Rapid7 NeXpose Community Edition
Recently the company Rapid7 acquired Metasploit, the open source Penetration Testing Framework developed by HD Moore. As I personally never heared about Rapid7 in the past, I took a look at what products Rapid7 is currently offering. I am currently a Nessus ProfessionalFeed subscriber, and, although I really love Nessus and think it is a great piece of software for vulnerability and compliance assessments, I am not satisfied with the quality of the reports it produces.
Rapid7 offers a Community Edition (read: free for personal and commercial use; limited to scanning 38 hosts) version of their NeXpose software, so I thought I’d give it a try.
After applying for a license for the Community Edition I was happy to get a license key assigned. I downloaded the NeXpose installer for the Windows OS (32 bit edition), and the installation of the software went smoothly.
The installation creates a desktop icon that runs nsc.bat. After runnin this file, the NexPose server should start, and it should be possible to connect to the server via browsing to http://127.0.0.1:3780
The server however doesn’t work on my system after a successfull installation. (Update: issue identified – Windows XP SP2, Windows Vista, Windows 7, and Windows 2008 are currently not supported yet)
The following output is shown after running nsc.bat.
C:\Program Files\rapid7\nexpose\nsc>nsc.bat Copying server libs Validating jre in directory _jvm Using jre at _jvm PATH: .DLLCACHE;..\_jvm\bin;..\_jvm\bin\server;%CommonProgramFiles%\Microsoft Sh ared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Pro gram Files\Intel\DMIX;C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stac k\bin\;C:\Program Files\Wave Systems Corp\Gemalto\Access Client\v5\;C:\Program F iles\Intel\WiFi\bin\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Pr ogram Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Windows\System32\Window sPowerShell\v1.0\;c:\tools;C:\Program Files\QuickTime\QTSystem\;C:\Program Files \IBM\Rational AppScan\;C:\Program Files\Common Files\Microsoft Shared\Windows Li ve;C:\Program Files\Nmap;C:\Program Files\Nmap;C:\Program Files\Nmap Logging to file C:\Program Files\rapid7\nexpose\update.log Copying server libs Validating jre in directory _jvm Using jre at _jvm PATH: .DLLCACHE;..\_jvm\bin;..\_jvm\bin\server;.DLLCACHE;..\_jvm\bin;..\_jvm\bin \server;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Windows\system32;C :\Windows;C:\Windows\System32\Wbem;C:\Program Files\Intel\DMIX;C:\Program Files\ NTRU Cryptosystems\NTRU TCG Software Stack\bin\;C:\Program Files\Wave Systems Co rp\Gemalto\Access Client\v5\;C:\Program Files\Intel\WiFi\bin\;c:\Program Files\C ommon Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\1 0.0\DLLShared\;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\tools;C:\Program F iles\QuickTime\QTSystem\;C:\Program Files\IBM\Rational AppScan\;C:\Program Files \Common Files\Microsoft Shared\Windows Live;C:\Program Files\Nmap;C:\Program Fil es\Nmap;C:\Program Files\Nmap NSC 13/03/10 12:37 PM: Logging initialized (system time zone is Australi a/Sydney) NSC 13/03/10 12:37 PM: initializing JDBC drivers NSC 13/03/10 12:37 PM: NeXpose is running interactively under super-user : Wouter NSC 13/03/10 12:37 PM: System memory: 3534MB total (939MB free) NSC 13/03/10 12:37 PM: System speed: 2394MHz (x2) NSC 13/03/10 12:37 PM: Running first-time configuration Nexpose 13/03/10 12:37 PM: Configuring PostgreSQL installation in C:\Program Files\rapid7\nexpose\nsc\nxpgsql PostgresInst13/03/10 12:37 PM: Verifying permissions on C:\Program Files\rapid7\ nexpose\nsc\nxpgsql PostgresInst13/03/10 12:37 PM: Verifying disk space on C:\Program Files\rapid7\n expose\nsc\nxpgsql PostgresInst13/03/10 12:37 PM: Postgres data directory already exists. Cleaning up. C:\Program Files\rapid7\nexpose\nsc\nxpgsql\nxpdata PostgresInst13/03/10 12:37 PM: Creating data directory in C:\Program Files\rapid 7\nexpose\nsc\nxpgsql\nxpdata PostgresInst13/03/10 12:37 PM: Recursively adding access rights of C:\Program Fi les\rapid7\nexpose\nsc\nxpgsql to SYSTEM PostgresInst13/03/10 12:37 PM: Adding access rights from root to C:\Program File s\rapid7\nexpose\nsc\nxpgsql to Wouter SetFileSecurity failed NSC 13/03/10 12:37 PM: A critical error occured during initialization: c om.rapid7.os.OSException: insertAccessAllowedACE failed: Access is denied.
at com.rapid7.os.win32.OSProvider.insertUserIntoACL(Native Method) at com.rapid7.os.win32.OSProvider.insertUserIntoACL(Unknown Source) at com.rapid7.os.win32.OSProvider.insertUserRights(Unknown Source) at com.rapid7.nexpose.util.D.F(Unknown Source) at com.rapid7.nexpose.util.C.J(Unknown Source) at com.rapid7.nexpose.nsc.FirstTimeConfigurator.A(Unknown Source) at com.rapid7.nexpose.nsc.FirstTimeConfigurator.configure(Unknown Source ) at com.rapid7.nexpose.nsc.NSC.¾(Unknown Source) at com.rapid7.nexpose.nsc.NSC.¶(Unknown Source) at com.rapid7.nexpose.nsc.NSC.§(Unknown Source) at com.rapid7.nexpose.nsc.NSC.run(Unknown Source) at com.rapid7.nexpose.nsc.NSC.main(Unknown Source)
NSC 13/03/10 12:37 PM: Error during server initialization: java.lang.Nul lPointerException NSC 13/03/10 12:37 PM: java.lang.NullPointerException at com.rapid7.nexpose.nsc.NSC.§(Unknown Source) at com.rapid7.nexpose.nsc.NSC.run(Unknown Source) at com.rapid7.nexpose.nsc.NSC.main(Unknown Source)
NSC 13/03/10 12:37 PM: Shutting down immediately
NSC 13/03/10 12:37 PM: shutting down config manager
NSC 13/03/10 12:37 PM: Shutting down database
NSC 13/03/10 12:37 PM: shutting down logging
: shutting down console
NeXpose Server exited with code 0
Finished.
C:\Program Files\rapid7\nexpose\nsc>
I contacted Rapid7 regarding this issue, but until date (14 days later!) and 2 reminders later I did not receive feedback from them how I can resolve this issue. If you have any idea what could cause this error, let me know!
Interim conclusion: Would I recommend installing the Community Edition? Sure! I heared it is supposed to be good! Would I consider myself buying or recommending someone the commercial version? No. My first impressions of the Rapid7 support services and the application’s Windows compatibility are not the best. Once I get the Community Edition up and running I will reconsider my conclusion.
Update: Issue was related due to installing NeXpose on one of the currently not supported OS’es – I installed it on Vista. I’ll give the Linux installer a go today!
March 23rd, 2010 00:10
how did you attempt to get in contact with us? The community eddition is supported through irc, email group, and the community site (community.rapid7.com) where you can get the details to access the user group and irc channel.
On first blush, it looks like it may be an OS issue. NeXpose only runs on server 2k and 2k3 currently for windows.
If you are still having problems, please drop us a line
March 23rd, 2010 02:00
Hi! Have you looked at the installation requirements in the email containing the license key? At this time, only Windows 2003 is a supported Microsoft platform for NeXpose Community Edition. It looks like you are trying to install the product on a desktop operating system, which is not supported for the reasons you highlighted above. If you do not have a 2003 Server system available, we recommend that you install into a Linux virtual machine, using a product like VMWare or VirtualBox. The NeXpose Community web site documents some of the common errors at:
http://community.rapid7.com/redmine/projects/nexpose/wiki
A slight correction in your post – NeXpose Community is free for personal use, but it is also free for *commercial* use as well. This sets it apart as the only enterprise-ready vulnerability management solution that is actually free for corporate users.
Thanks for trying NeXpose and let me know if you need anything,
-HD
March 23rd, 2010 02:18
Sorry to hear you’re having problems. It looks like you are installing on Windows Server 2008, Vista, or Windows 7, none of which is a supported platform at the moment. You should have received some installation instructions with your download email which describes the supported platforms.
We haven’t seen you on the nexpose-users mailing list or on irc.freenode.net/#rapid7. Both of these forums are excellent places to get help from other users and even Rapid7 employees.
Thanks!
March 23rd, 2010 07:11
Hello Chad,
Thanks for your response. I can confirm I have installed NeXpose on Windows Vista (The Windows installer download read generic ‘NeXpose for Windows – 32-bit’, so it didn’t came to my mind this platform would not be supported.) An OS check during the application installation would have saved me from some headaches.
I’ll give the Linux version a go as I did some more research and note that Windows XP SP2 is also not supported as per the FAQ: http://community.rapid7.com/redmine/projects/1/wiki/General_FAQ
March 23rd, 2010 09:01
@Ty: I contacted the representative that provided my Community Edition License key with the question to forward my console output to the support team.
@HD: Thanks for the comment on Licensing. I’ll update my post accordingly. That changes my previous view in relation to support services: As I had the impression that for corporate usage I would have to acquire a commercial license, I was expecting reasonable responsive support services. For free software allowing commercial usage I obviously do not have such expectations.
I am giving the NeXpose installation a go for now.
March 24th, 2010 21:17
I have managed to solve a similar problem..NeXpose is not supported on Windows XP SP2, Windows 7, or Vista due to restriction in accessing raw sockets. So,
just change the compatibility of the security console to windows 2000.
March 24th, 2010 23:00
Thanks for the tip Abdullah. Sadly enough that didn’t do the trick for me
I get the same error.
May 14th, 2010 14:33
change the compatibility of the 2 .bat files and the two .exe files in .DLLCACHE to windows 2000