Just a question

[Teicu]

Hey everyone,

So, I recently set up this tool on my Mac, and it all went smoothly without any errors.

I initiated a scan using the terminal command: mantis onboard -o google -t google.com

But here's the thing: it's been over 5 hours now, and there's still nothing showing up on the Mantis Dashboard. Any clue what might be going on, or where I might've messed up?

Thank you

[Teicu]

tool running

[topscoder]

You probably need to wait until the first onboard scan finished before the dashboard is setup. Use a small scope target (not google.com as it's huge) to easily test if the dashboard is setup correctly afterwards.

[0xbharath]

@Teicu On that note, we have built a custom dashboard that's faster and simpler than Appsmith. Can you try it out https://github.com/PhonePe/mantis/blob/main/setup/docker/docker-setup-macos-experimental.sh ? Would like to hear some feedback.

[Teicu]

@Teicu On that note, we have built a custom dashboard that's faster and simpler than Appsmith. Can you try it out https://github.com/PhonePe/mantis/blob/main/setup/docker/docker-setup-macos-experimental.sh ? Would like to hear some feedback.

Thank you for your answer.

Can you please explain what I have to do exactly and how? Shall I start again from scratch?

[Ncoder2]

Also, @Teicu , do the following steps to see if the data is present:

docker exec -it {{mongosh_container_id}} /bin/bash mongosh mongodb://10.10.0.3:27017/?directConnection=true

In the shell: use mantis show collections db.assets_collection.find()

check if this returns data to confirm the scans are running

[Teicu]

I can confirm that the scanner is up and running, and I've managed to gather some data on the domain I'm scanning, including its subdomains.

it looks like this:

app: 'None', source: 'external', created_timestamp: '2024-04-18T12:44:45.169309+05:30', cdn_names: [], waf: [], ports: [], as_number: null, as_name: null, as_country: null, as_range: [], dns: null, ipinfo: {}, technologies: [], webserver: [], updated_timestamp: '2024-04-18T16:12:40.620592+05:30', active_hosts: [], stale: false, repositories: null, others: {} } ] Type "it" for more mantis>

[Teicu]

Basically, the scanner has been running for 27 hours already and it's only 38%.

SCAN: 38%|██████████████████████████████▍ | 861/2295 [27:01:38<42:55:09, 107.75s/it]

But as I said, I don't see anything in Dashboard

[Ncoder2]

Hi @Teicu , so we have a number of modules that run starting from discovery, pre-recon, recon, scan etc. A few more questions:

1. db.assets_collection.find().count(), whats the count and do you see data in any of the assets ?

2. Also, whats the command you ran, i dont see the org name ? The reason i ask is if this data is filled up, then you should be able to see the results on the dashboard.

3. Also, did you setup the dashboard basedon these instructions - https://github.com/PhonePe/mantis?tab=readme-ov-file#dashboard-setup-

And as Bharath suggested, it would be good to start with a smaller domain.

Lastly, the scan is a very CPU intensive process, it is going to run a scan (nuclei) on all the subdomains discovered. Considering that org you are scanning might have a large assets, it might take considerable time.

[Teicu]

btw, so I will only be able to see the result in the Mantis Dashboard when the scan finishes in the terminal?

the command I used is mantis onboard -o google -t google.com

and yes, to setup the dashboard I used the instructions from here https://github.com/PhonePe/mantis?tab=readme-ov-file#dashboard-setup-

[Teicu]

I managed to resolve the issue in the end. Essentially, I initiated the Mantis Docker dashboard from Docker Desktop, which automatically launched another dashboard on localhost. Consequently, I had been futilely waiting to observe the outcome at http://mantis.dashboard:1337.

thank you all