Closed d0nest closed 1 year ago
Just confirming - did you try opening a new terminal window after installing asa? The path may not be refreshed until you open a new instance of terminal.
What is the result if you run which -a Asa
? This should print the location of all things matching Asa on your path.
I can't reproduce with the latest build using the .NET tool on Windows.
It sounds to me like this is a PATH configuration issue.
You can also install the .net tool to a local path of your choice like
dotnet tool install Microsoft.CST.AttackSurfaceAnalyzer.CLI --tool-path toolsdir
And then run it with
toolsdir\asa
Just confirming - did you try opening a new terminal window after installing asa? The path may not be refreshed until you open a new instance of terminal.
What is the result if you run
which -a Asa
? This should print the location of all things matching Asa on your path.
yes, i ran source .zsh_profile
before running any asa command and running which -a asa
prints
/usr/bin/asa
/Users/d0nest/.dotnet/tools/asa
Thanks for the extra information. I'll try to reproduce on a mac.
Thank you!
Thanks for the extra information. I'll try to reproduce on a mac.
when i ran .dotnet/tools/asa
the following output was generated.
A fatal error occurred. The required library libhostfxr.dylib could not be found.
If this is a self-contained application, that library should exist in [/Users/d0nest/.dotnet/tools/.store/microsoft.cst.attacksurfaceanalyzer.cli/2.3.284/microsoft.cst.attacksurfaceanalyzer.cli/2.3.284/tools/net6.0/any/].
If this is a framework-dependent application, install the runtime in the global location [/usr/local/share/dotnet] or use the DOTNET_ROOT environment variable to specify the runtime location or register the runtime location in [/etc/dotnet].
The .NET runtime can be found at:
- https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=osx.12-x64&apphost_version=6.0.4
I see a number of users on stackoverflow reporting the issue you're seeing is an issue with dotnet on the M series processor macs. I only have an intel mac so I likely won't be able to reproduce this.
You can try the fix they suggest here to reinstall the arm64 version of .net EF.
Sorry, for the delay in response buy i am using intel processor too.
Gotcha. I also have an intel Mac I can get access to to be able to test with it later this week. I had a colleague test on an M1 Mac and they had an issue on first run of Asa but it appears to be resolved itself with a second call to Asa.
My primary suspicion is that this is an issue with your .NET install at this point but I'm not totally sure.
I've now tested on an intel Mac and cannot reproduce this.
Double checking the report I notice that you're not on the latest .NET SDK (6.0.400).
The next steps I could recommend would be to install the latest SDK and then reinstall ASA.
dotnet tool uninstall -g Microsoft.CST.AttackSurfaceAnalyzer.CLI
dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI
While installing the tool:
$ dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI
/var/folders/8t/92jz7nqs3_q30ltwc2w7w2pm0000gn/T/2tsgukgi.pd1/restore.csproj : error NU1301: Unable to load the service index for source https://api.nuget.org/v3/index.json.
The tool package could not be restored.
Tool
'microsoft.cst.attacksurfaceanalyzer.cli' failed to install. This failure may have been caused by:
For more reasons, including package naming enforcement, visit https://aka.ms/failure-installing-tool
That error looks like you can't access nuget.org. I have no issue running the same install command on my system.
What if you try a different .NET tool? This is another one of our tools you can install just to test your .NET:
dotnet tool install -g Microsoft.CST.RecursiveExtractor.CLI
d0nest@Rohans-MacBook-Air ~ % dotnet tool install -g Microsoft.CST.RecursiveExtractor.CLI
You can invoke the tool using the following command: RecursiveExtractor
Tool 'microsoft.cst.recursiveextractor.cli' (version '1.1.11') was successfully installed.
$ RecursiveExtractor
RecursiveExtractor.Cli 1.1.11+77fed84a8f
© Microsoft Corporation. All rights reserved.
ERROR(S): Required option 'i, input' is missing.
-i, --input Required. The name of the archive to extract.
-o, --output (Default: .) The directory to extract to.
-p, --passwords Comma-separated list of passwords to use.
-a, --allow-globs Comma-separated list of glob expressions. When set, files are ONLY written to disk if they match one of these filters.
-d, --deny-globs Comma-separated list of glob expressions. When set, files are NOT written to disk if they match one of these filters.
-R, --raw-extensions Comma-separated list of file extensions to treat as raw files (don't recurse into).
-n, --no-recursion Disable recursive extraction.
-s, --single-thread Disable parallelized extraction.
--verbose Set logging to 'verbose'.
--debug Set logging to 'debug'.
--printnames Output the names of all files extracted.
--help Display this help screen.
--version Display version information.
Interesting. Is it still the case that attack surface analyzer still won't install?
While installing the tool:
$ dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI
/var/folders/8t/92jz7nqs3_q30ltwc2w7w2pm0000gn/T/2tsgukgi.pd1/restore.csproj : error NU1301: Unable to load the service index for source https://api.nuget.org/v3/index.json. The tool package could not be restored. Tool 'microsoft.cst.attacksurfaceanalyzer.cli' failed to install. This failure may have been caused by:
- You are attempting to install a preview release and did not use the --version option to specify the version.
- A package by this name was found, but it was not a .NET tool.
- The required NuGet feed cannot be accessed, perhaps because of an Internet connection problem.
- You mistyped the name of the tool.
For more reasons, including package naming enforcement, visit https://aka.ms/failure-installing-tool
Not sure if this will resolve your issue, but I had a similar problem with the install, and this worked for me:
Add nuget.org as a source, then proceed with install...
dotnet nuget add source https://api.nuget.org/v3/index.json -n nuget.org
dotnet tool install Microsoft.CST.AttackSurfaceAnalyzer.CLI --tool-path $ToolsDir
i am using MacOSX: monterey 12.5
I have downloaded .NET SDK (6.0.104) which i've confirmed by running dotnet --version command, then i ran "dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI" and then, i ran "asa" it did'nt respond but on running "asa --help" it says asa: --help: No such file or directory. also, i have set the environment variable to $HOME/.dotnet/tools in rc file.