search

KvasirSecurity / Kvasir

Kvasir: Penetration Test Data Management
Other
424 stars 85 forks source link

Fix for Traceback post create new vuln #146

Closed juushya closed 9 years ago

juushya commented 10 years ago

When I create a new vuln which is not present in the existing vuln db, in the bottom, there are three tabs - Hosts, Exploits and References. After entering details of and saving the new vuln, Kvasir waits for some time and later throws a traceback under the Hosts tab.

Initial traceback is with 'id' field shown below -

Traceback (most recent call last):\n  File "/opt/SPA/web2py/gluon/restricted.py", line 224, in restricted\n    exec ccode in environment\n  File "/opt/SPA/web2py/applications
/telconetint/controllers/vulns.py", line 807, in <module>\n  File "/opt/SPA/web2py/gluon/globals.py", line 393, in <lambda>\n    self._caller = lambda f: f()\n  File "/opt/SPA/
web2py/gluon/tools.py", line 3439, in f\n    return action(*a, **b)\n  File "/opt/SPA/web2py/applications/kvasir/controllers/vulns.py", line 107, in vuln_hosts_by_vulnid\n
    paginate=None,\n  File "/opt/SPA/web2py/gluon/sqlhtml.py", line 2355, in grid\n    search_menu = SQLFORM.search_menu(sfields, prefix=prefix)\n  File "/opt/SPA/web2py/gluon/
sqlhtml.py", line 1833, in search_menu\n    _class=\'form-control\',\n  File "/opt/SPA/web2py/gluon/validators.py", line 579, in options\n    self.build_set()\n  File "/opt/SPA
/web2py/gluon/validators.py", line 576, in build_set\n    self.labels = [self.label(r) for r in records]\n  File "/opt/SPA/web2py/applications/kvasir/models/db_02_kvasir.p
y", line 80, in <lambda>\n    format=lambda r:XML("%s :: %s/%s" % (db.t_hosts[r.f_hosts_id.id].f_ipaddr, r.f_proto, r.f_number)),\nAttributeError: \'NoneType\' object has no at
tribute \'id\'\n'

..... I figured 'id' can be removed and so can f_ipaddr. I am not sure if removing these will affect any other component / modules. Still getting started on kvasir code base. So please check.

grutz commented 10 years ago

The purpose of the format is to show IP address, protocol and number (192.168.0.1 :: tcp/80) so your change will change that view to be (1 :: tcp/80) instead.

I think the accurate fix would be:

    format=lambda r:XML("%s :: %s/%s" % db.t_hosts[r.f_hosts_id].f_ipaddr, r.f_proto, r.f_number)),

Can you try it and see?

juushya commented 10 years ago

Hi Kurt,

This throws the following error:

<type 'exceptions.AttributeError'> 'NoneType' object has no attribute 'f_ipaddr'
grutz commented 9 years ago

This appears to be fixed with https://github.com/KvasirSecurity/Kvasir/commit/1ca9a5b453fc5395a097ee1a818a278f6c885cdc#diff-e1dd9dddba9757b5282b404e309a2b93R80 so I'm closing this. Let me know if you're seeing anything different.