Closed blockanz closed 3 years ago
I get a similar error if I try and upload an export from nessus in CSV format
@blockanz - I think I understand what's the problem, let me dig into this. thanks for feedback.
No problem. Let me know when you think you have a fix and I'll do further testing.
I can confirm to this issue. Uploading a CSV results into this error.
I can confirm the same error with Nexpose XML
@varchashva Any updates on this? I'm keen to have a good play with the tool and offer suggestions/help for improving.
hi @blockanz @Cyberstro @thirdbyte
I have fixed this issue in my local environment. However before committing fix in GH, I need your help. Can you please paste the "header (first row)" only of uploaded CSV file?
It will help me in coding an effective fix. Appreciate the support!
hi @blockanz @Cyberstro @thirdbyte - just wondering if you got a chance to look into this request. thanks in advance!
@varchashva Apologies. Got stuck on other stuff. Here is the data you requested. It's from an export of Nessus to CSV.
Plugin ID,CVE,CVSS,Risk,Host,Protocol,Port,Name,Synopsis,Description,Solution,See Also,Plugin Output "19506","","","None","127.0.0.1","tcp","0","Nessus Scan Information","This plugin displays information about the Nessus scan.","This plugin displays, for each tested host, information about the scan itself :
Nessus version : 8.9.1 Plugin feed version : 202003171920 Scanner edition used : Nessus Scan type : Normal Scan policy used : Advanced Dynamic Scan Scanner IP : 127.0.0.1 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 2 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : enabled Web application tests : disabled Max hosts : 30 Max checks : 5 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2020/3/18 12:47 New Zealand Standard Time Scan duration : 483 sec " "134421","CVE-2020-0796","10.0","Critical","127.0.0.1","tcp","445","Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Remote)","The remote Windows host is using a vulnerable version of SMB.","A remote code execution vulnerability exists in Microsoft Server Message Block 3.1.1 (SMBv3) protocol due to how it handles a maliciously crafted compressed data packet. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.
Note, the plugin checks if SMB 3.1.1 with compression is enabled. It does not currently verify the vulnerability itself.","Microsoft has provided additional details and guidance in the ADV200005 advisory.","http://www.nessus.org/u?736703d3","Nessus was able to detect SMB 3.1.1 with compression enabled using a specially crafted packet. "
@varchashva Any update on the next release?
hi @blockanz @Cyberstro @thirdbyte
Have implemented the fix on v1.0 - supported upload of CSV scan files. Please check and do let me know for any query.
If you are using Docker version, just re-run the docker-compose up --build
with latest docker-compose file
Thanks!
What are the plans for Nessus, Nexpose, OpenVas etc.? Will these follow shortly?
@varchashva Okay, testing has not proven so successful. Uploaded a CSV exported from Nessus and get the following:
What are the plans for Nessus, Nexpose, OpenVas etc.? Will these follow shortly?
As of today, it supports upload of Nessus, Nexpose, QualysGuard csv scan results.
@varchashva Okay, testing has not proven so successful. Uploaded a CSV exported from Nessus and get the following:
It seems to be issue of particular text available in scan result. I have uploaded multiple scan results as part of quality testing but didn't come across such issue.
@blockanz - Can you please upload another scan result and/or Is it possible for you to share scan results via email or any other medium you feel comfortable (pls sanitise all sensitive data first)? thanks!
Happy to.share via email.
Whats the best address to use?
Regards
Get Outlook for Androidhttps://aka.ms/ghei36
From: Pramod Rana notifications@github.com Sent: Saturday, October 10, 2020 8:30:37 PM To: varchashva/vPrioritizer vPrioritizer@noreply.github.com Cc: blockanz paul.flatt@outer-orbit.com; Mention mention@noreply.github.com Subject: Re: [varchashva/vPrioritizer] Error uploading Nessus file (#5)
@varchashvahttps://github.com/varchashva Okay, testing has not proven so successful. Uploaded a CSV exported from Nessus and get the following: [image]https://user-images.githubusercontent.com/22645955/94864672-d6c97880-0498-11eb-8a15-01b4cbd13485.png
It seems to be issue of particular text available in scan result. I have uploaded multiple scan results as part of quality testing but didn't come across such issue.
@blockanzhttps://github.com/blockanz - Can you please upload another scan result and/or Is it possible for you to share scan results via email or any other medium you feel comfortable (pls sanitise all sensitive data first)? thanks!
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/varchashva/vPrioritizer/issues/5#issuecomment-706504299, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFMYZQZKBWRWXPXF7PULSCTSKAER3ANCNFSM4Q2MIGCA.
Happy to.share via email. Whats the best address to use?
@blockanz - it would be varchashva@gmail.com
Happy to.share via email. Whats the best address to use?
@blockanz - it would be varchashva@gmail.com
Email just sent. Many thanks.
@blockanz - fix has been released for this issue, please check and let me know how it goes. really appreciate your support!
In the demo you gave at Blackhat, I seem to remember you showed that a Nessus file could be uploaded. When I try to do this I get the following error: