Host: Ubuntu 16.04 Virtualbox 5.2.2 Having installed the VM on virtualbox it seems fine. The next time though upon starting up, the "Starting up... Loading, please wait..." Shows up for about 3 minutes. After that, this shows "Check root= bootarg cat /proc/cmdline or missing modules, devices: cat /proc/modules ls /dev Reading all physical volumes. This map take a while... ALERT! /dev/mapper/metasploitable-root does not exist. Dropping to a shell!" Its seems weird because it works fine the first time it is installed, but after that, the metasploitable-root file is missing and I have no idea why or how to fix it.
Posted by Martin Isaksson about a year ago
We have an external webpage on AWS for a landing page that also contains a training module. If I copied the source code of the external landing to the Metasploit landing page would that work? There is a link on the landing page to a training module that is also hosted on AWS. Thanks, Mike
Posted by Mike Sotace about a year ago
I am evaluating the trial version of your product and I would like to know how the risk score is being calculated in Rapid7. I read about the temporal and weighted model of risk score calculation but I was unable to understand the weighted model. On what basis is the weighted risk score calculated?
Posted by Priyanka Sunil Nair about a year ago
I am receiving inaccurate results from Nexpose. According to IBM BigFix this patch is for ms16-144 which also covers MS16-146, MS16-147, MS16-149, MS16-151 and MS16-153. This patch has 11 different kb numbers. KB3203621, KB3205383, KB3205386, KB3205394, KB3205400, KB3205401, KB3205408, KB3205409, KB3206632, KB3207752 and KB3208481. So with any of those kb numbers installed this would cover MS16-146, MS16-147, MS16-149, MS16-151 and MS16-153. I need to know why your program is not checking for all the kb numbers?
Posted by Steven O'Shea about a year ago
I have a Debian system that I just did an 'apt upgrade' for where a subsequent scan shows several patch-related vulnerabilities still outstanding. One in particular is "Debian: CVE-2017-3735: openssl -- security update" where Nexpose says "Vulnerable software installed: Debian openssl 1.0.1t-1+deb8u6". According to dpkg on the server, openssl is at version 1.1.0f-3+deb9u1, which according to Debian (https://security-tracker.debian.org/tracker/DSA-4018-1) is the corrected version for Stretch. I noticed that in the list of installed applications for the server, it shows "openssl 1.0.1t-1+deb8u6 cpe:/a:openssl:openssl:1.0.1". Why is Nexpose still detecting this older version that doesn't appear to be installed anymore?
Posted by Mike Danicich about a year ago
Palo alto pushed an event saying that there is an attempt to exploit a vulnerability "5241 - CVE-2004-0197 - MS04-014 - Microsoft - Windows - Code Execution Issue" based on the traffic pattern. However when I check in nexpose, there is no match found with the CVE but I have found other 2 vulnerabilities with same description(here below). CVE-2004-0197 - MS04-014 is applicable to legacy windows servers and my machine is windows 2008 r2 windows server. 1.Microsoft CVE-2017-8718: Microsoft JET Database Engine Remote Code Execution Vulnerability 2.Microsoft CVE-2017-8717: Microsoft JET Database Engine Remote Code Execution Vulnerability What should I do? Does both 2004 and 2017 CVE mean the same?
Posted by Raghu about a year ago
Hi, Found a trouble during scan. It goes too slow for some hosts. In logs we see lots of messages like this: 2017-12-07T14:42:28 [INFO] [Thread: SPIDER::query-based SQL Injection@10.10.10.10:443] [Site: TEST 1] [10.10.10.10:443] [GetInjectionResponseProvider] Exception while trying to get response for payload r%277%22nx: null 2017-12-07T14:46:28 [INFO] [Thread: SPIDER::query-based SQL Injection@10.10.10.10:443] [Site: TEST 1] [10.10.10.10:443] [GetInjectionResponseProvider] Exception while trying to get response for payload r%277%22nx: null 2017-12-07T14:50:29 [INFO] [Thread: SPIDER::query-based SQL Injection@10.10.10.10:443] [Site: TEST 1] [10.10.10.10:443] [GetInjectionResponseProvider] Exception while trying to get response for payload r%277%22nx: null Such messages appears for 3 hours every 4 minutes. The host has open port 443, service unknown, possible some kind of network device.
Posted by Vas about a year ago
Hi all. i just installed nexpose on windows 7. installation was successful. but when i tried to access to web console via chrome, the browser showed 'cannot access to site'. i run netstat -an command in cmd. the port 3780 was not there. i have reinstalled nexpose but the issue still exists. how can i handle this?
Posted by AHN about a year ago
I was wondering how often if any other customers of Nexpose take advantage of custom vulnerability checks in their environment? - What kind of things are you checking for? Documentation: https://blog.rapid7.com/2014/04/01/creating-custom-check-based-on-another-check/
Posted by Austin about a year ago