Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
When running a Pathfinder scan, the default scan parameters in the GUI are not passed on to the scanner. This can also be seen in the output next to the input fields in the GUI.
More precisely, the fields "script" and "pingless" are empty.
To reproduce
Fresh install CALDERA 4.1.0 and Pathfinder plugin
Open Pathfinder plugin page
Choose nmap scanner and enter ip adress
Click "Scan"
Expected behavior
The pathfinder nmap scan is executed with the default parameters that are seen in the GUI ("script: nmap-vulners, pingless: false").
Screenshot
First run shows output when executing steps from "to reproduce"
Second run shows output when first selecting another scanner script and then nmap-vulners again and also checking and un-checking the "no ping" box
Current Workaround
~To get the pathfinder plugin in to work with the nmap-vulners script, one has to add another script to the plugin. Only by selecting another script and then re-seleting the nmap-vulners script, the field in the scan parameters that can be seen in the output box is set. Without a second scanner script I cannot get the plugin to use the nmap-vulners script at all!
Same applies for the "pingless" field, but here it is easier to check and un-check the box.~
Update for easier workaround: Edit the pathfinder/scanners/nmap/scanner.py lines 30 and 33.
self.script = script or "nmap-vulners"
self.pingless = pingless or False
The parameters are still not shown in the output box, but since they are not set when creating the new scanner object, the defined default values are used instead and the scan works as intended.
Suggested fix
The "pingless" part can be fixed by editing line 33 of the nmap/scanner.py as shown above.
The "script" part should still be just considered a workaround because when another script is shown in the drop down menu by default, still the vulners script will be used when the parameter is not set in the scanner fields.
Hello everyone, I already mentioned this bug in https://github.com/mitre/caldera/issues/2650#issuecomment-1306777872 but since I found another problem regarding this bug I wanted to open an issue for the bug itself here.
CALDERA Version: 4.1.0 Pathfinder Plugin: Newest master branch Browser: Firefox and Chrome
Bug Description
When running a Pathfinder scan, the default scan parameters in the GUI are not passed on to the scanner. This can also be seen in the output next to the input fields in the GUI. More precisely, the fields "script" and "pingless" are empty.
To reproduce
Expected behavior The pathfinder nmap scan is executed with the default parameters that are seen in the GUI ("script: nmap-vulners, pingless: false").
Screenshot
Current Workaround ~To get the pathfinder plugin in to work with the nmap-vulners script, one has to add another script to the plugin. Only by selecting another script and then re-seleting the nmap-vulners script, the field in the scan parameters that can be seen in the output box is set. Without a second scanner script I cannot get the plugin to use the nmap-vulners script at all! Same applies for the "pingless" field, but here it is easier to check and un-check the box.~ Update for easier workaround: Edit the pathfinder/scanners/nmap/scanner.py lines 30 and 33.
The parameters are still not shown in the output box, but since they are not set when creating the new scanner object, the defined default values are used instead and the scan works as intended.
Suggested fix The "pingless" part can be fixed by editing line 33 of the nmap/scanner.py as shown above. The "script" part should still be just considered a workaround because when another script is shown in the drop down menu by default, still the vulners script will be used when the parameter is not set in the scanner fields.