search

center-for-threat-informed-defense / caldera_pathfinder

Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
https://caldera.mitre.org/
Apache License 2.0
120 stars 26 forks source link

search for vulnerabilities pathfinder and connect nessus scanner #28

Closed ghost closed 3 years ago

ghost commented 3 years ago

Hello ) Please tell me, when I run the pathfinder scanner to search for the vulnerability of my network, and set the "script": "nmap-vulners" parameter, then the pathfinder plugin gives an error, what is the problem? And the second question is how can I connect a third-party scanner such as nessus to the pathfinder plugin?

mrengstrom commented 3 years ago

Hello as well,

For your first question about the error you experience when trying to scan using the nmap-vulners script, can you copy the log message you get back in the output window and paste it here? That will give an idea what might be happening. There also was a recent issue that was happening because of a change in the way nmap expected script folders to be passed now requiring a trailing slash in the directory name, make sure you have pulled the latest repo to have that change.

As for the second question about adding a new scanner to pathfinder, there is documentation on creating a new scanner and parser in the docs folder that should walk you through all the steps to add them as a module in the plugin. The scanner creation one is here: https://github.com/center-for-threat-informed-defense/caldera_pathfinder/blob/master/docs/scanner_creation.md for each scanner added you would also need to create a parser too, which is covered here: https://github.com/center-for-threat-informed-defense/caldera_pathfinder/blob/master/docs/parser_creation.md

Let me know if you need any more assistance or have any trouble following the documentation and I can help get you on the right track.

ghost commented 3 years ago

@mrengstrom you are very kind, thanks :) I will try to figure out how to connect the nessus scanner, this is a little difficult task for me.

Here is the error when I run patfinder with nmup-vulners:

scan initiated, depending on scope it may take a few minutes scan ID:7acaee81-d94f-4975-9631-d104fcdfdb1f failed. error output: NSE: failed to initialize the script engine: /usr/bin/../share/nmap/nse_main.lua:821: directory 'nmap-vulners' found, but will not match without '/' stack traceback: [C]: in function 'error' /usr/bin/../share/nmap/nse_main.lua:821: in local 'get_chosen_scripts' /usr/bin/../share/nmap/nse_main.lua:1312: in main chunk [C]: in ?

QUITTING!

p.s. pathfinder installed according to the instructions, without making any changes

mrengstrom commented 3 years ago

No problem and glad to help. I have looked a little into the Nessus scanner integration and it is a bit more intensive to integrate than nmap, but they do have a API for scanning and exporting results, that would be the way I would look at integrating it if I were to try. Also there are a few parsing libraries in python that could be imported to help build up a parser that would support the nessus xml report format if you just wanted to import an exported report and not initiate a scan from the UI.

As for your error log, it appears you are having the issue I mentioned that was a recent issue we addressed and pushed to master. So, you may want to go and pull latest from master and try running the scan again as it should now handle the latest version of nmap. Here was the PR resolving that issue, so you can check if your nmap scanner module has these code changes in it: https://github.com/center-for-threat-informed-defense/caldera_pathfinder/pull/27