search

HASecuritySolutions / VulnWhisperer

Create actionable data from your Vulnerability Scans
https://twitter.com/VulnWhisperer
Apache License 2.0
1.35k stars 271 forks source link

Jira Module (Cloud) #201

Open butsh opened 4 years ago

butsh commented 4 years ago

The following error appears during running jira section: ERROR:root:main:'float' object has no attribute 'replace' ERROR: 'float' object has no attribute 'replace'

The nessus section ran perfectly

Ubuntu server 18.04.03 LTS Python 2.7.15

qmontal commented 4 years ago

Hi @butsh :)

I understand that the error appears as in "main", but that is because the function crashed and went backwards with the error that caused the issue to the main function. It doesn't seem to be a part of the jira module code on first sight though, as the only place where the replace function is used, is in a piece of code that is not yet used in lines 312/313 from the jira module.

Could you run VulnWhisperer again with the "-d" debug flag to see the rest of the execution trail?

Glad you are testing the module!

Cheers!

Edit: Didn't notice the (Cloud) part, it could bring up some untested issues that I didn't see in local but we'll see once we understand this specific issue.

butsh commented 4 years ago

Hi @qmontal Thank you for your fast and prompt reply the output from the debug flag is as follows:

~$ vuln_whisperer -c /home/ubuntu/VulnWhisperer/configs/frameworks.ini -s jira -d INFO:root:main:Running vulnwhisperer for section jira DEBUG:vwConfig:get:Calling get for jira:enabled DEBUG:vwConfig:get:Calling get for jira:hostname DEBUG:vwConfig:get:Calling get for jira:username DEBUG:vwConfig:get:Calling get for jira:password DEBUG:vwConfig:get:Calling get for jira:write_path DEBUG:vwConfig:get:Calling get for jira:db_path DEBUG:vwConfig:getbool:Calling getbool for jira:verbose INFO:vulnWhispererBase:init:Connected to database at /home/ubuntu/data/database/report_tracker.db INFO:vulnWhispererJira:directory_check:Directory already exist for /home/ubuntu/data/jira/ - Skipping creation INFO:vulnWhispererJira:init:Attempting to connect to jira... DEBUG:vwConfig:get:Calling get for jira:write_path DEBUG:urllib3.connectionpool:_new_conn:Starting new HTTPS connection (1): xxxxx.atlassian.net:443 DEBUG:urllib3.connectionpool:_make_request:https://xxxxx.atlassian.net:443 "GET /rest/api/2/serverInfo HTTP/1.1" 200 None DEBUG:urllib3.connectionpool:_make_request:https://xxxxxx.atlassian.net:443 "GET /rest/api/2/field HTTP/1.1" 200 None INFO:JiraAPI:init:Created vjira service for https://xxxxxx.atlassian.net INFO:JiraAPI:download_tickets:Saving locally tickets from the last 12 months DEBUG:urllib3.connectionpool:_make_request:https://xxxxx.atlassian.net:443 "GET /rest/api/2/search?jql=labels%3Dvulnerability_management+AND+created+%3E%3DstartOfMonth%28-12%29&validateQuery=True&startAt=0 HTTP/1.1" 200 None INFO:JiraAPI:download_tickets:Tickets saved succesfully. INFO:JiraAPI:close_obsolete_tickets:Closing obsolete tickets older than 12 months DEBUG:urllib3.connectionpool:_make_request:https://xxxxx.atlassian.net:443 "GET /rest/api/2/search?jql=labels%3Dvulnerability_management+AND+created+%3CstartOfMonth%28-12%29+and+resolution%3DUnresolved&validateQuery=True&startAt=0 HTTP/1.1" 200 None INFO:JiraAPI:decommission_cleanup:Deleting 'server_decommission' tag from tickets closed more than 3 months ago DEBUG:urllib3.connectionpool:_make_request:https://xxxxx.atlassian.net:443 "GET /rest/api/2/search?jql=labels%3Dvulnerability_management+AND+labels%3Dserver_decommission+and+resolutiondate+%3C%3DstartOfMonth%28-3%29&validateQuery=True&startAt=0 HTTP/1.1" 200 None INFO:vulnWhispererJira:init:Connected to jira on xxxxx.atlassian.net DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.xxxxx DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.xxxxx . . . DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.xxxxx DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.xxxxx INFO:vulnWhisperer:whisper_vulnerabilities:No source/scan_name selected, all enabled scans will be synced DEBUG:vwConfig:get:Calling get for nessus:autoreport WARNING:vwConfig:get_sections_with_attribute:Section nessus has no option 'autoreport' DEBUG:vwConfig:get:Calling get for tenable:autoreport WARNING:vwConfig:get_sections_with_attribute:Section tenable has no option 'autoreport' DEBUG:vwConfig:get:Calling get for qualys_web:autoreport WARNING:vwConfig:get_sections_with_attribute:Section qualys_web has no option 'autoreport' DEBUG:vwConfig:get:Calling get for qualys_vuln:autoreport WARNING:vwConfig:get_sections_with_attribute:Section qualys_vuln has no option 'autoreport' DEBUG:vwConfig:get:Calling get for detectify:autoreport WARNING:vwConfig:get_sections_with_attribute:Section detectify has no option 'autoreport' DEBUG:vwConfig:get:Calling get for openvas:autoreport WARNING:vwConfig:get_sections_with_attribute:Section openvas has no option 'autoreport' DEBUG:vwConfig:get:Calling get for jira:autoreport WARNING:vwConfig:get_sections_with_attribute:Section jira has no option 'autoreport' DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:autoreport . . . DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:source DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:scan_name INFO:vulnWhispererJira:jira_sync:Jira Sync triggered for source 'nessus' and scan 'xxxxx' DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.xxxxx DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:jira_project DEBUG:urllib3.connectionpool:_make_request:https://xxxxx.atlassian.net:443 "GET /rest/api/2/project/IDDFT HTTP/1.1" 200 None DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:components DEBUG:vwConfig:get:Calling get for jira.nessus.xxxxx:min_critical_to_report DEBUG:vwConfig:get:Calling get for nessus:write_path DEBUG:vwConfig:get:Calling get for jira:dns_resolv ERROR:root:main:'float' object has no attribute 'replace' ERROR: 'float' object has no attribute 'replace'

qmontal commented 4 years ago

Hi @butsh!

The problem is that, I don't know which value is in your config file in the jira:dns_resolv variable, but it should be either "True" or "False", but the content is caught as float for Python, and when trying to operate and parse it to normalize the values, it breaks because a float can't be treated as a string. The issue is in this line of code.

You will have to review the value of the variable and change it to whatever fits you; I don't know if it is well documented, but what that variable does is enabling host resolution (from the vulnwhisperer server) of the assets with vulnerabilities comming from the scanners that DON'T have any hostname.

Cheers!