Failed to Initialize the Script Engine

Kindly assist with the nmap error below:

2023-01-05T11:08:28 [INFO] [Thread: Scan 5] [Site: Test] Nmap scan of 1 IP address starting.
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: NSE: failed to initialize the script engine:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:822: ‘open-management-infrastructure-rce-vuln.nse’ did not match a category, filename, or directory
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: stack traceback:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: [C]: in function ‘error’
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:822: in local ‘get_chosen_scripts’
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:1322: in main chunk
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: [C]: in ?
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: QUITTING!
2023-01-05T11:08:29 [INFO] [Thread: Scan 5] [Site: Test] NMAP: PROCESS: EXIT VALUE: 1
2023-01-05T11:08:29 [INFO] [Thread: Scan 5] [Site: Test] Scan failed: java.io.IOException: The Nmap exit value is not zero: 1
at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source)
at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source)
at com.rapid7.nexpose.scan.Scan.start(Unknown Source)
at com.rapid7.nexpose.scan.Scan.run(Unknown Source)
at java.lang.Thread.run(Thread.java:750)

Couple of questions:

How long ago did you install your console?

Were you scanning with the local console engine or from a distributed scan engine?

I’m also having same issue. The console was Installed about a week ago. I can run discovery scan but Can’t run full audit without web spidering

Ok, that sounds like you probably have endpoint protection on that machine that blocked part of our install. Do you have something like Defender, Crowdstrike, etc installed on the console and active? If our Rapid7 directory isn’t whitelisted from those applications it is common that endpoint protection blocks part of the install leaving you with a corrupted install.

Thank you, John.

I ran into a very similar issue recently on a scan engine that has been in production for 9 months. It looks like Windows Defender started quarantining these files starting in December.

It’s very possibly due to a content update that we did where some new vulnerability checks started hitting some Defender rules OR Defender started adding in some alerts that fired on our engines behavior. Same scenario though is that our products should be whitelisted. So on the assets themselves our Rapid7 directory should be whitelisted from Endpoint protection tools as well as our machine as a whole should be whitelisted from IDS/IPS tools.

Wanted to add - ran into this with a new Windows installation this week - it was indeed Windows Defender blocking some python scripts in the Nexpose directory. This was resolved by restoring the quarantined files and whitelisting the Nexpose program files directory.

1 Like