Unable to connect to API

[nusantara-self]

Hello everyone,

I'm currently testing in a VM environment WALKOFF in order to achieve TheHive <-> WALKOFF connection. The OS used is CentOS 7.

I am unable to get any response from WALKOFF's API.

If I create a workflow and I use the function walkf_off/connect with the default credentials admin:admin, I receive WalkoffNotFound.

If I try in a python program following the tutorial or anything close to it, I keep receiving 404 NOT FOUND status codes.

import requests

url = "http://127.0.0.1:8081/api"
#url = "http://127.0.0.1:8081/walkoff/api"
#url = "https://127.0.0.1:8080/api"
#url = "https://127.0.0.1:8080/walkoff/api"
#url = "https://127.0.0.1:5000/api"

def get_access_token(headers):
    username = "admin"
    password = "admin"

    data= {
        "username": username,
        "password": password
    }
    ret = requests.post(url + "/auth",json=dict(username=username,password=password), timeout=5, verify=False)
    print("ret.status_code : " + str(ret.status_code))
    print(ret.json())
    return ret.json()

headers = {"Content-Type": "application/json"}

get_access_token(headers)                       

The closest I've been to reaching the API is navigating to https://127.0.0.1:8000/walkoff/api/docs which returns

Failed to load API definition.

Fetch error
Internal Server Error /walkoff/api/openapi.json

Everything seems about fine on the logs from walkoff_core_api, I just create 404 status codes in the middle of the many 200 OK from the app itself.

Concerning my installation process, I've tried both master and development branch. (I'm on development branch currently). I've simply installed git, docker & docker-compose, ran docker swarm init as well as ./walkoff.sh up --build

Thanks in advance,

[nusantara-self]

Issued solved.

I've checked closely the logs from the service upon login and logout from the web UI.

I've found that the swagger is outdated : https://nsacyber.github.io/WALKOFF/swagger/index.html

The right url to call in order to retrieve access token is : /auth/login

url = "https://127.0.0.1:8080/walkoff/api/auth/login"

[patmkh]

hello, i would like to check with u please, if u are facing issue while deleting or stoping execution of a workflow ? changing the admin default password ?

thank u

[nusantara-self]

Hello @patmkh,

I do have issues with changing admin default password (using latest walkoff master). A quick fix to that is to create a new user of your choice with the admin role and delete the previous 'admin' user.

Also, yea. Stopping a workflow doesn't work, as well as in some cases duplicating a workflow and/or importing an exported workflow.

Hopefully, the development will restart soon as they were so close to a stable 1.0!

[patmkh]

thank u so much, as one more issue please, when trying to run powershell script (.ps1) i always get the error , that file not found, as for linux it s running and i m trying to put the file under /data/shared/. (they said that the .ps1 file should be under the scripts folder which i m unable to locate in the powershell app folder)

thank u for ur help !

[nusantara-self]

Hi again @patmkh,

Related to the powershell part, I cannot help you as I run walkoff on a RHEL distribution, so I do not run walkoff using powershell.

[patmkh]

hello again, me too i installed on debian, but what i mean here is the powershell exection workflow , that allow u to run powershell script remotly on the target machine (script will be local on the walkoff machine)

thank u for ur time

[nusantara-self]

oh alright, I am sorry I did not use any of these functions. Actually, I've done my own apps mostly for an integration with the incident response platform TheHive.

wishing you good luck!

[patmkh]

oh thank u so much , i appreciate ur help