Closed NotSoEthical closed 5 years ago
I have determined that my server.ini does not have connection string. But I don't know password for faraday_postgresql user. When I am changing the password from psql under postgres user, the faraday-manage tool brokes...
The another case which I have tried to is that I have remove all ~/.faraday dir and reinstall faraday-server from debian packet apt-get purge faraday-server
, deleted faraday-postgresql role and faraday database from postgresql and tried to faraday-manage initdb
again.
But after all re-installations the server.ini
still without db connection string
Please give some direction or advises how to fix.
Thank you.
Temporary fixed via adding postgresql user with permissions to manage faraday DB and putting credentials to the connection string in server.ini file.
Hi,
If you have the commercial version we can arrange a call to help you.
I will like to review your case.
Please check: https://support.faradaysec.com/portal/home
If you can send us the error of the initdb
that could be very helpful.
Also we have the faraday-manage support
command that will create a .zip files with logs to troubleshoot this problem.
Thanks! Leonardo
They make it impossibly difficult to set up in order to coerce an upgrade to the professional version. @NotSoEthical you are absolutely correct - The "faraday_postgresql" user and table is successfully initialized on install/first run but the user's password is not disclosed and no database connection string is created in the server.ini file. In fact, there's no documented reference to [database] in the .ini file or on their official documentation or FAQs (from what I can see) to even know that it should exist - making debugging near impossible.
The other possibility is utter incompetence. Good luck getting this project to install from either source (too many broken or depreciated dependencies - attempted on both OSX and Linux) or from the precompiled .deb file. Garbage, garbage, garbage. Was hoping to demo the product prior to pitching a license purchase but at this point I'm getting the idea this is "one of those" projects.
Like, excuse me? (Just one of about 4 examples of broken/incomplete build instructions) [Linux Source Install]
pip2 is depreciated since Jan 2020...... [OSX Source Install] Also, instructions are outdated. The requirements files have changed. The above instructions are incorrect.
Again, Python2/pip2 are depreciated for nearly a year now [OSX source install]
This is literally one of those projects that you spend hours configuring but will never work- It's just one problem after the other. OSX source install not working --> move to Linux source install on Kali. That fails --> install from .deb file. DB connection issue. Spend hours debugging that too. Fix that issue (no help from official documents, have to crawl through similar issues) and project still doesn't connect:
??
@jfarl If you have problems with the commercial version please contact out support.
We are currently updating the documentation. Our current version (3.12) runs in python3 so I don't understand the pip2 comment. Related to the postgres error did you tried to connect with that user from the command line?
If you like open a new issue and explain me your problems. I dont have any problem running the latest version in OSX
Hey I made a typo in that screenshot above but it doesn't matter. That's not the point. The correct username results in yet another error with the initdb command.
You get the honor of "one of those projects" when the documentation and build process is so broken that every conceivable way to building the project fails. A process this bad requiring so much debugging is also bound to result in user error such as above, compounding the issue. - I wonder how many people have sunk an entire evening into building this but ultimately gave up?
Your own dev install guide references pip2 and python2 -- https://github.com/infobyte/faraday/wiki/Development-Installation-OSX
Fix this: $ pip2 install -r requirements_server.txt -U $ pip2 install -r requirements.txt -U to $ pip install -r requirements.txt -U
$ brew install pygobject3 --with-python@2 to $ brew install pygobject3
Normal OSX install: https://github.com/infobyte/faraday/wiki/Install-Guide#macos $ pip install faradaysec
Good luck with all that.
Install from git repo instructions are broken:
Broken link: https://virtualenv.pypa.io/en/latest/userguide/
In conclusion, I'm not opening another issue because I'm no longer interested in creating a working project. I'm leaving this here as both a warning for wayward travelers and as a lever of work for improvements for your team. I'm already way past the "fail fast" cutoff I set for myself when building a new project - I let myself get carried away because this one seemed promising. I've sunk enough hours into getting a working version of this product for the point of demoing it to upper management to receive buyin for a purchase agreement. Even Dradis was able to get up and running with some minor config.
I'm coming from a previous client with a medium sized pentest team where in ~2017 we build a similar in-house platform for findings and test case tracking with built-in bi-directional Jira sync (major headache) for SDLC pentesting. The current client does not have the dev resources and I'm not willing to undertake a similar effort for a second time. Hence, looking for some commercial off-the-shelf product.
Issue Type
Faraday version
v 3.8 (commercial version)
Steps to reproduce
./faraday-server
Debugging tracebacks (current results)
Screenshots
The error:
Posgresql Is currently runned
Environment information
OS Kali-Linux psql (PostgreSQL) 10.3 (Debian 10.3-2) Python 2.7.14+
OS
$ cat /etc/lsb-release DISTRIB_ID=Kali DISTRIB_RELEASE=kali-rolling DISTRIB_CODENAME=kali-rolling DISTRIB_DESCRIPTION="Kali GNU/Linux Rolling"