search

minvws / nl-kat-coordination

OpenKAT scans networks, finds vulnerabilities and creates accessible reports. It integrates the most widely used network tools and scanning software into a modular framework, accesses external databases such as shodan, and combines the information from all these sources into clear reports. It also includes lots of cat hair.
https://openkat.nl
European Union Public License 1.2
126 stars 58 forks source link

Reports do not work on OOI with a space in the primary key #2888

Open noamblitz opened 6 months ago

noamblitz commented 6 months ago

Describe the bug No reports are found for OOIs that have a space in their primary key.

To Reproduce Steps to reproduce the behavior:

  1. Add a service called "Hello Word" and a service called "Hello".
  2. Give them both L2
  3. Go to generate report
  4. Select "Hello World"
  5. See that no report types are found
  6. Go back
  7. Select "Hello"
  8. See that report types are found

Expected behavior KAT should handle these OOIs correctly.

Screenshots If applicable, add screenshots to help explain your problem.

OpenKAT version Note the release tag (and if possible: the installation method) here. If it concerns an in-development version, note the branch(es) and commit hash(es) here as well.

Desktop (please complete the following information if relevant):

Additional context Found by @MetaByte149

underdarknl commented 5 months ago

@stephanie0x00 Could you see if we can get some logs / traces for this issue?

stephanie0x00 commented 4 months ago

Testing on: commit 2195d81006dc912a989151ef7e407466d03e3f97 (HEAD -> main, origin/main, origin/HEAD)

Short version: it seems that rocky doesn't properly parse objects with a space (my guess is other characters as well) and instead handles names with a space. The debug trail is shown below.

Debug steps below:

I made 2 Service objects 'Hello World' and 'Foo bar' with L2 clearance. When going to the Reports page, I select 'Foo bar' and continue to the next page I observe the following:

The URL for this request. Observe that the Service object at the end is cut off after 'Foo'.

http://127.0.0.1:8000/en/aa/reports/generate-report/select/report-types/?observed_at=2024-06-20&clearance_level=2&clearance_level=3&clearance_level=4&clearance_type=declared&ooi=Service%7CFoo

Matching screenshot, observe that no objects are shown for the selection:

image

When selecting the 'Hello World' object, I observe the same behaviour.

Now I create another Service object called 'Hello' with L3 clearance.

I then select 'Hello World' (L2) clearance and this gets mapped to 'Hello' with L3 clearance, as shown below:

Selection of Hello World (L2):

image

The next page in the report flow now shows "Hello" with L3 clearance.

image

The rocky logs show notifications with "No data could be found for Service X".

...
rocky-1  | No data could be found for 'Service|Foo' 
rocky-1  | [20/Jun/2024 14:22:22] "GET /en/aa/reports/generate-report/select/oois/?observed_at=2024-06-20&clearance_level=2&clearance_level=3&clearance_level=4&clearance_type=declared&ooi=Service%7CFoo HTTP/1.1" 200 46842
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/dist/app.css HTTP/1.1" 304 0
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/img/kat_logo.png HTTP/1.1" 304 0
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/js/dropdown.js HTTP/1.1" 304 0
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/dist/imports/manon.js HTTP/1.1" 304 0
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/dist/tabler-icons.c16e726d.woff2 HTTP/1.1" 304 0
rocky-1  | [20/Jun/2024 14:22:22] "GET /static/js/checkboxToggler.js HTTP/1.1" 304 0
...
rocky-1  | No data could be found for 'Service|Hello' 
rocky-1  | [20/Jun/2024 14:22:24] "GET /en/aa/reports/generate-report/select/report-types/?observed_at=2024-06-20&clearance_level=2&clearance_level=3&clearance_level=4&clearance_type=declared&ooi=Service%7CHello HTTP/1.1" 200 14045

Inspecting the object itself, it shows that in some parts of the database 'Hello World' is stored correctly, as shown below.

image