Switch to match over scan and add troubleshooting steps
This commit is contained in:
parent
8cddf56238
commit
90e07ef5ed
|
@ -20,7 +20,8 @@ Note: The module can attempt to complete the configuration steps after NagiosXI
|
|||
2. To download other vulnerable versions, replace the version number in the URL with the desired version.
|
||||
2. Configure the NagiosXI installation
|
||||
1. The OVA has NagiosXI running on startup. Launch the VM and visit the VM's IP in a browser.
|
||||
2. Configure the `nagiosadmin` user's password and whether you'd like to force HTTPS.
|
||||
2. Go through defaults on the install. When you get to Admin Account Settings, configure the `nagiosadmin`
|
||||
user's password and whether you'd like to force HTTPS.
|
||||
3. Login as the `nagiosadmin` user and accept the license agreement when prompted.
|
||||
|
||||
#### Manual Install on Linux
|
||||
|
@ -38,9 +39,18 @@ on newer distributions.
|
|||
3. `./fullinstall`
|
||||
3. Configure the NagiosXI installation
|
||||
1. Visit the installed NagiosXI application in a web browser.
|
||||
2. Configure the `nagiosadmin` user's password and whether you'd like to force HTTPS.
|
||||
2. Go through defaults on the install. When you get to Admin Account Settings, configure the `nagiosadmin`
|
||||
user's password and whether you'd like to force HTTPS.
|
||||
3. Login as the `nagiosadmin` user and accept the license agreement when prompted.
|
||||
|
||||
### Troubleshooting Installation
|
||||
- NagiosXI doesn't show it's ip address
|
||||
- Login as the `root` user with `nagiosxi` as the password, and run `ip a` to get the IP
|
||||
- Ensure it's on a network accessible from your attacking machine (e.g. Nat network instead of Bridged)
|
||||
- NagiosXI fails when attempting to login manually with an "NSP Sorry Dave" message
|
||||
- The NagiosXI installation is likely out of sync with its date/time.
|
||||
- Set it manually with `timedatectl set-ntp false` and `timedatectl set-time 2023-02-06 17:34:00` but with the actual time and date
|
||||
|
||||
## Verification Steps
|
||||
|
||||
- [ ] Start `msfconsole`
|
||||
|
|
|
@ -133,9 +133,9 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
else
|
||||
return login_result, 'Failed to extract authentication cookies'
|
||||
end
|
||||
nsp = res_array[0].scan(/nsp_str = "([a-z0-9]+)/)
|
||||
nsp = res_array[0].match(/nsp_str = "([a-z0-9]+)/)
|
||||
if nsp
|
||||
@nsp = nsp[0][0]
|
||||
@nsp = nsp[0]
|
||||
else
|
||||
return login_result, 'Failed to extract nsp string'
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue