Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error on engine while executing task #265

Closed
albertcp opened this issue May 14, 2021 · 8 comments · Fixed by #266
Closed

Error on engine while executing task #265

albertcp opened this issue May 14, 2021 · 8 comments · Fixed by #266

Comments

@albertcp
Copy link

albertcp commented May 14, 2021
edited
Loading

Hi everyone!

I have a problem with the target scanning on the engine.

I've set up scantron on virtual machines. One VM for the console and other VM for the engine. It's all working, ssh tunnels are created, crontabs are executing correctly...

The thing is when I create a new scan. It can be created and the status is pending:

Captura

Then, the status changes to error. When I see the engine log, this is what is showing:

Captura

I checked the code of engine.py and there is some problem with the field "config_data"... I don't know what can be the error.

If someone can help me I will be very gratefull.
@derpadoo
Copy link
Contributor

Hi @albertcp - sorry to hear it's not working. To doublecheck:

  1. What version of the agent are you running? ./engine -v

  2. How are you executing it?

  • Binary: ./engine
  • Python script /root/engine/.venv/bin/python engine.py
  • Service? systemctl start scantron-engine

  1. Does the engine_config.json file exist in the /root/engine directory of the engine? If so, can you provide a redacted screenshot of your engine_config.json file?

  2. Have the scan_engine and api_token values been updated to reflect a valid user and API token? If you used Ansible to deploy the console, a engine1 user (https://CONSOLE_IP/scantron-admin/auth/user/) should have been created along with an API key (https://CONSOLE_IP/scantron-admin/authtoken/tokenproxy/)

  3. Is the engine running as root?

@albertcp
Copy link
Author

albertcp commented May 17, 2021
edited
Loading

Hi @derpadoo,

First of all, thank you for your time.

I have checked everything you asked me. Below, you can find the results:

  1. What version of the agent are you running?

Answer: 1.03

  1. How are you executing it?

Answer: I activated the service systemctl start scantron-engine. But, checking the service ("cat scantron-engine.service") the output is:

image

So I suppose the way it executes is using the python script: /root/engine/.venv/bin/python engine.py

  1. Does the engine_config.json file exist in the /root/engine directory of the engine? If so, can you provide a redacted screenshot of your engine_config.json file?

Answer: Yes, engine_config.json exists.

image

  1. Have the scan_engine and api_token values been updated to reflect a valid user and API token? If you used Ansible to deploy the console, a engine1 user (https://CONSOLE_IP/scantron-admin/auth/user/) should have been created along with an API key (https://CONSOLE_IP/scantron-admin/authtoken/tokenproxy/)

Answer: I access that URL and checked the info is correct.

image

  1. Is the engine running as root?

Answer: Engine files are in /root/ folder. So, I need root to execute the engine.

I hope all questions are answered as expected.

Best regards.

@derpadoo
Copy link
Contributor

Appreciate you taking the time to provide that info.

When you ran the Ansible playbook, what did you have this value set to?

scantron/ansible-playbooks/group_vars/all

Line 25 in ee8e22e

utilize_static_api_token_across_engines: False

An explanation of that setting can be found in this section

From your original screenshots, it looks like the engine authenticates properly, but just to be sure, let's try the following. It looks like the "scan_engine" value in engine_config.json is set to engine-510598, but needs to match the user engine1. You have two options:

  1. Create a engine-510598 user, which will generate a new API key that you need to update in engine_config.json
  2. Update the "scan_engine" value in engine_config.json to be engine1.

Since you're using the service, you can run systemctl start scantron-engine to start the engine service or systemctl start scantron-engine to stop it.

@albertcp
Copy link
Author

albertcp commented May 18, 2021
edited
Loading

First of all, thank you for your quick respone.

  1. Ansible playbook config value is set to:
utilize_static_api_token_across_engines: True

Do I need to set the value to False?

  1. I created a new user called engine-510598 & updated the API key in the engine_config.json and the same error:

image

The image is taken from the engine.log

More info:

engine_config.json

image

Photograph of the Token in DJANGO ADMINISTRATION PAGE:

image

@derpadoo
Copy link
Contributor

Ahh, I see it. The engine_config.json files needs a "supported_scan_binaries" key. See https://github.com/rackerlabs/scantron/blob/master/engine/engine_config.json#L12

I updated the engine_config.json a while back without updating the file below, since I don't use the utilize_static_api_token_across_engines in my prod environment.

I need to update https://github.com/rackerlabs/scantron/blob/master/ansible-playbooks/roles/engine/templates/engine_config.json

For your fix, add the highlighted portion below:

image

    "http_useragent": "user-agent",
    "supported_scan_binaries": [
        "nmap",
        "masscan"
    ]

@derpadoo derpadoo mentioned this issue May 18, 2021
Merged
@derpadoo
Copy link
Contributor

Merged in #266

@derpadoo
Copy link
Contributor

@albertcp I'll wait to ensure it works for you before closing this one out.

@albertcp
Copy link
Author

@derpadoo Thank you so much for everything!!! It Works!!!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added supported_scan_binaries key to engine_config.json.j2 rackerlabs/scantron
2 participants
@albertcp @derpadoo