1 min
Nexpose
How to Check for Remote Desktop Protocol (RDP) Services
There are many organizations concerned with the critical Microsoft Security
Bulletin MS12-020
[http://technet.microsoft.com/en-us/security/bulletin/ms12-020] Remote Desktop
Protocol (RDP) vulnerability. Here is a quick way to check if you have Remote
Desktop Protocol running on your system or network. I used NMAP
[http://nmap.org/] to check my home network.
In the highlighted text below you can see that NMAP can check for the RDP
service running. If you can't patch, this is important because at
2 min
Nexpose
Rapid7 Wins Coveted SC Magazine Award for Best Vulnerability Management Tool
Thorsten George, VP of Worldwide of Marketing and
Products for Agiliance on the left and
Bernd Leger, VP of Marketing, Products &
Solutions at Rapid7 on the right
Sitting in a room of hundreds of industry leaders and security vendors, it was
extremely gratifying to hear our name called and being asked on stage to receive
one of the coveted SC Magazine Awards last night in San Francisco. Rapid7 won
the prestigious “Best Vulnerability Management Tool” Award in the Reader's Trust
Award Categor
1 min
Metasploit
Free Microsoft Virtual Machines for Testing
I am often asked how security professionals and students can safely test
security software. My usual response is, they should create a virtual lab with
diverse operating systems for testing. The problem that many encounter is they
don't have licenses available to install the operating systems.
During my creating and testing the Metasploit Javascript Keylogger
[/2012/02/21/metasploit-javascript-keylogger], I came across free virtual
machines from Microsoft that are sure to be useful to securit
1 min
Nexpose
Nexpose Java API
We are really excited to see the Nexpose community coming up with all sorts of
cool and useful ways to automate Nexpose via our APIs. Since we have published
our Ruby [https://github.com/rapid7/nexpose-client] and .Net
[https://github.com/brandonprry/nexpose-sharp] API client libraries, we have had
some requests for a Java library as well. And now we have open sourced a Java
[https://github.com/clee-r7/nexpose_java_api] based library for accessing the
Nexpose API. This library is BSD licensed s
2 min
Metasploit
Getting The Most Out of Metasploit: Pentesting, Password Auditing, and Vulnerability Validation
When we talk to Metasploit users, they usually use it for either penetration
testing, password auditing or vulnerability validation, but few use it for more
than one of these purposes. By leveraging your investment in Metasploit, you can
triple-dip at the same price - no extra licenses needed.
Penetration Testing
With penetration testing, you can identify issues in your security
infrastructure that could lead to a data breach. Weaknesses you can identify
include exploitable vulnerabilities, we
3 min
Nexpose
How to Exploit A Single Vulnerability with Metasploit Pro
Metasploit Pro's smart exploitation function is great if you want to get a
session quickly and don't care about being "noisy" on the network, but there are
certain situations where you may want to use just one exploit:
* You're conducting a penetration test and want to exploit just one
vulnerability so you don't draw too much attention (i.e. you want to use a
sniper rifle, not a machine gun)
* You're a vulnerability manager and want to validate just one vulnerability to
know whether
2 min
Nexpose
Find Vulnerable pcAnywhere Installations with DAGs
On Monday, Symantec made the rare decision
[http://www.symantec.com/theme.jsp?themeid=anonymous-code-claims&inid=us_ghp_banner1_anonymous]
to tell their customer base to either uninstall or disable their remote control
software suite pcAnywhere [http://www.symantec.com/pcanywhere]. Symantec made
this decision because their users were at risk to be exploited by publicly known
vulnerabilities that they had not been able to create a patch for yet. This
recommendation to disable software due to act
4 min
Nexpose
"Pass the hash" with Nexpose and Metasploit
I am proud to announce that Nexpose 5.1.0 now supports "pass the hash"
[http://en.wikipedia.org/wiki/Pass_the_hash], a technique to remotely
authenticate against a Windows machine (or any SMB/CIFS server) with the mere
possession of LM/NTLM password hashes, without needing to crack or brute force
them. Nexpose is able to use the hashes to perform credentialed scans to produce
very detailed scan results of all sorts of local and remote vulnerabilities that
may otherwise not be detectable.
And pe
1 min
Nexpose
Three Ways to Integrate Metasploit With Nexpose
Metasploit has three ways to integrate with Nexpose vulnerability scanner. I've
heard some confusion about what the different options are, so I'd like to
summarize them here briefly:
1. Importing Nexpose reports: This is a simple, manual file import. Apart from
Nexpose, Metasploit can import about 13 different third-party reports from
vulnerability management solutions and web application scanners. This
feature works in all Metasploit editions.
2. Initiate a Nexpose scan from M
3 min
Nexpose
Introducing Metasploit Community Edition!
The two-year anniversary of the Metasploit acquisition is coming up this week.
Over the last two years we added a ridiculous amount of new code to the open
source project, shipped dozens of new releases, and launched two commercial
products. We could not have done this without the full support of the security
community. In return, we wanted to share some of our commercial work with the
security community at large.
As of version 4.1 [http://www.metasploit.com/], we now include the Metasploit
2 min
Vulnerability Disclosure
March Patch Tuesday Roundup
Since Microsoft is on this new staggered pattern of releases, we can expect a
feast or famine every other month...so get used to it. Depending on what side of
the desk you sit on you can adjust the context. With that being said, this
month's release brought us 3 patches addressing 4 vulnerabilities. I think we
were all expecting to see the MHTML
[http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0096] protocol
handler issue resolved, however it didn't make the cut. Make sure IE is in
r