search

Security-Tools-Alliance / rengine-ng

reNgine-ng is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface.
GNU General Public License v3.0
12 stars 6 forks source link

bug(tools): Updating tools hangs and results 500 error #10

Open psyray opened 2 months ago

psyray commented 2 months ago

Is there an existing issue for this?

Current Behavior

From @pekkajalonen

When updating some tools in arsenal, example ctfr will caus web to hang with "Downloading laterst version..." and looking at the container logs, it shows:

django.server | "GET /api/github/tool/get_latest_releases/?tool_id=12 HTTP/1.0" 200 38 run_command | INFO | cd /usr/src/github/ctfr && git pull && cd - run_command | WARNING | None django.server | "GET /api/tool/update/?tool_id=12 HTTP/1.0" 500 133332

Expected Behavior

Update should respond if the update was successfull or not.

Steps To Reproduce

  1. In tool arsenal, select ctfr and click Check Update
  2. Click Force download
  3. Web page hangs in "Downloading laterst version..."

Environment

- reNgine: 2.0.2 (fresh install)
- OS: Ubuntu 22.04
- Python: 3.10.12
- Docker Engine: 24.0.6
- Docker Compose: 2.21.0
- Browser: Microsoft Edge 120.0.2210.61

Anything else?

No response

psyray commented 2 months ago

I can reproduce image

I will have a look

I've tested again it happens when you click on Force download. In this case there is no way to update automatically. image

Seems there is a problem of subprocess params not well exploded