search

CervantesSec / cervantes

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
https://www.cervantessec.org/
Apache License 2.0
278 stars 41 forks source link

[Question] Create a vulnerability from a vulnerability template #7

Closed noraj closed 2 years ago

noraj commented 2 years ago

I found out the way to create vulnerability template or to create a vulnerability from scratch but how do I create a vulnerability from a vulnerability template?

noraj commented 2 years ago

By reading https://cervantessec.github.io/docs/usage/vulnerabilities/templates/ I found out that one has to

  1. Go to the template page
  2. Edit the desired vuln template image
  3. unselect the template checkbox
  4. edit the vuln
  5. click edit to save the vuln as a regular vulnerability that will automatically be added to the current workspace

but doing so fails like this (http://localhost/en/Workspace/2/Vuln/Template/1)

image

if instead I click on image the template and then click edit at the bottom of the page image I have the same kind of error but the page is different (http://localhost/en/Workspace/2/Vuln/Edit/1)

image

noraj commented 2 years ago

I'm not sure I'm doing it the intended way but it seems a bit unintuitive and click-consuming to do it. Also having to uncheck the template checkbox is dangerous because if you forgot to do it you'll edit the template instead of the project vuln.

noraj commented 2 years ago

For that I invite you to quickly deploy and test https://github.com/pwndoc/pwndoc, create an audit (project), create vulns template, and the going in the project view to search and add a vuln from a template, they have a good way to do it.

mesquidar commented 2 years ago

Hi,

I made some changes I added this button to properly clone the vulnerability with this option the template checkbox will be unchecked by default. Note: Now with the edit button you only be able to edit the template and will not create a new vulnerability template icon

To create a template just create a normal vulnerability and just check the Template Checkbox once finished this vuln will appear on Templates. Then go to Templates select the clone option and edit the information you want once finished. the create button will create a new normal vulnerability

template create

I will remain this issue opened if there are any doubts

Best regards

noraj commented 2 years ago

Is there a dev docker-compose? Because the actual one rely on the dockerhub image mesq/cervantes so it's not building latest commit from github.

mesquidar commented 2 years ago

Hi I built the image again, if you can try te docker-compose again :)

Best regards

noraj commented 2 years ago

Yes it's working it a bit better 🥳

mesquidar commented 2 years ago

Nice! I close the issue if it's repeating the bug I will reopen

Best regards