search

cisagov / untitledgoosetool

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.
Creative Commons Zero v1.0 Universal
904 stars 77 forks source link

No such file or directory #29

Closed dustindreese closed 1 year ago

dustindreese commented 1 year ago

🐛 Summary

What's wrong? Please be specific.

To reproduce

Steps to reproduce the behavior:

  1. Do this Followed installation instructions
  2. Then this - Try to run the auth from goosey gui

Expected behavior

What did you expect to happen that didn't? run without error

Any helpful log output or screenshots

Paste the results here: image

Add any screenshots of the problem here.

victoriawallace-cisa commented 1 year ago

It looks like its an error with the gooey python module and Windows. Here's how to fix it:

  1. Download the Gooey source code from here: https://github.com/chriskiehl/Gooey/archive/refs/tags/1.0.8.1.zip
  2. Extract the .zip.
  3. Open the following file in a text editor: gooey/gooey/gui/cli.py
  4. Replace the file with the following code: 
    
import sys

from itertools import chain

from copy import deepcopy

from gooey.util.functional import compact

def buildCliString(target, cmd, positional, optional, suppress_gooey_flag=False): positionals = deepcopy(positional) if positionals: positionals.insert(0, "--")

cmd_string = ' '.join(compact(chain(optional, positionals)))

if cmd != '::gooey/default':
    cmd_string = u'{} {}'.format(cmd, cmd_string)

ignore_flag = '' if suppress_gooey_flag else '--ignore-gooey'
if sys.platform == 'win32':
    return u'{}-script.py {} {}'.format(target, ignore_flag, cmd_string)
else:
    return u'{} {} {}'.format(target, ignore_flag, cmd_string)

5. In the Gooey folder, run a `python -m pip install .` (Make sure you are in the folder for the Gooey module).
6. Re-install the untitledgoosetool as well `python -m pip install .` or `python3 -m pip install .`
7. Run `goosey-gui`

Please let us know if that fixes the issue.
dustindreese commented 1 year ago

Just want to ensure I am following directions correctly. At step 5 you want me to rerun that command inside the folder downloaded right?

Dustin Dreese, CyberSecurity Domain Engineer Information Security @.***

From: victoriawallace-cisa @.> Sent: Friday, April 14, 2023 11:30 AM To: cisagov/untitledgoosetool @.> Cc: Dustin.Dreese @.>; Author @.> Subject: [EXT] Re: [cisagov/untitledgoosetool] No such file or directory (Issue #29)

[CAUTION EXTERNAL EMAIL]

This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you suspect this email is malicious, please forward to @.***' or click the Phish Alert button in your Outlook client.

It looks like its an error with the gooey python module and Windows. Here's how to fix it:

  1. Download the Gooey source code from here: https://github.com/chriskiehl/Gooey/archive/refs/tags/1.0.8.1.ziphttps://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fgithub.com%2fchriskiehl%2fGooey%2farchive%2frefs%2ftags%2f1.0.8.1.zip&umid=9F5D2210-F94D-8405-8944-81CAF2BE8974&auth=093a4b527975060589a391772a3e2db55fc9b3cf-68dd27265bf1679f43c5fd7347eb2901797106c3
  2. Extract the .zip.
  3. Open the following file in a text editor: gooey/gooey/gui/cli.py
  4. Replace the file with the following code:

import sys

from itertools import chain

from copy import deepcopy

from gooey.util.functional import compact

def buildCliString(target, cmd, positional, optional, suppress_gooey_flag=False):

positionals = deepcopy(positional)

if positionals:

    positionals.insert(0, "--")

cmd_string = ' '.join(compact(chain(optional, positionals)))

if cmd != '::gooey/default':

    cmd_string = u'{} {}'.format(cmd, cmd_string)

ignore_flag = '' if suppress_gooey_flag else '--ignore-gooey'

if sys.platform == 'win32':

    return u'{}-script.py {} {}'.format(target, ignore_flag, cmd_string)

else:

    return u'{} {} {}'.format(target, ignore_flag, cmd_string)
  1. In the Gooey folder, run a python -m pip install . (Make sure you are in the folder for the Gooey module).
  2. Re-install the untitledgoosetool as well python -m pip install . or python3 -m pip install .
  3. Run goosey-gui

Please let us know if that fixes the issue.

— Reply to this email directly, view it on GitHubhttps://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fgithub.com%2fcisagov%2funtitledgoosetool%2fissues%2f29%23issuecomment%2d1508797078&umid=9F5D2210-F94D-8405-8944-81CAF2BE8974&auth=093a4b527975060589a391772a3e2db55fc9b3cf-85eea2548a476237e4f1cb83cf899ea1155d9df2, or unsubscribehttps://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fgithub.com%2fnotifications%2funsubscribe%2dauth%2fA7FXA2YZ6B6DENB4MXD7CPDXBFUQHANCNFSM6AAAAAAW6QJV6Y&umid=9F5D2210-F94D-8405-8944-81CAF2BE8974&auth=093a4b527975060589a391772a3e2db55fc9b3cf-6e8409b097178570f0a7e90a6e30946d559c043a. You are receiving this because you authored the thread.Message ID: @.**@.>>

victoriawallace-cisa commented 1 year ago

Yes, go ahead and run it in the gooey folder that you downloaded. It should uninstall the version of gooey that you have and then install the modified gooey.