Import from Qualys failed

Hi,

I try to import a csv from qualys but the import fails

[14:08:05] Small attachment detected. Processing in line.
[14:08:05] Parsing Qualys output file…
[14:08:05] Done.
[14:08:05] There was a fatal error processing your upload:
[14:08:05] undefined method `name’ for nil:NilClass
[14:08:05] Worker process completed.

Does somebody have the qualys import working? Or is there a way to debug this issue?

Looking into this. I was going to suggest you use the CLI to pinpoint the problem but for some reason the Qualys upload task is not showing up.

I think I fixed the bug in the following commits:
https://github.com/dradis/dradis-nmap/commit/8badb5e5d02e3f3540938d88b5315a974fb523f5
https://github.com/dradis/dradis-nessus/commit/b019826b52eb05c36743be729bc6ec0628a7f8a8
https://github.com/dradis/dradisframework/commit/7b735940e10bf41a63ed5cb4cafd285616c7ccfa

So git pull all the three repos (nmap, nessus and main) and run:

RAILS_ENV=production bundle exec \
  thor dradis:plugins:qualys:upload /path/to/file.xml

Hi,

Sorry for the late reply, but I was a bit busy…

When I execute the “thor dradis:plugins:qualys:upload”, the command is unavailable;

[staf@creja dradisframework]$ bundle exec thor dradis:plugins:qualys:upload
Could not find command “dradis:plugins:qualys:upload”.
[staf@creja dradisframework]$

[staf@creja dradisframework]$ bundle exec thor list
dradis

thor dradis:backup # creates a backup of your current repository
thor dradis:export:word # export the current repository structure as a Word report
thor dradis:import:msf:all # Import the hosts, sevices, notes, etc from Metasploit
thor dradis:import:osvdb:lookup ID # search the OSVDB for a specific ID
thor dradis:import:osvdb:search QUERY # search the OSVDB with a general query
thor dradis:reset # resets your local dradis repository
thor dradis:reset:attachments # removes all attachments
thor dradis:reset:database # removes all data from a dradis repository, except configurations
thor dradis:reset:logs # removes all log files
thor dradis:reset:password # Set a new shared password to access the web interface
thor dradis:server # start dradis server
thor dradis:settings [NAMESPACE] # list dradis settings, with an optional namespace to filter the results
thor dradis:settings:get SETTING # get the value of a dradis setting
thor dradis:settings:set SETTING VALUE # change the value of a dradis setting
thor dradis:setup:configure # Creates the Dradis configuration files from their templates (see config/*.yml.template)
thor dradis:setup:migrate # ensures the database schema is up-to-date
thor dradis:setup:seed # adds initial values to the database (i.e., categories and configurations)
thor dradis:upload:nexpose FILE # upload NeXpose results
thor dradis:upload:nikto FILE # upload nikto results
thor dradis:upload:nmap FILE # upload the results of an Nmap scan
thor dradis:upload:openvas FILE # upload OpenVAS results
thor dradis:upload:retina FILE # upload Retina results
thor dradis:upload:surecheck FILE # Upload a SureCheck .sc file
thor dradis:upload:typhon FILE # upload typhon results
thor dradis:upload:w3af FILE # upload w3af results
thor dradis:upload:wxf FILE # upload wXf results
thor dradis:upload:zap FILE # upload ZAP results
thor dradis:version # displays the version of the dradis server

[staf@creja dradisframework]$

The qualys upload is also not available in the vendor/plusins directory

[staf@creja dradisframework]$ cd vendor/plugins/
[staf@creja plugins]$ ls
bj nexpose_upload nmap_upload osvdb_import retina_upload typhon_upload word_export zap_upload
msf_import nikto_upload openvas_upload restful-authentication surecheck_upload w3af_upload wxf_upload
[staf@creja plugins]$

But it is available through the web interface, and It still fails after the git pull.
Are there extra steps required to install the commandline version?

cheers,


staf

Can you confirm the contents of Gemfile.plugin?

Can you see dradis-qualis under ./vendor/cache/

What about:

$ RAILS_ENV=production bundle exec thor -T

HTH

Can you confirm the contents of Gemfile.plugin?

[staf@creja dradisframework]$ pwd
/home/staf/git/dradis/dradisframework
[staf@creja dradisframework]$ ls -l Gemfile.plugins
-rw-rw-r-- 1 staf staf 4247 Oct 1 14:58 Gemfile.plugins
[staf@creja dradisframework]$

The Gemfile.plugin contains the next lines about dradis;1

if Dir.exists?(’…/dradis-qualys’) && !ENV[‘PACKAGING’]
gem ‘dradis-qualys’, path: '…/dradis-qualys’
else
gem ‘dradis-qualys’, github: 'dradis/dradis-qualys’
end

Can you see dradis-qualis under ./vendor/cache/

No, it isn’t there…

[staf@creja dradisframework]$ cd vendor/cache/
[staf@creja cache]$ ls -l | grep -i q
-rw-rw-r-- 1 staf staf 57344 Oct 12 13:20 jquery-fileupload-rails-0.4.4.gem
-rw-rw-r-- 1 staf staf 7168 Oct 1 14:43 jquery-hotkeys-rails-0.7.9.1.gem
-rw-rw-r-- 1 staf staf 190464 Oct 12 13:20 jquery-rails-3.1.2.gem
-rw-rw-r-- 1 staf staf 95232 Oct 1 14:43 resque-1.25.2.gem
-rw-rw-r-- 1 staf staf 23552 Oct 12 13:20 resque-status-0.4.3.gem
-rw-rw-r-- 1 staf staf 60928 Oct 1 14:43 sqlite3-1.3.9.gem
[staf@creja cache]$

What about:

$ RAILS_ENV=production bundle exec thor -T

[staf@creja dradisframework]$ RAILS_ENV=production bundle exec thor -T
dradis

thor dradis:backup # creates a backup of your current repository
thor dradis:export:word # export the current repository structure as a Word report
thor dradis:import:msf:all # Import the hosts, sevices, notes, etc from Metasploit
thor dradis:import:osvdb:lookup ID # search the OSVDB for a specific ID
thor dradis:import:osvdb:search QUERY # search the OSVDB with a general query
thor dradis:reset # resets your local dradis repository
thor dradis:reset:attachments # removes all attachments
thor dradis:reset:database # removes all data from a dradis repository, except configurations
thor dradis:reset:logs # removes all log files
thor dradis:reset:password # Set a new shared password to access the web interface
thor dradis:server # start dradis server
thor dradis:settings [NAMESPACE] # list dradis settings, with an optional namespace to filter the results
thor dradis:settings:get SETTING # get the value of a dradis setting
thor dradis:settings:set SETTING VALUE # change the value of a dradis setting
thor dradis:setup:configure # Creates the Dradis configuration files from their templates (see config/*.yml.template)
thor dradis:setup:migrate # ensures the database schema is up-to-date
thor dradis:setup:seed # adds initial values to the database (i.e., categories and configurations)
thor dradis:upload:nexpose FILE # upload NeXpose results
thor dradis:upload:nikto FILE # upload nikto results
thor dradis:upload:nmap FILE # upload the results of an Nmap scan
thor dradis:upload:openvas FILE # upload OpenVAS results
thor dradis:upload:retina FILE # upload Retina results
thor dradis:upload:surecheck FILE # Upload a SureCheck .sc file
thor dradis:upload:typhon FILE # upload typhon results
thor dradis:upload:w3af FILE # upload w3af results
thor dradis:upload:wxf FILE # upload wXf results
thor dradis:upload:zap FILE # upload ZAP results
thor dradis:version # displays the version of the dradis server

[staf@creja dradisframework]$

If the above lines are not commented, then, can you confirm you’ve got a section about dradis-qualys in your Gemfile.lock file? If not, try bundle install to install dependencies and check again.

HTH,
Daniel