When I upload a .nessus in Dradis 3.0 there is no output and it’s added as an Uploaded file - that’s all.
Any help? I did have an issue with Nmap files but found the fix here but for Nessus I am not receiving any errors or output at all.
Thanks
Just some more info from production.log that I haven’t looked into the solution for yet:
I, [2016-01-18T12:52:34.635676 #2331] INFO – : Parameters: {“item_id”=>“3”, “uploader”=>“Dradis::Plugins::Nessus”, “file”=>“File.nessus”}
I, [2016-01-18T12:52:34.645969 #2331] INFO – : Completed 500 Internal Server Error in 10ms
F, [2016-01-18T12:52:34.654196 #2331] FATAL – :
Redis::CannotConnectError (Error connecting to Redis on 127.0.0.1:6379 (Errno::ECONNREFUSED)):
Hope this isn’t considered spam, sorry if so.
Changed the port config in the Redis config (/etc/redis/redis.conf) from 0 to 6379.
.nessus file upload now says it’s Queuing a job to start in the background but nothing yet. Waiting patiently.
Looks like enough restarts of Dradis will sometimes fix this problem.
Found a bit of info here: Redirecting to Google Groups
Another cause could be if the background worker process (the one that picks jobs from the Redis queue) is not working.
If you run ps aux | grep resque do you see something like this?
$ ps aux | grep resq
etd 81627 0.0 1.1 2576004 90100 s003 S+ 2:05pm 0:24.58 resque-1.25.2: Waiting for *
Alternatively you can upload project directly using Thor with:
$ RAILS_ENV=production bundle exec thor dradis:plugins:nessus:upload /path/to/nessus
HTH,
Daniel
Hi kab00kie
I tried to follow these steps:
In order to rule out anything weird the file processing, I’d recommend
you process the file “by hand”:
$ cd /usr/local/rails/dradispro/current
edit the ./vendor/plugins/nessus_upload/lib/tasks/thorfile.rb and just
before the NessusUpload::import() in line #17 add:
Node.set_set_project_scope( 12 )
Note.set_set_project_scope( 12 )
But I could not find the correct thorfile because I use the community edition.
could you please put me in the right direction for the community edition?
Thanks.
Hi Daniel,
I tried to upload the nessus result directly without any luck.
Here the result:
kali2:/opt/dradis/dradisframework# RAILS_ENV=production bundle exec thor dradis:plugins:nessus:upload /root/host/LSV21-IRP3_r00ii3.nessus
Faraday::Builder is now Faraday::RackBuilder.
Loaded add-ons:
acunetix - Processes Acunetix XML format
burp - Processes Burp Scanner XML output
csv - Export results in comma-separated values
html_export - Generate advanced HTML reports
mediawiki - Import entries from an external MediaWiki
nessus - Processes Nessus XML v2 format (.nessus)
nexpose - Processes Nexpose XML format
nikto - Processes Nikto output
nmap - Processes Nmap output
nto_spider - Processes NTOSpider reports
open_vas - Processes OpenVAS XML v6 or v7 format
pdf_export - Generate PDF reports
qualys - Processes Qualys output
snowcrash - This plugin doesn’t provide a :description
vulndb - Import entries from your VulnDB HQ repository
I, [2016-01-29T21:42:40.920483 #6938] INFO – : Parsing nessus output file…
I, [2016-01-29T21:42:41.220303 #6938] INFO – : Done.
I, [2016-01-29T21:42:41.222986 #6938] INFO – : Processing report: LSV21-IRP3
/usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:in initialize': SQLite3::SQLException: no such table: dradis_nodes: SELECT "dradis_nodes".* FROM "dradis_nodes" WHERE "dradis_nodes"."label" = 'plugin.output' LIMIT 1 (ActiveRecord::StatementInvalid) from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:in new’
from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:in prepare' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:301:in block in exec_query’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract_adapter.rb:373:in block in log' from /var/lib/gems/2.1.0/gems/activesupport-4.1.9/lib/active_support/notifications/instrumenter.rb:20:in instrument’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract_adapter.rb:367:in log' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:298:in exec_query’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:510:in select' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract/database_statements.rb:24:in select_all’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract/query_cache.rb:70:in select_all' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/querying.rb:39:in find_by_sql’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:611:in exec_queries' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:493:in load’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:238:in to_a' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:460:in find_take’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:98:in take' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:81:in find_by’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:209:in find_or_create_by' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/querying.rb:6:in find_or_create_by’
from /opt/dradis/dradis-plugins/lib/dradis/plugins/content_service.rb:168:in default_parent_node' from /opt/dradis/dradis-plugins/lib/dradis/plugins/content_service.rb:65:in create_node’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:39:in block (2 levels) in import' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:237:in block in each’
from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in upto' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in each’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:35:in block in import' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:237:in block in each’
from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in upto' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in each’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:26:in import' from /opt/dradis/dradis-nessus/lib/tasks/thorfile.rb:36:in upload’
from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in run' from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in invoke_command’
from /usr/lib/ruby/vendor_ruby/thor.rb:359:in dispatch' from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in start’
from /usr/lib/ruby/vendor_ruby/thor/runner.rb:36:in method_missing' from /usr/lib/ruby/vendor_ruby/thor/command.rb:29:in run’
from /usr/lib/ruby/vendor_ruby/thor/command.rb:126:in run' from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in invoke_command’
from /usr/lib/ruby/vendor_ruby/thor.rb:359:in dispatch' from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in start’
from /usr/bin/thor:6:in `’
kali2:/opt/dradis/dradisframework#
I hope this gives a hint.
Hi Daniel,
I did the manual Nessus file upload which succeeded however the upload through the web portal gives me the same error as Kab00kie has. When I tried out the packaged Dradis I was able to start a worker thread, but how can I do this with the GIT install?
@Robiin, as explained in the How do I run it? section of the Download page, when you get the package you run two scripts:
$ ./dradis-webapp && ./dradis-worker
In order for this to work, you need Redis installed in the system.
The key line in the dradis-worker script is:
which you can duplicate by running the following in a new terminal window:
$ RAILS_ENV=production bundle exec rake resque:work
We’re looking into ways of making this ‘start’ process more user friendly though…
HTH
This worked great, thank you!
I replicated the steps you mentioned:
- make redis listen on port 127.0.0.1:6379
- restarted the redis server
- start worker with: RAILS_ENV=production bundle exec rake resque:work
- started dradis
Still, all I get is the “Enqueueing job to start…” message and no results.
I am using the community edition.
So why is dradis not parsing the file?
@danielm this thread is ~1 year old. Have you followed the install steps in this guide? Installing Dradis from Git | Dradis Framework (#5 under “Setting up the app”) I’m wondering whether starting the worker with $ bundle exec rake resque:work instead would do the trick as dradis-ce runs in development by default.
Thank you for your reply. I have acquired a pro license and surmise that the problem will vanish.