{"id":3602,"date":"2015-09-22T10:48:32","date_gmt":"2015-09-22T08:48:32","guid":{"rendered":"http:\/\/www.laurentmarot.fr\/wordpress\/?p=3602"},"modified":"2015-09-30T07:30:44","modified_gmt":"2015-09-30T05:30:44","slug":"my-very-first-nexpose-custom-check","status":"publish","type":"post","link":"https:\/\/www.laurentmarot.fr\/wordpress\/?p=3602","title":{"rendered":"My very first Nexpose Custom Check"},"content":{"rendered":"

Writing Nexpose Vulnerability Checks will soon hurt you …
So, if you need some help, I’m your guy \ud83d\ude09<\/p>\n

Thanks to Rapid7 community for the basics<\/a>. Let’s see how to set it up in four steps.<\/p>\n

step 1 :<\/strong> write locally with your own text editor 2 files (vulnerability desccriptor = .xml file & vulnerability check = .vck file)<\/p>\n

Vulnerablity descriptor file<\/strong> contains any information about your specific vulnerability (title, description, severity, CVE IDs, CVSS score, etc.).
\n

\"editing<\/a>

editing xml vulnerability descriptor file<\/p><\/div><\/p>\n

You may have several vulnerability check files<\/strong> containing multiple tests which are compiled at runtime and used by Nexpose to verify the existence (or non-existence) of your vulnerability described in the descriptor.<\/p>\n

step 2 :<\/strong> put the files in Nexpose files system
Depending upon your system, you may juste have to pscp the files with Putty client
As it’s always a pitty to remember those commands, I just give it to you in plain text below so you’ll just have to copy\/paste<\/p>\n

C:\\Program Files (x86)\\PuTTY>pscp \u00ab\u00a0c:\\logs\\nexpose\\cmty-http-wordpress-wplinks-opml-info-leak.vck\u00a0\u00bb nexpose@192.168.1.205:\/home\/nexpose
\nnexpose@192.168.1.205’s password:
\ncmty-http-wordpress-wplin | 0 kB | 0.4 kB\/s | ETA: 00:00:00 | 100%<\/p>\n

C:\\Program Files (x86)\\PuTTY>pscp \u00ab\u00a0c:\\logs\\nexpose\\cmty-http-wordpress-wplinks-opml-info-leak.xml\u00a0\u00bb nexpose@192.168.1.205:\/home\/nexpose
\nnexpose@192.168.1.205’s password:
\ncmty-http-wordpress-wplin | 1 kB | 1.5 kB\/s | ETA: 00:00:00 | 100%<\/b><\/p>\n

\"pscp<\/a>

pscp your vulnerability description file<\/p><\/div>
\nstep 3 <\/strong>: deploy this vulnerability check into Nexpose by simply copying your .xml and corresponding .vck file into the following directory:<\/p>\n

\/opt\/rapid7\/nexpose\/plugins\/java\/1\/HttpScanner\/1\/<\/b><\/p>\n

step 4<\/strong> : restart your Nexpose Security Console and browse to your brand new vulnerability<\/p>\n

https:\/\/192.168.1.205:3780\/vulnerability\/vuln-summary.jsp?vulnid=cmty-http-wordpress-wplinks-opml-info-leak<\/a><\/p>\n

\"vuln<\/a>

vuln display<\/p><\/div>
\n

\"wanna<\/a>

wanna see my putty ?<\/p><\/div><\/p>\n\n

Download vulnerability descriptor file<\/a>
\nDownload vulnerability check file<\/a><\/p>\n

Notes: I just wrote this post as a proof of concept for one of my customers.
\nIt’s always funny when you want to write a post to discover that you can’t do it the simple way you dream of it : impossible to upload xml\/vck file, outdated filezilla client you have to upgrade, WordPress formatting nightmare …<\/p>\n\n","protected":false},"excerpt":{"rendered":"

Writing Nexpose Vulnerability Checks will soon hurt you …So, if you need some help, I’m your guy \ud83d\ude09 Thanks to Rapid7 community for the basics. Let’s see how to set it up in four steps. step 1 : write locally with your own text editor 2 files (vulnerability desccriptor = .xml file & vulnerability check […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"_links":{"self":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3602"}],"collection":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3602"}],"version-history":[{"count":25,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3602\/revisions"}],"predecessor-version":[{"id":3631,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3602\/revisions\/3631"}],"wp:attachment":[{"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3602"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.laurentmarot.fr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}