search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.36k stars 161 forks source link

Recommended upgrade method breaks technique lookups #76

Closed initstring closed 4 years ago

initstring commented 4 years ago

Hi SRA!

Following the recommended upgrade steps here to 5.5.10 breaks the lookup of MITRE ATT&CK techniques.

The console logs the following error:

tomcat_1  | java.io.FileNotFoundException: Could not find file '/opt/vectr/resources/datasets/MITREATTACK/subtechniques-crosswalk.json'

This seems to be similar to this issue.

It might be worth updating the documentation to reflect a working upgrade strategy. I found that simply removing /opt/vectr/resources prior to running docker-compose up solves the issue for me.

So, currently the upgrade process advises to run:

docker-compose down
docker-compose up

And might be tweaked to this instead:

# Stop the running containers
docker-compose down

# Backup the resources directory
mv /opt/vectr/resources /opt/vectr/resources-bak

# Bring up the new version
docker-compose up
carlvonderheid commented 4 years ago

This has been fixed in the 5.6.2 release, thanks!