NEXPOSE - API Revive DHCP Service Dynamic Connection I find that my DHCP Service connection within Nexpose does not tend to re-establish properly after application upgrades or any sort of service disruption. I ultimately end up re-saving the existing connection configurations for a discovery connection to be established. I'm looking at writing a monitor to watch discovery connections and re-create them if they are unavailable for more than a specified time limit. Has anyone already written something similar or better until the service is more reliable?
Posted by BrianWGray about a year ago
I've written a short test script to be able to create a new DAG. Here's the code. It executes without errors on a local account that has global admin to the nexpose instance. assetarray =  nxpcon.login if nxpcon.session_id puts "logged in" assetarray << Criterion.new("IP_ADDRESS","IS","192.168.1.1") assetarray << Criterion.new("IP_ADDRESS","IS","192.168.1.2") crag = Criteria.new(assetarray,"OR") dag = DynamicAssetGroup.new('test',crag,'test description') dag.save(nxpcon) end
Posted by Brian Bagent about a year ago
Hello. I installed Metasploit but after installing it I don't get an option to create a username and password,so I can't login. Also when I downloaded it I was expecting to receive an email and I am still to get the email.
Posted by Gbenga Sogbetun about a year ago
As a customer moves to aggressively remediate findings, the issue surfaced with detected internal assets and cert issues. Although this is not to be dismissed, I would like to find a way to add a exception targeting findings with "ssl-self-signed-certificate" and "ts-untrusted-ca" findings. One approach is to create a dynamic asset group targeting internally facing assets with any certificate issue in the vulnerability title. This seems a bit risky, since there is no specific way to mark these, its possible to miss something important. Any suggestions?
Posted by JC about a year ago
Hello, I have Kali Linux 64-bit on VMware Player 14 and Windows Server 2016 Host. I scanned my target with Rapid7 Nexpose (or InsightVM) and found a Vulnerability. Now, I'm in Kali VM with Metasploit. After navigating to "use auxiliary/scanner/ntp/ntp_unsettrap_dos" I enter in the RHOST and run. I get the error: Auxiliary failed: NoMethodError undefined method `size' for #<Rex::Proto::NTP::NTPControl:0x0055d6437416b0> Does anyone know how I can fix this problem? I don't know what 'size' is. I tried "set NUM 0" but I got the same error. "Show options" shows: msf auxiliary(ntp_unsettrap_dos) > show options Module options (auxiliary/scanner/ntp/ntp_unsettrap_dos): Name Current Setting Required Description ---- --------------- -------- ----------- BATCHSIZE 256 yes The number of hosts to probe in each set FILTER no The filter string for capturing traffic INTERFACE no The name of the interface PCAPFILE no The name of the PCAP capture file to process RHOSTS X.X.X.X yes The target address range or CIDR identifier RPORT 123 yes The target port (UDP) SNAPLEN 65535 yes The number of bytes to capture THREADS 16 yes The number of concurrent threads TIMEOUT 100000000 yes The number of seconds to wait for new data I obvisouly marked out the RHOSTS. Can anyone help me with this error so I can run Metasploit? Please reply. Thanks!
Posted by Mike Held about a year ago
Je viens d'installer Rapid7 Security console de Nexpose sur un serveur sous Windows Server 2012 R2, quand je lance la console depuis le lien https://localhost:3780 et je me logue je reçois le message suivant (VM has reported the following error:Critical error during initialization: null). Durant l'instalation un fichier nommé error est généré sur le bureau du VM, ci-dessous son contenu. In action "nexserv.ico [Run script]" (screen "CustomInstallationScreen"), property "Script": java.io.FileNotFoundException: C:\Program Files\rapid7\nexpose\nsc\nexserv.ico (Accès refusé) at java.io.FileOutputStream.open0(Native Method) at java.io.FileOutputStream.open(FileOutputStream.java:270) at java.io.FileOutputStream.<init>(FileOutputStream.java:213) at java.io.FileOutputStream.<init>(FileOutputStream.java:162) at com.exe4j.runtime.util.FileUtil.copyFile(FileUtil.java:20) at com.install4j.script.I4jScript_Internal_157.eval(I4jScript_Internal_157.java:6) at com.install4j.script.I4jScript_Internal_157.evaluate(I4jScript_Internal_157.java:*29) at com.install4j.runtime.installer.helper.Script.evaluate(Script.java:33) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:188) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:182) at com.install4j.runtime.beans.actions.control.RunScriptAction.execute(RunScriptAction.java:34) at com.install4j.runtime.beans.actions.SystemInstallOrUninstallAction.install(SystemInstallOrUninstallAction.java:29) at com.install4j.runtime.installer.ContextImpl$7.executeAction(ContextImpl.java:1668) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1659) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1656) at com.install4j.runtime.installer.helper.comm.actions.FetchObjectAction.execute(FetchObjectAction.java:14) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionDirect(HelperCommunication.java:274) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionInt(HelperCommunication.java:249) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionChecked(HelperCommunication.java:187) at com.install4j.runtime.installer.helper.comm.HelperCommunication.fetchObjectChecked(HelperCommunication.java:170) at com.install4j.runtime.installer.ContextImpl.performActionIntStatic(ContextImpl.java:1656) at com.install4j.runtime.installer.InstallerContextImpl.performActionInt(InstallerContextImpl.java:151) at com.install4j.runtime.installer.ContextImpl.performAction(ContextImpl.java:1103) at com.install4j.runtime.installer.controller.Controller.executeAction(Controller.java:368) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:334) at com.install4j.runtime.installer.controller.Controller.executeActionGroup(Controller.java:405) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:339) at com.install4j.runtime.installer.controller.Controller.handleCommand(Controller.java:195) at com.install4j.runtime.installer.controller.Controller.start(Controller.java:94) at com.install4j.runtime.installer.Installer.runInProcess(Installer.java:59) at com.install4j.runtime.installer.Installer.main(Installer.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:65) at com.exe4j.runtime.WinLauncher.main(WinLauncher.java:101) at com.install4j.runtime.launcher.WinLauncher.main(WinLauncher.java:26)
Posted by Walid Daidai about a year ago
How do you delete a recurring report? We have some recurring reports that are no longer needed. I can see the reports scheduled in the Calendar. I cannot find where these scheduled items are stored so that I can delete and prevent them from running again.
Posted by Scott Meyer about a year ago
Hello, I'm currently unable to install appspider on my system. The installation log shows, that the signature check fails after downloading the GUI resources during the installation process. A manual installation of the resources did not solve the problem. How can I proceed with the installation?
Posted by Tobias Ludwig about a year ago
Is it possible to run nexpose scan against your environment. We have a windows server box that host multiple Linux servers, of which one of them houses the nexpose scan engine. If it possible, how do we do it? What do need to avoid? In the online documentation https://metasploit.help.rapid7.com/v1.1/docs/discovery-scan - where would I reference it?
Posted by Gene about a year ago
I am looking for a very simple report or export that will give me a count of "like devices" or "like O/S's" based on a discovery scan. Kind of like the example below. My management is interested in an inventory type report that is emailed directly from Nexpose after a monthly discovery scan is run. Discovery SCAN Report & Review US Discovery SCAN = 2,000 Total IP's Discovered Desktops = 50 Servers = 60 Firewalls = 5 Routers = 15 Switches = 100 . . .
Posted by Mario Aguilar about a year ago