search

minvws / nl-kat-coordination

OpenKAT scans networks, finds vulnerabilities and creates accessible reports. It integrates the most widely used network tools and scanning software into a modular framework, accesses external databases such as shodan, and combines the information from all these sources into clear reports. It also includes lots of cat hair.
https://openkat.nl
European Union Public License 1.2
128 stars 58 forks source link

Mute button in finding window does not work #3596

Open tobiasBDO opened 2 months ago

tobiasBDO commented 2 months ago

Please add bug, the name of any relevant modules (e.g. rocky), and any other relevant labels to your issue.

Describe the bug The mute button to mute a single finding does not work anymore in 1.16.0, there is an error in the console and you end up with a white screen when trying. (multi mute on the bottom of the page does work)

To Reproduce Steps to reproduce the behavior:

  1. Go to a finding in 1.16+
  2. Click on "Mute Finding"
  3. Supply a comment
  4. Click Mute

Expected behavior I expect the finding to be muted

Screenshots image

OpenKAT version v1.16.0

Trace Seems to be going wrong at this query: http://octopoes_api/organization/objects?types=Finding&valid_time=2024-09-30%2012%3A12%3A26.406769%2B00%3A00&offset=0&limit=50&scan_level=0&scan_level=1&scan_level=2&scan_level=3&scan_level=4&scan_profile_type=empty&scan_profile_type=declared&scan_profile_type=inherited' since i retrieve a {"detail":"timed out"} when trying manually.

nl-kat-coordination-octopoes_api-1         | [2024-09-30 12:12:31 +0000] [1] [ERROR] [api] timed out
nl-kat-coordination-octopoes_api-1         | [2024-09-30 12:12:31 +0000] [1] [INFO] [h11_impl] 172.30.0.7:39764 - "GET /organization/objects?types=Finding&valid_time=2024-09-30%2012%3A12%3A26.406769%2B00%3A00&offset=0&limit=50&scan_level=0&scan_level=1&scan_level=2&scan_level=3&scan_level=4&scan_profile_type=empty&scan_profile_type=declared&scan_profile_type=inherited HTTP/1.1" 500
nl-kat-coordination-rocky-1                | Internal Server Error: /en/organization/objects/add/MutedFinding/
nl-kat-coordination-rocky-1                | Traceback (most recent call last):
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 48, in _verify_response
nl-kat-coordination-rocky-1                |     response.raise_for_status()
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_models.py", line 761, in raise_for_status
nl-kat-coordination-rocky-1                |     raise HTTPStatusError(message, request=request, response=self)
nl-kat-coordination-rocky-1                | httpx.HTTPStatusError: Server error '500 Internal Server Error' for url 'http://octopoes_api/organization/objects?types=Finding&valid_time=2024-09-30%2012%3A12%3A26.406769%2B00%3A00&offset=0&limit=50&scan_level=0&scan_level=1&scan_level=2&scan_level=3&scan_level=4&scan_profile_type=empty&scan_profile_type=declared&scan_profile_type=inherited'
nl-kat-coordination-rocky-1                | For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/500
nl-kat-coordination-rocky-1                | 
nl-kat-coordination-rocky-1                | During handling of the above exception, another exception occurred:
nl-kat-coordination-rocky-1                | 
nl-kat-coordination-rocky-1                | Traceback (most recent call last):
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
nl-kat-coordination-rocky-1                |     response = get_response(request)
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
nl-kat-coordination-rocky-1                |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
nl-kat-coordination-rocky-1                |     return self.dispatch(request, *args, **kwargs)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 143, in dispatch
nl-kat-coordination-rocky-1                |     return handler(request, *args, **kwargs)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/edit.py", line 151, in post
nl-kat-coordination-rocky-1                |     form = self.get_form()
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/rocky/views/ooi_view.py", line 147, in get_form
nl-kat-coordination-rocky-1                |     form = super().get_form(form_class)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/edit.py", line 39, in get_form
nl-kat-coordination-rocky-1                |     return form_class(**self.get_form_kwargs())
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 28, in __init__
nl-kat-coordination-rocky-1                |     fields = self.get_fields()
nl-kat-coordination-rocky-1                |              ^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 36, in get_fields
nl-kat-coordination-rocky-1                |     return self.generate_form_fields()
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 64, in generate_form_fields
nl-kat-coordination-rocky-1                |     fields[name] = generate_select_ooi_field(
nl-kat-coordination-rocky-1                |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 123, in generate_select_ooi_field
nl-kat-coordination-rocky-1                |     oois = api_connector.list_objects({related_ooi_type}, datetime.now(timezone.utc)).items
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 83, in list_objects
nl-kat-coordination-rocky-1                |     res = self.session.get(f"/{self.client}/objects", params=params)
nl-kat-coordination-rocky-1                |           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 1054, in get
nl-kat-coordination-rocky-1                |     return self.request(
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 827, in request
nl-kat-coordination-rocky-1                |     return self.send(request, auth=auth, follow_redirects=follow_redirects)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 914, in send
nl-kat-coordination-rocky-1                |     response = self._send_handling_auth(
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 942, in _send_handling_auth
nl-kat-coordination-rocky-1                |     response = self._send_handling_redirects(
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 999, in _send_handling_redirects
nl-kat-coordination-rocky-1                |     raise exc
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 982, in _send_handling_redirects
nl-kat-coordination-rocky-1                |     hook(response)
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 55, in _verify_response
nl-kat-coordination-rocky-1                |     raise RemoteException(value=data["detail"])
nl-kat-coordination-rocky-1                | octopoes.connector.RemoteException: timed out
nl-kat-coordination-rocky-1                | Internal Server Error: /en/organization/objects/add/MutedFinding/
nl-kat-coordination-rocky-1                | Traceback (most recent call last):
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 48, in _verify_response
nl-kat-coordination-rocky-1                |     response.raise_for_status()
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_models.py", line 761, in raise_for_status
nl-kat-coordination-rocky-1                |     raise HTTPStatusError(message, request=request, response=self)
nl-kat-coordination-rocky-1                | httpx.HTTPStatusError: Server error '500 Internal Server Error' for url 'http://octopoes_api/organization/objects?types=Finding&valid_time=2024-09-30%2012%3A12%3A26.406769%2B00%3A00&offset=0&limit=50&scan_level=0&scan_level=1&scan_level=2&scan_level=3&scan_level=4&scan_profile_type=empty&scan_profile_type=declared&scan_profile_type=inherited'
nl-kat-coordination-rocky-1                | For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/500
nl-kat-coordination-rocky-1                | 
nl-kat-coordination-rocky-1                | During handling of the above exception, another exception occurred:
nl-kat-coordination-rocky-1                | 
nl-kat-coordination-rocky-1                | Traceback (most recent call last):
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
nl-kat-coordination-rocky-1                |     response = get_response(request)
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
nl-kat-coordination-rocky-1                |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
nl-kat-coordination-rocky-1                |     return self.dispatch(request, *args, **kwargs)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 143, in dispatch
nl-kat-coordination-rocky-1                |     return handler(request, *args, **kwargs)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/edit.py", line 151, in post
nl-kat-coordination-rocky-1                |     form = self.get_form()
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/rocky/views/ooi_view.py", line 147, in get_form
nl-kat-coordination-rocky-1                |     form = super().get_form(form_class)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/django/views/generic/edit.py", line 39, in get_form
nl-kat-coordination-rocky-1                |     return form_class(**self.get_form_kwargs())
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 28, in __init__
nl-kat-coordination-rocky-1                |     fields = self.get_fields()
nl-kat-coordination-rocky-1                |              ^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 36, in get_fields
nl-kat-coordination-rocky-1                |     return self.generate_form_fields()
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 64, in generate_form_fields
nl-kat-coordination-rocky-1                |     fields[name] = generate_select_ooi_field(
nl-kat-coordination-rocky-1                |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/app/rocky/tools/forms/ooi_form.py", line 123, in generate_select_ooi_field
nl-kat-coordination-rocky-1                |     oois = api_connector.list_objects({related_ooi_type}, datetime.now(timezone.utc)).items
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 83, in list_objects
nl-kat-coordination-rocky-1                |     res = self.session.get(f"/{self.client}/objects", params=params)
nl-kat-coordination-rocky-1                |           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 1054, in get
nl-kat-coordination-rocky-1                |     return self.request(
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 827, in request
nl-kat-coordination-rocky-1                |     return self.send(request, auth=auth, follow_redirects=follow_redirects)
nl-kat-coordination-rocky-1                |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 914, in send
nl-kat-coordination-rocky-1                |     response = self._send_handling_auth(
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 942, in _send_handling_auth
nl-kat-coordination-rocky-1                |     response = self._send_handling_redirects(
nl-kat-coordination-rocky-1                |                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 999, in _send_handling_redirects
nl-kat-coordination-rocky-1                |     raise exc
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/httpx/_client.py", line 982, in _send_handling_redirects
nl-kat-coordination-rocky-1                |     hook(response)
nl-kat-coordination-rocky-1                |   File "/usr/local/lib/python3.11/site-packages/octopoes/connector/octopoes.py", line 55, in _verify_response
nl-kat-coordination-rocky-1                |     raise RemoteException(value=data["detail"])
nl-kat-coordination-rocky-1                | octopoes.connector.RemoteException: timed out
originalsouth commented 2 months ago

Perhaps related to https://github.com/minvws/nl-kat-coordination/issues/3392

underdarknl commented 2 months ago

@tobiasBDO could you check if the MuteOOI object itself was created as expected?

tobiasBDO commented 2 months ago

@tobiasBDO could you check if the MuteOOI object itself was created as expected?

the object is not created, looking at the MutedFinding OOI type.

originalsouth commented 1 month ago

@tobiasBDO currently we cannot replicate the bug. Would it be possible to update and check if the problem persists?