Nexpose - Rapid7 - Promo

​One of the keys to success as a hacker, pentester, or cyber warrior is finding vulnerabilities or flaws in the target system they exploit when they hack. There are several ways, including various Web application vulnerability testers such as Nikto and searching through vulnerability databases such as www.securityfocus.com. There is a method to be more specific. What if there was a tool that could scan a system or network and report all its vulnerabilities to the thread actor—that be a gold mine for them, and there is such a tool (or tools)!

Nexpose Logo

They are generally referred to as vulnerability scanners. These tools maintain a database of known vulnerabilities and then scan the target systems for them. If they find any, they then generate a detailed report of the vulnerabilities found, allowing us to choose the appropriate attack and then exploit the system or network.

Numerous vulnerability assessment tools are on the market, including the ever-popular Nessus, which began as an open-source project and is now a commercial product from Tenable. Other vulnerability scanners include Retina, ISS, Acunetix, and many others.

In this tutorial, we will be using Rapid7’s Nexpose tool. Rapid7 is the same company that produces Metasploit, and one of the key advantages, if you are a Metasploit user, this how Nexpose integrates its results into it.

We will be using Nexpose in a Windows 7 environment, but Nexpose can also be used in a Linux/UNIX environment. In addition, although I will be demonstrating it here on my local area network hacking lab, it can just as easily be used against public-facing IP’s.

Step 1 Download & Register Nexpose

Once you have completed the download, install it on your Windows system. There is a Linux distribution, but we are covering the Windows install.

As Nexpose installs, it will pop up a wizard-like the below. Simply follow the instructions as they come up.

It does a system check first—note that it recommends 8GB of RAM. Accept the license agreement, then select Type and destination of Nexpose. In this case, I chose Nexpose Security Console with a local Scan Engine.

Next, select the default value for the database on port 5432, and finally, create a username and password to use for this application. After you’ve got that all squared away, Nexpose will begin to extract files to your system.

When you see the screen below, you have successfully installed Nexpose and are ready to begin scanning for vulnerabilities.

Step 2 Restart Your System

The first step toward scanning your network is to restart your system, after which Nexpose will be ready to use.

Make certain that Nexpose has been started by going to your Windows Start button, selecting All Programs, then Rapid7.

Launch Nexpose

Click on Start Nexpose Service to start Nexpose in the background.

Step 3 Navigate to Port 3780 in Your Browser

Now, navigate to http://localhost:3780, where you will access Nexpose from your browser. This will open a screen like the one below, and Nexpose will begin to update its database of known vulnerabilities.

Nexpose Web Console

Be patient. This can take a while as all the vulnerabilities are loaded into the database. Then, Nexpose will compile the vulnerability checks, which means more waiting.

Finally, you will see a screen asking for your credentials. Enter the username and password you entered when you installed Nexpose.

Nexpose Web Console
​When you registered at Rapid7 to download the software, you provided your name and email address. Nexpose emailed you a product key, so enter it here to activate Nexpose.
Nexpose Web Console

When you see this screen, you are ready to start scanning.

Nexpose Web Console

Step 4 Scan the Targets

Next, click on the Home button in the upper left corner.

Nexpose Web Console

Now click on “New Static Site”.

Nexpose Web Console - New Site
Click on “Assets”, then click on “View”, and finally, click on “New Site”. Here you will enter the network or IP addresses you want to scan. This community edition allows us to scan up to 32 IP addresses.
Nexpose Web Console

Step 5: View the Results

Now that the scan is complete, we’re ready for the good part that makes all our effort worthwhile. Nexpose has scanned all the computers on the list or network and found all the vulnerabilities we need to know to hack these targets.

Nexpose Web Console

Click on reports on the top line menu and select to place the report in PDF format.

When we do, a report like the following is generated and opened.

Over twenty pages long, this report will detail all the potential vulnerabilities in the target systems or networks.

You can see what the Executive Summary looks like below.

Nexpose - Executive Summary

We can then scroll down through this report to view the scanner’s numerous vulnerabilities. Here is an example of one:

Nexpose Vulnerability Details

Summary

Vulnerability scanners like Nexpose were designed to assist security engineers in identifying potential vulnerabilities in their systems and networks. Still, the smart hacker can use them to identify potential targets and their vulnerabilities.

No more guessing which exploits to use; Nexpose and these scanners can pinpoint the vulnerability and the exploit used to hack the system.

There are MANY more options and features that Nexpose has; this is just a primer to install and run a very basic scan.

Please enter CoinGecko Free Api Key to get this plugin works.