhosts of Auxiliary/Scanner/MS17_010 module and execute it, it doesn't retrieve any useful information at. It just shows that below excerpted results. [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed msf auxiliary(smb_ms17_010) > I tried this with 8 threads as well without sucess.
Posted by SBlade about a year ago
Hello, We have tried everything we possibly can possibly think of regarding the installation of Nexpose 6.4.64 (earlier versions as well) and every installation we perform is successful, but on reboot the Nexpose Security Service stops immediately (< 1 second). We can manually start it, but it immediately stops (again < 1 second) 100% of the time. We have tested the following to try and track down the root cause for this issue, but we have been unsuccessful thus far. Any assistance or direction you can provide would be greatly appreciated. We have tried multiple accounts (local & domain & domain admin) Removed AV White Listed install paths Leveraged Run as administrator Different Nexpose versions Console instead of RDP session Confirmed UAC disabled in GUI and registry Reviewed windows event logs (no help) Reviewed Nexpose NSC log (no help) Modified Nexpose Security Console service (Local System) to leverage domain account\domain admin account (no help) This is a clean installation on a Server 2012 R2 box. Are there any service dependencies that may be required that are not listed in the install guide? Is there a requirement to NOT be a domain joined system when installing the NSC? Thank you, Blind
Posted by Blindf8th about a year ago
Recently I was taught a neat trick by Rapid7 support for scanning address space and dynamically adding new hosts and removing stale ones within asset groups, and then using said group for vulnerability scans. This ultimately makes the best use of our license and saves us money which makes us happy. One feature which I would really appreciate and I am sure others would too, would be to duplicate existing scans, considering I now use two different scans for discovery and vulnerability. Any way a feature like this could be implemented?
Posted by Ryan Horan about a year ago
Has Rapid7 been developed and is it supported in any of the following environments: Microsoft Server 2012 with Citrix XenApp 7.6 and XenDesktop 7.6 Microsoft Server 2016 with Citrix XenApp 7.15 and XenDesktop 7.15 Windows 10 physical desktop Windows 7physical desktop Windows 10 pooled VDI or Windows 10 static VDI
Posted by Steve Williams about a year ago