ERROR Error Code 0 error Response Text undefined vulsrepo report

[nateambringit]

Hi, when i select the result of vuls for viewing in vulsrepo, vulsrepo display like that. i am trying to copy the result/ from my vuls directory /usr/share/vuls/result to /opt/vuls/result but nothing change. what's problem here and how to fix this? Thank you.

vuls dir : /usr/share/vuls/
vulsrepo : /home/ubuntu/go/src/github.com/ishiDACo/vulsrepo/

[ishiDACo]

Please check vulsrepo-config.toml.

[Server]
resultsPath  = "/opt/vuls/results"

If resultsPath is /opt/vuls/results, you need to copy /opt/vuls/results, not /opt/vuls/result.

For example,

$ pwd
/opt/vuls
$ tree .
.
└── results
    ├── 2020-11-16T07:38:02Z
    │   ├── localhost.json
    │   ├── oracle_linux7.json
    │   ├── raspberry10.json
    │   └── vuls@localhost.json
    ├── 2020-11-17T01:14:17Z
    │   └── localhost.json
    └── current -> /opt/vuls/results/2020-11-17T01:14:17Z/

Alternatively, rewrite vulsrepo-config.toml as follows, and then restart VulsRepo.

[Server]
resultsPath  = "/usr/share/vuls/result" <--- your vuls results directory

[nateambringit]

I already that method too, but nothing change.

vulsrepo-config.toml

[Server]
rootPath = "/home/ubuntu/go/src/github.com/ishiDACo/vulsrepo/"
resultsPath  = "/usr/share/vuls-data/results/"
serverPort  = "5111"
#serverIP = "127.0.0.1"
#serverSSL = "yes"
#serverCert = "cert.pem"
#serverKey = "key.pem"

#[Auth]
#authFilePath = "/home/vuls-user/.htdigest"
#realm = "vulsrepo_local"

$ pwd
/usr/share/vuls-data
$ ll
total 1452588
drwxr-xr-x   4 ubuntu root         4096 Nov 17 04:41 ./
drwxr-xr-x 110 root   root         4096 Nov 12 07:57 ../
-rw-r--r--   1 root   root          514 Nov 13 03:44 config.toml
-rw-r--r--   1 root   root   1405997056 Nov 12 10:11 cve.sqlite3
-rw-r--r--   1 ubuntu ubuntu   17395712 Nov 17 04:41 go-exploitdb.sqlite3
-rw-r--r--   1 ubuntu ubuntu    2322432 Nov 17 04:36 go-msfdb.sqlite3
lrwxrwxrwx   1 ubuntu ubuntu         57 Nov 12 10:39 gost.sqlite3 -> /home/ubuntu/go/src/github.com/knqyf263/gost/gost.sqlite3
-rw-r--r--   1 ubuntu root     61698048 Nov 13 07:42 oval.sqlite3
drwx------   4 ubuntu ubuntu       4096 Nov 17 04:48 results/
drwxrwxr-x   2 ubuntu ubuntu       4096 Nov 13 03:50 ssh/

/usr/share/vuls-data/results$ ll
total 16
drwx------ 4 ubuntu ubuntu 4096 Nov 17 04:48 ./
drwxr-xr-x 4 ubuntu root   4096 Nov 17 04:41 ../
drwx------ 2 ubuntu ubuntu 4096 Nov 17 03:58 2020-11-17T03:48:53Z/
drwx------ 2 ubuntu ubuntu 4096 Nov 17 04:48 2020-11-17T04:48:40Z/
lrwxrwxrwx 1 ubuntu ubuntu   49 Nov 17 04:48 current -> /usr/share/vuls-data/results/2020-11-17T04:48:40Z/

Result when i click submit

[nakacya]

Have you restarted your Vuls repo?

[nateambringit]

Have you restarted your Vuls repo?

I did but nothing change.

[ishiDACo]

I understand the situation. I think resultsPath and directory are fine. But I can't reproduce this problem.

Please let me know a few things.

• What version of Vuls are you using?
• What are Vuls' options for scan and report execution?
• What is the operating system and version of the target server?

[nateambringit]

• Vuls version v0.13.4 from https://github.com/future-architect/vuls

• Vuls execution : vuls scan

  $ vuls scan
  [Nov 17 08:07:47]  INFO [localhost] Start scanning
  [Nov 17 08:07:47]  INFO [localhost] config: /usr/share/vuls-data/config.toml
  [Nov 17 08:07:47]  INFO [localhost] Validating config...
  [Nov 17 08:07:47]  INFO [localhost] Detecting Server/Container OS... 
  [Nov 17 08:07:47]  INFO [localhost] Detecting OS of servers... 
  [Nov 17 08:07:47]  INFO [localhost] (1/1) Detected: ip-10-0-0-251: ubuntu 14.04
  [Nov 17 08:07:47]  INFO [localhost] Detecting OS of containers... 
  [Nov 17 08:07:47]  INFO [localhost] Checking Scan Modes... 
  [Nov 17 08:07:47]  INFO [localhost] Detecting Platforms... 
  [Nov 17 08:07:47]  INFO [localhost] (1/1) ip-10-0-0-251 is running on aws
  [Nov 17 08:07:47]  INFO [localhost] Detecting IPS identifiers... 
  [Nov 17 08:07:47]  INFO [localhost] (1/1) ip-10-0-0-251 has 0 IPS integration
  [Nov 17 08:07:47]  INFO [localhost] Scanning vulnerabilities... 
  [Nov 17 08:07:47]  INFO [localhost] Scanning vulnerable OS packages...
  [Nov 17 08:07:47]  INFO [ip-10-0-0-251] Scanning in fast mode

• Vuls Report Execution : vuls report -format-json

  $ vuls report -format-json
  [Nov 17 08:12:13]  INFO [localhost] Validating config...
  [Nov 17 08:12:13]  INFO [localhost] Loaded: /usr/share/vuls-data/results/2020-11-17T08:07:47Z
  [Nov 17 08:12:13]  INFO [localhost] Validating db config...
  INFO[0000] -cvedb-type: sqlite3, -cvedb-url: , -cvedb-path: /usr/share/vuls-data/cve.sqlite3 
  INFO[0000] -ovaldb-type: sqlite3, -ovaldb-url: , -ovaldb-path: /usr/share/vuls-data/oval.sqlite3 
  INFO[0000] -gostdb-type: sqlite3, -gostdb-url: , -gostdb-path: /usr/share/vuls-data/gost.sqlite3 
  INFO[0000] -exploitdb-type: sqlite3, -exploitdb-url: , -exploitdb-path: /usr/share/vuls-data/go-exploitdb.sqlite3 
  INFO[0000] -msfdb-type: sqlite3, -msfdb-url: , -msfdb-path: /usr/share/vuls-data/go-msfdb.sqlite3 
  DBUG[11-17|08:12:13] Opening DB (sqlite3). 
  DBUG[11-17|08:12:13] Migrating DB (sqlite3). 
  INFO[11-17|08:12:13] Opening DB.                              db=sqlite3
  INFO[11-17|08:12:13] Migrating DB.                            db=sqlite3
  INFO[11-17|08:12:13] Opening Database.                        db=sqlite3
  INFO[11-17|08:12:13] Migrating DB.                            db=sqlite3
  INFO[11-17|08:12:13] Opening DB                               db=sqlite3
  INFO[11-17|08:12:13] Migrating DB                             db=sqlite3
  [Nov 17 08:12:13]  INFO [localhost] ip-10-0-0-251: 0 CVEs are detected with Library
  [Nov 17 08:12:13]  WARN [localhost] OVAL for ubuntu 14.04 is old, last modified is 2020-11-13 07:42:26.798720515 +0000 UTC. It's recommended to update OVAL to improve scanning accuracy. How to update OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage
  [Nov 17 08:12:13]  WARN [localhost] The OVAL name of the running kernel image {Release:3.13.0-116-generic Version: RebootRequired:false} is not found. So vulns of `linux` wll be detected. server: ip-10-0-0-251
  [Nov 17 08:12:15]  INFO [localhost] ip-10-0-0-251: 667 CVEs are detected with OVAL
  [Nov 17 08:12:15]  INFO [localhost] ip-10-0-0-251: 0 CVEs are detected with CPE
  [Nov 17 08:12:15]  INFO [localhost] ip-10-0-0-251: 0 CVEs are detected with GitHub Security Alerts
  [Nov 17 08:12:15]  INFO [localhost] ip-10-0-0-251: 0 unfixed CVEs are detected with gost
  [Nov 17 08:12:15]  INFO [localhost] Fill CVE detailed information with CVE-DB
  [Nov 17 08:12:19]  INFO [localhost] Fill exploit information with Exploit-DB
  [Nov 17 08:12:19]  INFO [localhost] ip-10-0-0-251: 36 exploits are detected
  [Nov 17 08:12:19]  INFO [localhost] Fill metasploit module information with Metasploit-DB
  [Nov 17 08:12:20]  INFO [localhost] ip-10-0-0-251: 12 modules are detected

• My target OS server is Ubuntu 14.04

[ishiDACo]

I hadn't tested loading the Ubuntu 14.04 output, so I'm going to install Ubuntu 14.04 on my computer and see what happens. I have Ubuntu 14.04 LTS without Extended Security Maintenance, It is EOL.

[ishiDACo]

One more question, What OS and version are you running Vuls/VulsRepo?

I am running on Ubuntu 18.04. Unfortunately, I targeted Ubuntu 14.04 on a Docker container, but the problem did not reproduce.

[nateambringit]

I am using Ubuntu 18.04 in aws

$ uname -a
Linux ip-10-0-5-34 5.4.0-1029-aws #30~18.04.1-Ubuntu SMP Tue Oct 20 11:09:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

I am trying to scan in localhost (ubuntu 18.04) but still error from vuls repo. Trying to look report from vuls tui is working, maybe the problem from vulsrepo.

[ishiDACo]

There's probably an error in vulsrepo.js around line 207.

https://github.com/ishiDACo/vulsrepo/blob/7bf6f3797daf5d95db94c68aeb0c8ad1fbdef3c1/dist/js/vulsrepo.js#L207

Use Chrome's developer tool to stop the breakpoints. And tell me what values are in jqXHR, textStatus and errorThrown.

[nateambringit]

jqXHR = {readyState: 0, getResponseHeader: ƒ, getAllResponseHeaders: ƒ, setRequestHeader: ƒ, overrideMimeType: ƒ, …}, textStatus = "error", errorThrown = ""

Maybe problem in this area?

[ishiDACo]

Maybe problem in this area?

I think so. XMLHttpRequest blocked by CORS Policy.

One more, Please provide ip-10-0-0-251.json HTTP Status code, Response Headers and Request Headers information.

The result of sending and receiving HTTP requests in my environment is as follows

[ishiDACo]

One more question, Are you using Application Load Balancer or Classic Load Balancer? If use it, please check load balancer settings.

[nateambringit]

In my server with vuls and vulsrepo i'm not using load balancer but in my target server i'm used it, is any problem when vulsrepo if the target server using load balancer?

[ishiDACo]

"Provisional headers are shown" would indicate that they are retrieved from the cache without communication. Please check Disable cache and retry it.

[nateambringit]

I already check Disable Cache and try again but nothing change

[ishiDACo]

I don't know why, but Request URL appears to be incorrect.

Your Request URL is results2020-11-17t09:36:11Z/localhost.json.

The URL to expect is http://10.0.5.34:5111/results/2020-11-17T09:36:11Z/localhost.json.

https://github.com/ishiDACo/vulsrepo/blob/7bf6f3797daf5d95db94c68aeb0c8ad1fbdef3c1/dist/js/vulsrepo.js#L182

Use Chrome's developer tool to stop the breakpoints. And tell me what values are in value.url.

"results/2020-11-17T09:36:11Z/localhost.json" is the correct value.

Also, please tell me the results of the curl command.

curl -I -v http://10.0.5.34:5111/results/2020-11-17T09:36:11Z/localhost.json

[nateambringit]

I don't know why, but Request URL appears to be incorrect.

Your Request URL is results2020-11-17t09:36:11Z/localhost.json.

The URL to expect is http://10.0.5.34:5111/results/2020-11-17T09:36:11Z/localhost.json.

https://github.com/ishiDACo/vulsrepo/blob/7bf6f3797daf5d95db94c68aeb0c8ad1fbdef3c1/dist/js/vulsrepo.js#L182

Use Chrome's developer tool to stop the breakpoints. And tell me what values are in value.url.

Result :

please tell me the results of the curl command.

curl -I -v http://10.0.5.34:5111/results/2020-11-17T09:36:11Z/localhost.json

Result :

I don't know why two result are different values.

[ishiDACo]

results/2020-11-17T09:36:11Z/localhost.json is the correct value. But, your value.url is results2020-11-17T09:36:11Z/localhost.json. Missing /.

Please tell me the results of the curl command.

curl -v http://http://10.0.5.34:5111/getfilelist/

curl response body includes url. I would like to know if the url value starts with a /.

[nateambringit]

results/2020-11-17T09:36:11Z/localhost.json is the correct value. But, your value.url is results2020-11-17T09:36:11Z/localhost.json. Missing /.

Please tell me the results of the curl command.

curl -v http://http://10.0.5.34:5111/getfilelist/

curl response body includes url. I would like to know if the url value starts with a /.

$ curl -v http://10.0.5.34:5111/getfilelist/
* Trying 10.0.5.34...
* TCP_NODELAY set
* Connected to 10.0.5.34 (10.0.5.34) port 5111 (#0)
GET /getfilelist/ HTTP/1.1
Host: 10.0.5.34:5111
User-Agent: curl/7.58.0
Accept: */*

< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Wed, 25 Nov 2020 03:47:46 GMT
< Content-Length: 851
< 
* Connection #0 to host 10.0.5.34 left intact
[{"isFolder":"true","title":"2020-11-17T03:48:53Z","children":[{"title":"ip-10-0-0-251.json","url":"2020-11-17T03:48:53Z/ip-10-0-0-251.json"}]},{"isFolder":"true","title":"2020-11-17T04:48:40Z","children":[{"title":"ip-10-0-0-251.json","url":"2020-11-17T04:48:40Z/ip-10-0-0-251.json"}]},{"isFolder":"true","title":"2020-11-17T08:07:47Z","children":[{"title":"ip-10-0-0-251.json","url":"2020-11-17T08:07:47Z/ip-10-0-0-251.json"}]},{"isFolder":"true","title":"2020-11-17T08:47:57Z","children":[{"title":"ip-10-0-0-251.json","url":"2020-11-17T08:47:57Z/ip-10-0-0-251.json"}]},{"isFolder":"true","title":"2020-11-17T09:36:11Z","children":[{"title":"localhost.json","url":"2020-11-17T09:36:11Z/localhost.json"}]},{"isFolder":"true","title":"2020-11-17T09:45:49Z","children":[{"title":"ip-10-0-0-251.json","url":"2020-11-17T09:45:49Z/ip-10-0-0-251.json"}]}]

Is this correct value?

[ishiDACo]

$ curl -v http://10.0.5.34:5111/getfilelist/

Is this correct value?

No. It is incorrect value. It seems strange.

Expect

"url":"/2020-11-17T03:48:53Z/ip-10-0-0-251.json"

Actual

"url":"2020-11-17T03:48:53Z/ip-10-0-0-251.json"

[ishiDACo]

Your vulsrepo-config.toml

resultsPath  = "/usr/share/vuls-data/results/"

Change as follows. Remove the trailing /.

resultsPath  = "/usr/share/vuls-data/results"

Now implementation expects there will be no / at the end.

https://github.com/ishiDACo/vulsrepo/blob/52d8c4d949a485e14a08d6d53b9f0178f7b0e207/server/main.go#L264

[ishiDACo]

Change to return the correct value, regardless of the presence or absence of a trailing /.

[nateambringit]

yes, it's working when i deleted / at the end of resultPath, Thank you for your support.. i really like this apps.