.nessus file import


#1

When I upload a .nessus in Dradis 3.0 there is no output and it’s added as an Uploaded file - that’s all.

Any help? I did have an issue with Nmap files but found the fix here but for Nessus I am not receiving any errors or output at all.

Thanks


#2

Just some more info from production.log that I haven’t looked into the solution for yet:

I, [2016-01-18T12:52:34.635676 #2331] INFO – : Parameters: {“item_id”=>“3”, “uploader”=>“Dradis::Plugins::Nessus”, “file”=>“File.nessus”}
I, [2016-01-18T12:52:34.645969 #2331] INFO – : Completed 500 Internal Server Error in 10ms
F, [2016-01-18T12:52:34.654196 #2331] FATAL – :
Redis::CannotConnectError (Error connecting to Redis on 127.0.0.1:6379 (Errno::ECONNREFUSED)):


#3

Hope this isn’t considered spam, sorry if so.

Changed the port config in the Redis config (/etc/redis/redis.conf) from 0 to 6379.

.nessus file upload now says it’s Queuing a job to start in the background but nothing yet. Waiting patiently.


#4

Looks like enough restarts of Dradis will sometimes fix this problem.

Found a bit of info here: https://groups.google.com/forum/#!topic/dradis-pro/lhmnUvchjYI


#5

Another cause could be if the background worker process (the one that picks jobs from the Redis queue) is not working.

If you run ps aux | grep resque do you see something like this?

$ ps aux | grep resq
etd             81627   0.0  1.1  2576004  90100 s003  S+    2:05pm   0:24.58 resque-1.25.2: Waiting for *

Alternatively you can upload project directly using Thor with:

$ RAILS_ENV=production bundle exec thor dradis:plugins:nessus:upload /path/to/nessus

HTH,
Daniel


#6

Hi kab00kie

I tried to follow these steps:
In order to rule out anything weird the file processing, I’d recommend
you process the file “by hand”:

$ cd /usr/local/rails/dradispro/current

edit the ./vendor/plugins/nessus_upload/lib/tasks/thorfile.rb and just
before the NessusUpload::import() in line #17 add:

Node.set_set_project_scope( 12 )
Note.set_set_project_scope( 12 )

But I could not find the correct thorfile because I use the community edition.
could you please put me in the right direction for the community edition?

Thanks.


#7

Hi Daniel,

I tried to upload the nessus result directly without any luck.
Here the result:

kali2:/opt/dradis/dradisframework# RAILS_ENV=production bundle exec thor dradis:plugins:nessus:upload /root/host/LSV21-IRP3_r00ii3.nessus
Faraday::Builder is now Faraday::RackBuilder.
Loaded add-ons:
acunetix - Processes Acunetix XML format
burp - Processes Burp Scanner XML output
csv - Export results in comma-separated values
html_export - Generate advanced HTML reports
mediawiki - Import entries from an external MediaWiki
nessus - Processes Nessus XML v2 format (.nessus)
nexpose - Processes Nexpose XML format
nikto - Processes Nikto output
nmap - Processes Nmap output
nto_spider - Processes NTOSpider reports
open_vas - Processes OpenVAS XML v6 or v7 format
pdf_export - Generate PDF reports
qualys - Processes Qualys output
snowcrash - This plugin doesn’t provide a :description
vulndb - Import entries from your VulnDB HQ repository
I, [2016-01-29T21:42:40.920483 #6938] INFO – : Parsing nessus output file…
I, [2016-01-29T21:42:41.220303 #6938] INFO – : Done.
I, [2016-01-29T21:42:41.222986 #6938] INFO – : Processing report: LSV21-IRP3
/usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:in initialize': SQLite3::SQLException: no such table: dradis_nodes: SELECT "dradis_nodes".* FROM "dradis_nodes" WHERE "dradis_nodes"."label" = 'plugin.output' LIMIT 1 (ActiveRecord::StatementInvalid) from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:innew’
from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:91:in prepare' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:301:inblock in exec_query’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract_adapter.rb:373:in block in log' from /var/lib/gems/2.1.0/gems/activesupport-4.1.9/lib/active_support/notifications/instrumenter.rb:20:ininstrument’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract_adapter.rb:367:in log' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:298:inexec_query’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/sqlite3_adapter.rb:510:in select' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract/database_statements.rb:24:inselect_all’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/connection_adapters/abstract/query_cache.rb:70:in select_all' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/querying.rb:39:infind_by_sql’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:611:in exec_queries' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:493:inload’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:238:in to_a' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:460:infind_take’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:98:in take' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation/finder_methods.rb:81:infind_by’
from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/relation.rb:209:in find_or_create_by' from /var/lib/gems/2.1.0/gems/activerecord-4.1.9/lib/active_record/querying.rb:6:infind_or_create_by’
from /opt/dradis/dradis-plugins/lib/dradis/plugins/content_service.rb:168:in default_parent_node' from /opt/dradis/dradis-plugins/lib/dradis/plugins/content_service.rb:65:increate_node’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:39:in block (2 levels) in import' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:237:inblock in each’
from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in upto' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:ineach’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:35:in block in import' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:237:inblock in each’
from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:in upto' from /var/lib/gems/2.1.0/gems/nokogiri-1.6.5/lib/nokogiri/xml/node_set.rb:236:ineach’
from /opt/dradis/dradis-nessus/lib/dradis/plugins/nessus/importer.rb:26:in import' from /opt/dradis/dradis-nessus/lib/tasks/thorfile.rb:36:inupload’
from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in run' from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:ininvoke_command’
from /usr/lib/ruby/vendor_ruby/thor.rb:359:in dispatch' from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:instart’
from /usr/lib/ruby/vendor_ruby/thor/runner.rb:36:in method_missing' from /usr/lib/ruby/vendor_ruby/thor/command.rb:29:inrun’
from /usr/lib/ruby/vendor_ruby/thor/command.rb:126:in run' from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:ininvoke_command’
from /usr/lib/ruby/vendor_ruby/thor.rb:359:in dispatch' from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:instart’
from /usr/bin/thor:6:in `'
kali2:/opt/dradis/dradisframework#

I hope this gives a hint.


#8

Hi Daniel,

I did the manual Nessus file upload which succeeded however the upload through the web portal gives me the same error as Kab00kie has. When I tried out the packaged Dradis I was able to start a worker thread, but how can I do this with the GIT install?


#9

@Robiin, as explained in the How do I run it? section of the Download page, when you get the package you run two scripts:

$ ./dradis-webapp  && ./dradis-worker

In order for this to work, you need Redis installed in the system.

The key line in the dradis-worker script is:

which you can duplicate by running the following in a new terminal window:

$ RAILS_ENV=production bundle exec rake resque:work

We’re looking into ways of making this ‘start’ process more user friendly though…

HTH


#10

This worked great, thank you!


#11

I replicated the steps you mentioned:

  1. make redis listen on port 127.0.0.1:6379
  2. restarted the redis server
  3. start worker with: RAILS_ENV=production bundle exec rake resque:work
  4. started dradis

Still, all I get is the “Enqueueing job to start…” message and no results.
I am using the community edition.
So why is dradis not parsing the file?


#12

@danielm this thread is ~1 year old. Have you followed the install steps in this guide? https://dradisframework.com/ce/documentation/install_git.html (#5 under “Setting up the app”) I’m wondering whether starting the worker with $ bundle exec rake resque:work instead would do the trick as dradis-ce runs in development by default.


#13

Thank you for your reply. I have acquired a pro license and surmise that the problem will vanish.