search

factionsecurity / faction

Pen Test Report Generation and Assessment Collaboration
https://www.factionsecurity.com/
GNU General Public License v2.0
407 stars 27 forks source link

Some problems with SMTP integration, select Checklist and Generate report #33

Open codessensei opened 6 months ago

codessensei commented 6 months ago

Hello. I encountered an error while trying to configure SMTP settings. Inputs include SMTP server, port, password and so on. When you type and save, a few TAB spaces are added before and after the text written to the input. I think this is why I couldn't get SMTP and e-mails to work. Does anyone know the solution to this problem? image

Edit :

Also i can not select checklist from Checlists tab in Assesment page of project. I created checklists, but the dropdown does not appear in the list.

image

Also i can not generate report. When i click to generate report button under finalize tab loader waiting for 3-4 second and not showing any error or any information about it.

image

Originally posted by @codessensei in https://github.com/factionsecurity/faction/discussions/31

codessensei commented 6 months ago

image And this error

summitt commented 6 months ago

@codessensei The first issue you mentioned, related to the spacing in the parameters, was updated this weekend in release 1.1.25.1. Try it again and see if that mitigates your issue.

The issue related to checklists is most likely that you didn't assign an assessment type to the checklist as shown below: image

The issue related to not being able to generate a report is mostly likely an issue with saving the default template upon installation. This usually happens when you are Self-hosting Faction and do not have the proper permissions for it to save to the file system. It needs permission to read and write to ~/.faction for whatever user you run Faction under. Ensure the permissions are set correctly and re-upload the assessment template in Templates->Report Designer. A default template can be found here

I'm trying to recreate the CSRF issue you generated. I might need more information to reproduce.

summitt commented 6 months ago

@codessensei In Faction 1.1.26.0 we moved report templates into the database instead of the file system. This might fix the issue you were having with not being able to generate a report. I also want to point out that it can take up to a minute to generate an assessment report.

The longer report times usually happen when one of the following happen:

  1. It's the first time you have generated a report in a while
  2. Large reports can take longer

If it takes a while it should not be a problem. You will get a notification in the dashboard once it's done.

If it has been a while and you attempt to download the report and nothing is downloaded then it's probably one of these things:

  1. There isn't an assessment report template associated with your security Assessment Type
  2. There isn't an assessment report template associated with your assessment Team.
  3. If Team and Assessment Type are set correctly then it could be retest is set to true. This would make the template only valid for retests and not full assessments.

Let me know if your still having issues.

vijayarajeswaransp commented 5 months ago

Hi, I am using Office 365 to set up SMTP. I have filled in all the input fields, and they were saved successfully. However, I am unable to receive emails, and no errors are being displayed. Can you help me out to fix this issue?

summitt commented 5 months ago

Let me recreate using office365 and get back to you.