Posh-Nessus icon indicating copy to clipboard operation
Posh-Nessus copied to clipboard
verified publisher icon tenable

REST timeout since Nessus upgrade to v7.0.1

Open tschuh-vazata opened this issue 8 years ago • 3 comments

New-NessusSession times out on instantiation since upgrading our Nessus instance to 7.0.1 (Windows 2012R2). I can log in to the Nessus server via browser with the same credentials.

tschuh-vazata avatar Jan 16 '18 22:01 tschuh-vazata 

VERBOSE: POST https://<ServerIP>:8834/session with -1-byte payload
Invoke-RestMethod : The operation has timed out
At C:\Users\tschuh\Documents\WindowsPowerShell\Modules\Posh-Nessus\Session.ps1:78 char:30
+             $TokenResponse = Invoke-RestMethod @RestMethodParams
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

Packet analyzer shows:

<title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br>Reason: You're speaking plain HTTP to an SSL-enabled server port.<br>Instead, please use the HTTPS scheme to access this URL.<br></p></body></html>

If the Write-Verbose output is to be trusted (no reason not to) then we're already submitting the POST via HTTPS.

tschuh-vazata avatar Jan 16 '18 22:01 tschuh-vazata

Module is for Nessus 6.x it has not been tested or updates for 7.x yet so it could be . Thanks for reporting the issue. What specific function where you running that caused the timeout to see if it is related to the change in API

Sent from my iPhone

On Jan 16, 2018, at 6:43 PM, TSchuh [email protected] wrote:

VERBOSE: POST https://:8834/session with -1-byte payload Invoke-RestMethod : The operation has timed out At C:\Users\tschuh\Documents\WindowsPowerShell\Modules\Posh-Nessus\Session.ps1:78 char:30

    $TokenResponse = Invoke-RestMethod @RestMethodParams
                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand Packet analyzer shows:

400 Bad Request Bad Request

Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead, please use the HTTPS scheme to access this URL.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

darkoperator avatar Jan 16 '18 22:01 darkoperator

New-NessusSession

I resolved it moments ago by manually removing the module and reinstalling from Git. It seems Remove-Module did not perform as expected.

tschuh-vazata avatar Jan 16 '18 22:01 tschuh-vazata