I was hoping to get access to the Nexpose API Guide, the link for which is typically given as https://community.rapid7.com/docs/DOC-1896 in various documents. However, the link points me back to the landing page of Help. How do I get access to this API Guide?
Posted by Gani Bhagavathula about a year ago
Currently trailing Metasploit. When importing an Nexpose scan into Metasploit pro while converting the Nexpose host into Metasploit host it fails with error: Auxiliary failed: ActiveRecord::StatementInvalid PG::StringDataRightTruncation: ERROR: value too long for type character varying(65536) How can we fix it up to impor the scan successfully?
Posted by Curtis Simpson about a year ago
We receive several alerts from our Citrix servers that there is lateral movement from several user accounts. Since this is expected behavior is there a way to mute or exclude future alerts stating Lateral Movement for specific devices? Would prefer to not totally turn the option off for alerting on other devices that may catch actual lateral movement. Currently only see option for Alert, Notable Event, and Disable.
Posted by Tom Dulin about a year ago
Unfortunately when I google something specific about a Rapid7 product, the results are now redirecting to the blog landing page. What's an easy way of accessing this past knowledge? Will you be migrating old questions here? Thank you, Things
Posted by Things about a year ago
Hi, I got this 2 error. How do I fix this? I am using Nexpose Community in Windows 10. 1. During Installation I got "error.log": In action "nexserv.ico [Run script]" (screen "CustomInstallationScreen"), property "Script": java.io.FileNotFoundException: C:\Program Files\rapid7\nexpose\nsc\nexserv.ico (Access is denied) at java.io.FileOutputStream.open0(Native Method) at java.io.FileOutputStream.open(FileOutputStream.java:270) at java.io.FileOutputStream.<init>(FileOutputStream.java:213) at java.io.FileOutputStream.<init>(FileOutputStream.java:162) at com.exe4j.runtime.util.FileUtil.copyFile(FileUtil.java:20) at com.install4j.script.I4jScript_Internal_157.eval(I4jScript_Internal_157.java:6) at com.install4j.script.I4jScript_Internal_157.evaluate(I4jScript_Internal_157.java:*29) at com.install4j.runtime.installer.helper.Script.evaluate(Script.java:33) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:188) at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:182) at com.install4j.runtime.beans.actions.control.RunScriptAction.execute(RunScriptAction.java:34) at com.install4j.runtime.beans.actions.SystemInstallOrUninstallAction.install(SystemInstallOrUninstallAction.java:29) at com.install4j.runtime.installer.ContextImpl$7.executeAction(ContextImpl.java:1668) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1659) at com.install4j.runtime.installer.ContextImpl$7.fetchValue(ContextImpl.java:1656) at com.install4j.runtime.installer.helper.comm.actions.FetchObjectAction.execute(FetchObjectAction.java:14) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionDirect(HelperCommunication.java:274) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionInt(HelperCommunication.java:249) at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionChecked(HelperCommunication.java:187) at com.install4j.runtime.installer.helper.comm.HelperCommunication.fetchObjectChecked(HelperCommunication.java:170) at com.install4j.runtime.installer.ContextImpl.performActionIntStatic(ContextImpl.java:1656) at com.install4j.runtime.installer.InstallerContextImpl.performActionInt(InstallerContextImpl.java:151) at com.install4j.runtime.installer.ContextImpl.performAction(ContextImpl.java:1103) at com.install4j.runtime.installer.controller.Controller.executeAction(Controller.java:368) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:334) at com.install4j.runtime.installer.controller.Controller.executeActionGroup(Controller.java:405) at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:339) at com.install4j.runtime.installer.controller.Controller.handleCommand(Controller.java:195) at com.install4j.runtime.installer.controller.Controller.start(Controller.java:94) at com.install4j.runtime.installer.Installer.runInProcess(Installer.java:59) at com.install4j.runtime.installer.Installer.main(Installer.java:46) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:65) at com.exe4j.runtime.WinLauncher.main(WinLauncher.java:101) at com.install4j.runtime.launcher.WinLauncher.main(WinLauncher.java:26) 2. During scan I got this error at "Scan Status": Failed (java.io.IOException: The Nmap exit value is not zero: -1073741819 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) ) Should I re-install?
Posted by Didiet K about a year ago
Hello I am unable to get a product key for Metasploit community as I have registered multiply times and have never received an email. I have checked my email's spam and I need to be able to use Metaspliot for a college project. I hope that I did not register too many times and get locked out because it took me multiply times to get the program installed on my Ubuntu Virtual Machine. -Thanks
Posted by Kylor W. Jones about a year ago
I installed an Insight agent on a Windows 8.1 machine yesterday. Today in the Insight Endpoint Monitoring console it show the following error: Error Job: agent.jobs.update failed, running with id: caf9ae6d-e6e4-4676-ad49-d8ad0e9ca8e2 I cannot find any information about what may be causing this error or additional troubleshooting steps to start performing.
Posted by Aaron Schmidt about a year ago
I was reading the Violent Python book, and came across creating an undetected payload. Here's what I've done so far to ensure that these instructions work just fine: 1. Uploaded the payload manually to my test XP system. 2. Executed the file.exe manually and noticed it opened the specified LPORT. 3. Used exploit/multi/handler to connect to that port -- this opened the command shell just as I expected. However, in Metasploit (trying to reproduce this but without touching the target system), I am having difficulty with finding a convenient way to do this same procedure. To upload, execute the file, and connect to the port using exploit multi handler, I am having to: 1) use smbclient to connect to the system and upload the file; 2) use metasploit psexec command to execute the command; 3) finally use exploit multi handler to connect to it. If I'm not mistaken, I thought I've seen a way in the past to just set the custom payload and exploit and it'll take care of the same steps above, but all in one process. I've already tried just using smb psexec, setting EXE::Custom, setting DisablePayloadHandler to true, and executing the exploit -- but this did not work. Any help would be greatly appreciated.
Posted by Rahul Chaturvedi about a year ago
I found several vulnerabilities related to cryptographic algorithms and protocols (Windows Server 2008R2 and Server 2012 environment) in my recent scan. Below are the list of the vulnerabilities ID. ssl-cbc-ciphers ssl-des-ciphers ssl-export-ciphers ssl-rsa-export-ciphers sslv2-and-up-enabled sslv3-supported ssl-weak-ciphers ssl-static-key-ciphers Is there any tool/script that will modify the registry values to disable or enable the registry keys which will take care of the above vulnerabilities?
Posted by Rahul Chaturvedi about a year ago
I'm trying to use some methods for buffer overflow exception. What I previously did was using the bellow code to run calc.exe : ``` msfpayload windows/exec cmd=calc.exe R | msfencode -e x86/alpha_mixed -t c -v ``` I know that the Metasploit team changed msfpayload and msfencode to msfvenom, so I converted the above instruction to the following : ``` msfvenom windows/exec cmd=calc.exe -e x86/alpha_mixed -t -v -a windows --platform windows ``` but the result is different. The first code gives me hex result but the second code gives me some characters. Can someone tell me what I am doing wrong? Also, in " calc.exe R " what does R stand for?
Posted by Rahul Chaturvedi about a year ago