Failed to Initialize the Script Engine

Joe · January 5, 2023, 1:15pm

Kindly assist with the nmap error below:

2023-01-05T11:08:28 [INFO] [Thread: Scan 5] [Site: Test] Nmap scan of 1 IP address starting.
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: NSE: failed to initialize the script engine:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:822: ‘open-management-infrastructure-rce-vuln.nse’ did not match a category, filename, or directory
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: stack traceback:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: [C]: in function ‘error’
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:822: in local ‘get_chosen_scripts’
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: C:\Program Files\rapid7\nexpose\nse\nmap/nse_main.lua:1322: in main chunk
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: [C]: in ?
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR:
2023-01-05T11:08:29 [INFO] [Thread: Scan 5:nmap:stderr] [Site: Test] NMAP: ERROR: QUITTING!
2023-01-05T11:08:29 [INFO] [Thread: Scan 5] [Site: Test] NMAP: PROCESS: EXIT VALUE: 1
2023-01-05T11:08:29 [INFO] [Thread: Scan 5] [Site: Test] Scan failed: java.io.IOException: The Nmap exit value is not zero: 1
at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source)
at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source)
at com.rapid7.nexpose.scan.Scan.start(Unknown Source)
at com.rapid7.nexpose.scan.Scan.run(Unknown Source)
at java.lang.Thread.run(Thread.java:750)

john_hartman · January 5, 2023, 2:55pm

Couple of questions:

How long ago did you install your console?

Were you scanning with the local console engine or from a distributed scan engine?

motunes · January 6, 2023, 9:06am

I’m also having same issue. The console was Installed about a week ago. I can run discovery scan but Can’t run full audit without web spidering

john_hartman · January 6, 2023, 2:09pm

Ok, that sounds like you probably have endpoint protection on that machine that blocked part of our install. Do you have something like Defender, Crowdstrike, etc installed on the console and active? If our Rapid7 directory isn’t whitelisted from those applications it is common that endpoint protection blocks part of the install leaving you with a corrupted install.

motunes · January 9, 2023, 5:21pm

Thank you, John.

jason_mull · January 9, 2023, 6:08pm

I ran into a very similar issue recently on a scan engine that has been in production for 9 months. It looks like Windows Defender started quarantining these files starting in December.

john_hartman · January 9, 2023, 7:24pm

It’s very possibly due to a content update that we did where some new vulnerability checks started hitting some Defender rules OR Defender started adding in some alerts that fired on our engines behavior. Same scenario though is that our products should be whitelisted. So on the assets themselves our Rapid7 directory should be whitelisted from Endpoint protection tools as well as our machine as a whole should be whitelisted from IDS/IPS tools.

matt_8 · January 11, 2023, 6:29pm

Wanted to add - ran into this with a new Windows installation this week - it was indeed Windows Defender blocking some python scripts in the Nexpose directory. This was resolved by restoring the quarantined files and whitelisting the Nexpose program files directory.