Over the last month I have managed to develop a custom import plugin to assist with some internal tasks within my workplace. I have managed to get the plugin up and running within Dradis CE, however, I am having difficulties installing it within Dradis Pro.
Can anybody share some guidance/details/etc of how this can be done?
I have used the following instructions so far:
We recommend the following process to install your gem on your instance of Dradis Pro:
Build the gem on your local system with the following command (for the sake of the example, I am assuming the gem is called dradis-NEW and is version 1.0.0):
$ cd [path to you local dradis-NEW folder]
$ gem build dradis-NEW.gemspec
2. Copy the dradis-NEW .gem file to /opt/dradispro/dradispro/shared/addons/cache/
Edit file: /opt/dradispro/dradispro/shared/addons/Gemfile.plugins
Add a line referencing your new gem. E.g. gem 'dradis-NEW','1.0.0'
Be very careful with copy/paste here. Email clients enjoy changing the single quotes to “fancy” quotes which will cause errors in Ruby.
Symlink both files by running the following as dradispro:
$ cd /opt/dradispro/dradispro/current/vendor/cache/
$ ln -s /opt/dradispro/dradispro/shared/addons/cache/dradis-NEW-1.0.0.gem
$ cd /opt/dradispro/dradispro/current/
$ ln -s /opt/dradispro/dradispro/shared/addons/Gemfile.plugins
$ RAILS_ENV=production bundle install --local --without development test
Re-start the app process:
$ god restart dradispro-unicorn
If the god restart doesn’t do the trick, try restarting your entire VM to force it to pick up the new code. (edited)
I can confirm that the gem is installed, however I do not see my custom plugin within the drop down list when I attempt to select it from the “Upload output from tool” option within Dradis Pro.
Any help would be greatly appreciated.
Thanks should also be mentioned to @rachkor who has got me up to this point so far.
I am assuming that the command “$ RAILS_ENV=production bundle install --local --without development test” mentioned in my post does the same as “bundle install --local --without development test” yes?
If not, which directory do I run this command from? as I know bundle can be a bit funny.
As per how I know its has installed the gem, It can be seen within the output from the above command as:
And yes, Using dradis-NEW is a good indicator that everythin is as it should.
When you got it running in CE, was the plugin listed at the bottom of the “Upload output from tool” page?
Also, if you fire up the console (RAILS_ENV=production bundle exec rais console), are your plugin classes loaded? (e.g. Dradis::Plugins::Nessus::Engine)
And finally, also within the console, is your plugin listed when you run:
In Dradis CE the custom plugin would just appear in alphabetical order.
I have fired up the console. Did you want me to then issue the command: Dradis::Plugins::Nessus::Engine?
As I did not see any initial indications of plugins etc when firing up the console.
After running the command Dradis::Plugins::with_feature(:upload) I get a list of plugins, but my custom plugin is not in that list.
within the console seems to error out. Is the syntax correct?
As for the thorfile, I have got one in place, I have tweaked it a bit to make it a similar to the example.
Re, the following command:
RAILS_ENV=production bundle exec thor -T
My plugin does not appear in the output.
However, I think the main question I have got now and is probably the answer I have been looking for is what is the xml file you are referring to in the last command:
@joshua, Rachael with the Dradis support team here. Do you have a thorfile.rb file like the one that Daniel gave as an example? You run the thor task from the command line to upload a file. The placeholder <path/to/file.xml> should be replaced with the path to the plugin file that you want to upload. More details on other thor tasks here: My tool output won't upload! | Dradis Pro Help
As per the previous response I have a thorfile.rb file and I have made sure it is fairly similar to the nessus example that @etd provided.
I do not see my plugin within the output of the command RAILS_ENV=production bundle exec thor -T
So I reckon it has not picked up my thorfile.rb, where does this file need to be linked to or stored in order to show up in the above command?
@joshua let’s try the painfully simple fix before going on. Can you try restarting the VM (off and on again)? This should force Dradis to fully pick up the code if the new plugin is indeed installed. If not, it’s time to re-install! Fingers crossed, keep us posted!
Hi @rachkor
I have been going through the initial install commands and restarting the VM every time I have made a change to see if it picks up my code. However there hasn’t been any signs it has worked yet.
Would you be able to provide a list of all the necessary files that need to be in the plugin. Also does the plugin have to be in a specific directory?
In addition, which directory can I find the other plugins in? As there appears to be several instances. If I can know this I may be able to reverse engineer a working example of my custom plugin.
@joshua the other plugins are added via references in the Gemfile (rather than the Gemfile.plugins where you’re adding the custom plugin). Can you try checking the .gemspec file you’re using when running $ gem build dradis-NEW.gemspec? Since this plugin is working locally but isn’t working on Pro, my hunch is that the .gem is related to the problem.
Does the code for this gem live on GitHub? If so, you could also try updating your Gemfile.plugins file to use a line like:
gem 'dradis-NEW', github: 'dradis/dradis-NEW'
That way, we can remove the .gem from the picture entirely and pull the code from GitHub.
Thanks for following up on this. I’m out of ideas right now without anything that we can use to replicate on this side. Would you be able to share your customized plugin with us? Sharing a GitHub repo would be the easiest way to proceed. Since it’s working on CE, I’m not sure what’s preventing it from working correctly on Pro after install but if we can replicate on this end, we should be able to resolve this quickly.
