I imagine this wouldn’t be an issue if a valid cert was used.
The warning about a self signed certificate has to be answered, even if you import the cert on the machine. The default local authentication domain is “LocalDomain”. The “-d” flag is the login domain, which may be an Active Directory/LDAP back end or the local authentication service (this value is CaSe SeNsItIvE). The “-u” and “-p” flags should be pretty obvious. The “Login failed” message is pretty self explanatory. There is a problem with the site's security certificate.ĭo you want to proceed? (Y:Yes, N:No, V:View Certificate)Īuthentication failure: Login failed - Incorrect username/password.Ī couple notes about the options and outputs I want to clear up first. An example of a login attempt using the bare minimum amount of info looks something like this: netExtender -u user -p password -d LocalDomain 192.168.1.1:4433 I downloaded the latest Linux NetExtender client, which can be found with a quick Google search, and installed it. Since I had some past experience with SonicWall and NetExtender, I knew there was a Linux CLI client, which led me to believe it would be relatively easy to script a login with it. While my initial goal was just to password spray it, I found a few interesting quirks with the NetExtender client along the way. NetExtender is SonicWall’s SSL VPN offering. I little while ago I got to play around with a SonicWall firewall that had NetExtender configured. Posted in Uncategorized | Leave a reply Fun with SonicWall NetExtender After launching that docker image, you should be able to hit the OpenVAS web interface over HTTPS on port 8080. The arguments should be self explanatory. apt updateĭocker run -detach -publish 8080:9392 -e PASSWORD="thisisapassword" -e HTTPS=true -volume openvas:/data -name openvas immauss/openvas Want OpenVas? Spin up a Debian/Ubuntu box and do this. This made things much less painful and worked on my first attempt, after sorting out how to enforce HTTPS. I eventually gave up and used a docker image, which to my surprise, worked flawlessly. Following multiple different install guides just led me to broken install after broken install.
I found that the install process was just as bad as I remember. However I decided to try OpenVAS, as it has been a while since I used it and liked the idea of using something open source. I could have registered for a trial of Nessus or something of the sort.
I recently deployed a few internet facings servers and decided it was probably prudent to at least hit them with a vulnerability scanner.
0 kommentar(er)
