NeXpose & Back|Track(4)

[JF1976]

A guide to adding the NeXpose vulnerability scanning engine to Back|Track(4) FINAL.

I hope it works for you it did for me, I used a clean iso booting live and then created the guide, so all instruction should work fine from within a fresh HDD installation or live but please be aware of the extra requirements of using a live system, and have a USB driver ready for unetbootin, or some storage for your iso also i would recomend you have a read of the remastersys guide.

The doc Google Docs

[Archangel-Amael]

[QUOTE=JF1976;686]A guide to adding the NeXpose vulnerability scanning engine to Back|Track(4) FINAL.


I would like to point out that you have a condensed version of the Nexpose wiki contents and your only showing using the metasploit plugin of nexpose and as such there is a lot more to it than that. The use of "nxadmin" is not a requirement and one can change the name to anything without actual problem. Also why in the world would you want to start the server at boot. This expends a lot of needed resources if it is not needed, and could be a security risk. The server being run all the time is meant for a dedicated machine to actually monitor a network environment for changes. This really seems unneeded.
Furthermore credit should be given to those that posted this information and made it available to other community members.
I did a couple of videos and posted both to my blog and to the old forums and they are included at the nexpose wiki.
Archangel Amael's BT Tutorials: NeXpose
Look I picked on your guide a bit but at the same time I believe the issues are valid and you can make a few changes to make your guide even better, don't take it personal just consider it business. I would like to see you make a guide just on remastering the iso. Maybe providing a bit more depth to it.

[JF1976]

The name change issue i experienced during testing "on 4 Pre" caused significant problems with my own level of understanding that i decided to include a note about it. i understand that this may not be an issue for most, but it was a problem i experienced, while the product wiki is always a good place to start for generic information, this guide was created on and for "Back|Track(4) Final", and was slightly different than on 4 Pre and if im not mistaken the video you linked me is on a pre not final, however it might be nice from a personal perspective to get your input over the tools you used to create your video i use vncrec or recormydesktop at present and would appreciate anything that might be better.

[Corleone]

Hi,

I'm trying to get NeXpose working on backtrack 4.
I followed the instructions i found on securitytube.net,
everything installs oke but when i login it gives me this error msg.
Database initialization failed : Error starting PostgreSQL: java.io.IOException: Cannot run program "/opt/rapid7/nexpose/nsc/nxpgsql/pgsql/nxpgsql": java.io.IOException: error=13, Permission denied
So far i tried
* Edit /opt/rapid7/nexpose/nsc/conf/nsc.xml
* Change line #4 to say: <Database dbms=”postgresql” db=”//127.0.0.1:5433/nexpose”>
<Database dbms=”postgresql” db=”//127.0.0.1:5433/nexpose”>
* Save nsc.xml
* Edit /opt/rapid7/nexpose/nsc/nxpgsql/nxpdata/postgresql.conf
* Uncomment line 60 and change it to say: “port = 5433 # (change requires restart)”
* Save postgresql.conf
with no luck..
Some help would be great

c

[Tablechukka]

Hi Corlene,

I had the same issue with NeXpose. now fixed, basically rename the nsc.xml to nsc.bak then restart ./nsc.sh

For more info look here: NeXpose Community - Common Errors - Rapid7 Community Portal

[Corleone]

Worked like a charm,thx!


c