Has anyone had success setting up a connection to a Metasploit Pro Server within InsightConnect using the Rapid7 Metasploit plugin?
We can do a RESTful connections using the HTTP Requests plugin without issue, but it seems like the Rapid7 Metasploit plugin should connect and does not in spite of our best efforts.
Hi @john_breen - it’s been awhile since my team and I have tested the Metasploit plugin. If it’s alright with you, give us some time to test the plugin out and ensure it’s still working properly. I’ll get a ticket in for my team to investigate this.
In the meantime, are you able to provide any logs or other information to help us reproduce this?
In addition to this community post, I did submit a support ticket too. Yes we can provide logs through that support ticket. Thanks!
The Metasploit plugin for InsightConnect requires the RPC API to be running to connect to it. Setup instructions for the API are available here RPC API | Metasploit Documentation. That might still work but to Mike’s point, we will still want to test with a recent version of Metasploit and update the documentation internally.
Since we are using Metasploit Pro, the documentation on connections differs a bit for RPC API. The port number is different for example for MSF vs MSP. But yes it is running and the MSP port is reachable/open.
Hi @john_breen , we have reproduced the issue. We are tracking it down and in the process of getting it fixed up. No ETA yet, but I’ll do my best to keep you updated. Cheers!
Hi @john_breen . The connections issue should be solved with version 3.0.0 . Thanks for your patience, as the code needed quite a bit of updating.
I’ll check it out. Thanks for the update PJ
Breeniac
It works now. The opportunity here would be to update the documentation to be more clear. The majority connection types in InsightConnect are RESTful APIs, not RPC APIs. Maybe it’s just me, but it seems like there is an opportunity to highlight a callout when its a TCP port 55552 or 3790 (Pro) and that it is NOT a RESTful connection. Thanks for update.
Thank you for the suggestion, John - I’ve got a ticket in to get the documentation updated with your advice!