search

minvws / nl-kat-coordination

OpenKAT scans networks, finds vulnerabilities and creates accessible reports. It integrates the most widely used network tools and scanning software into a modular framework, accesses external databases such as shodan, and combines the information from all these sources into clear reports. It also includes lots of cat hair.
https://openkat.nl
European Union Public License 1.2
127 stars 58 forks source link

Plugin status doesn't get stored in saved reports #3801

Open stephanie0x00 opened 2 weeks ago

stephanie0x00 commented 2 weeks ago

Describe the bug When you have a report from this morning with a plugin disabled (e.g. Nmap TCP is disabled in the morning report). The report plugin overview shows that the plugin is disabled (as expected). When you enable this plugin and re-open that same report it'll now show that nmap TCP is enabled. This seems strange as the report should show the status of the report at that moment in time, for forensic purposes.

To Reproduce Steps to reproduce the behavior:

  1. Generate a report with a plugin disabled (e.g. nmap tcp).
  2. Open de report and see that nmap tcp is disabled.
  3. Enable nmap TCP.
  4. Re-open the same report on the Reports page.
  5. See that nmap tcp now shows as enabled plugin.

Expected behavior When you generate a report at a specific timestamp the report is a snapshot of that moment in time. Any changes made after that moment are not updated in the report.

OpenKAT version main

underdarknl commented 2 weeks ago

The list of plugins (and their settings, but im not sure) should be stored in the report afaik.