search

rapid7 / nexpose-client

DEPRECATED: Rapid7 Nexpose API client library written in Ruby
https://www.rapid7.com/
BSD 3-Clause "New" or "Revised" License
150 stars 103 forks source link

Credentials failure after using Site.copy #307

Closed yahanvesh closed 6 years ago

yahanvesh commented 6 years ago

Expected Behavior

I expect copying a site should also copy the saved credentials in the earlier site.

Current Behavior

But i see that after copy a site, if i launch a scan, it fails citing credentials failure and it only works if i agains manually input the password in the form.

asalazar-r7 commented 6 years ago

This is part to do with how the console handles credentials. There are 2 types of credentials those tide to a Site and Global ones. With global ones it's a reference and therefore copying credentials is as easy as giving the new site a reference to the credential. With site specific credentials we don't have this reference base because each site will modify it's credential according to its need. This however causes a problem with the copy command as it knows there is a credential on the site you want to copy but the console due to security reasons will not return the password for that credential. When saving a site this looks normal because the save assumes the credential is being saved with a blank password and doesn't know better.

The potential fix to this is to not copy over site credentials as part of the gem.

yahanvesh commented 6 years ago

Thanks! Im now trying with Global Shared Credentials instead of Site Specific Credentials. Im getting adhoc errors with ssh authentication, whether its SiteSpecifc or Shared Credentials. The credential worked sometimes when i used it in SiteSpecific and used Test Connection to verify Authentication succeded.

For SharedCrednetials, i couldnt get it to work so far, getting below ssh errors. 2017-11-22T09:03:01 [INFO] [Thread: Scan 2790897] [Site: TestCreds1] Loaded protocol helper: SSH 2017-11-22T09:12:57 [INFO] [Thread: 10.10.27.196:22/TCP] [Site: TestCreds1] [Preference: 1.0] Attempting handshake via SSH 2017-11-22T09:12:57 [INFO] [Thread: 10.10.27.196:22/TCP] [Site: TestCreds1] [ssh.banner] Matching against banner: OpenSSH_7.5 2017-11-22T09:12:57 [INFO] [Thread: 10.10.27.196:22/TCP] [Site: TestCreds1] Asserting ServiceFingerprint [[certainty=0.9][description=OpenBSD OpenSSH 7.5][family=OpenSSH][product=OpenSSH][protocol=SSH][vendor=OpenBSD][version=7.5]] 2017-11-22T09:12:58 [INFO] [Thread: 10.10.27.196:22/TCP] [Site: TestCreds1] Failed to establish SSH session: com.rapid7.net.NetException: Unsupported KEX: diffie-hellman-group14-sha1

yahanvesh commented 6 years ago

I believe the issue has something to do with my ssh settings, and not nexpose now. Closing the issue.