Hello I am trying to use the ApI v3 and I am struggling to use it. I wanna create a new asset group but always get a : The remote server returned an error: (400) Bad Request. I tryeid to simplify at maximum. The get request works fine : $url="https://nexpose:3780/api/3/asset_groups" Invoke-WebRequest -Uri $url -Method Get -Headers @{"Authorization" = "Basic "+[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($user+":"+$password )) } But the post one fails whatever I try : $params = @{ "name"="TEST BL - 2"; "type"="Static"} Invoke-WebRequest -Uri $url -Method POST -Body ($params|ConvertTo-Json) -ContentType "application/json" -Headers @{"Authorization" = "Basic "+[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($user+":"+$password )) } can anyone help me ? Thanks Bruno
Posted by Bruno Lenski 2 months ago
I am trying to add a new subset to a scheduled scan in Nexpose and I get this error message. The subnet is the one following the other one for which I am able to save the scan. What this error message means?
Posted by Adrian Borlea 2 months ago
Is there a way we can show what vulnerabilities are open and for how long they have been open? In our future state we should have no critical vulnerabilities open for longer than 30 days. We would like to be able to show this, in a report, to hold the system owners accountable for securing their systems. Thanks for any help
Posted by Randy Bruski 2 months ago
I somehow managed to crash my Metasploit Pro install (testing at the moment) after doing a whole Security Audit on a large environment i don't want to go back to redo. (Windows 10 1809) After a BSOD the DB wont start again i have a backup of the whole c:\metasploit folder that was taken on monday after i had done the scanning but not done the reports. i thought just copying the backup back to c:\metasploit might work, but alas it has not, im assuming i need to do a reindex or something for the PostG but i am unsure how to do this, anyone have ideas or solutions?
Posted by Johnathan Clarke 2 months ago
I am new to nexpose, my questions is based on the vulnerabilities that Nexpose gathers at the end of the scan. Are these potential vulnerabilities based on services it detects or actual vulnerabilities? For example...I may be running an older version of ssh but have patched it, is Nexpose intelligent enough to detect the patch and therefore no list it as a vulnerability. My next question, is that I am seeing numerous vulnerabilities ...something like 27, when I run nexpose. However, when I pass it through Metasploit Pro ....it reports only 1 as expliotable. Does this mean I don't have to worry about the other 26 that were reported by Nexpose.
Posted by Carl Ferns 2 months ago
On https://insight.rapid7.com/ I'd like to know how to delete dead/old/re imaged hosts out of the insight platform, basically I'd like to do some data janitoring. Is this possible? Will this be a feature in the near future?
Posted by Matt Wyen 2 months ago
HI new to Nexpose, have a dashboard item that tells me how many obsolete operating systems there are. Which is great. However to know that they are obsolete Nexpose must have a date internally that they ceased to be supported. I would like to add this to the output. I assume a custom report is needed. Have never written any. Can anyone point out how this would be done? Thanks
Posted by Phil Maud 2 months ago
I have a report that pulls assets by tag owner, this is manual process where the option is to add tag, site, asset group etc..When i pull john does tag the report comes up in csv, but also pulls jane does tag as well because they have the same asset, but jane does tag was not check boxed??? How to get it to only pull who i tell it to pull?
Posted by Vanessa villalpando 2 months ago
The logs of our apps are generated within Docker containers, and the eas I'm sending my logs to IngishtOps using UDP, since using the syslog driver is the simplest way to set this up. Logs get to InsightOps alright, but no pattern is recognized. I get lines like: <30>Feb 5 09:21:17 project_web_nginx_1_5f3a57bfd0d0[3622]: 172.19.0.2 - - [05/Feb/2019:09:21:17 +0000] "GET /asesorias-auditorias/ HTTP/1.1" 200 18358 "https://staging.project.es/asesorias/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0" "88.20.139.41" But no data is recognized (tags do not work, searched by any of the "fields" get zero results, etc). Is there a way to set InsightOps so it recognizes these lines coming from nginx even if sent via syslog? I rather not having to set up separate data containers to store the logs for all the containers. Thanks, regards.
Posted by Ivan 2 months ago
At the moment I am recently unable to perform an update to the 30 January 2019 update and I get the following error: "There were 3 errors while updating: Update ID 661050093 is missing package or dependency. Update ID 661712932 is missing package or dependency. Update ID 914204429 is missing package or dependency." I cannot seem to find any references to these ID codes anywhere. Does anyone have an idea what these mean and what dependencies I am missing? Currently, I am running a licensed version of Nexpose on the Ubuntu VM provided by Rapid7. Thanks in advance
Posted by Adam McKelvey 2 months ago
I am looking to deploy 2 x InsightIDR collectors for resilience purposes. I’m led to believe that InsightIDR agents can be configured to connect to more than one collector and they start using the first collector respond, and that if that collector become unresponsive then the agent/s start send to an alternate. Is this correct and recommended setup? Also, does this mean that depending on agents location in the network in relation to the collectors, some agents will be sending to one collector and other Agents will be sending to the other collector?
Posted by Gavin Hook 2 months ago
I made a executable program. Code =========================== while True: t = raw_input("TEST >> ") =========================== I built this with pyinstaller. But Command "execute -f myprogram.exe -i -H" doesn't execute my program.. I think that all of input function.. Unless existed input function, program was run well.. help plz..
Posted by Kyeong Min Kim 2 months ago
Hello, During a Nexpose scan with cipher/TLS checks enabled I am to pull a lot of information on services using encryption. If Nexpose sees RDP for example it will pull what version of TLS/SSL is enabled and cipher suites. For SSH however it looks to only pull the version of openSSH installed and no information on the ciphers. Is there anyone to pull this info from Nexpose?
Posted by Robert DeBellis 2 months ago