Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stops importing nmap import at 5% #175

Closed
securesean opened this issue May 4, 2020 · 6 comments
Closed

Stops importing nmap import at 5% #175

securesean opened this issue May 4, 2020 · 6 comments
Labels
bug Something isn't working

Comments

@securesean
Copy link

Hello! Legion keeps freezing when I import an XML vuln scan from nmap (XML file attached). The nmap xml file was produced by the command nmap -sV --script vuln -oA blueVulnScan 10.10.10.40 against hackthebox.eu's blue Windows 7 Pro x64 machine that's vulnerable to the EternalBlue exploit. I used the natively installed version of legion on the rolling kali distro (LEGION 0.3.6-1580902879 late update 02/05/2020). I don't know if the latest version of legion fixed this bug. Each time I tried to natively install it from the git repo my Kali VM got bricked when I restarted services relying on the old dependencies. I also failed to get docker working on Kali (but that's a separate bug)
blueVulnScan.zip
@jchoy14
Copy link
Contributor

jchoy14 commented May 4, 2020

Hi, when you import the nmap file into Legion, does it first import to 100%, populating Legion with services, and then get stuck at 5%? Just want to make sure I'm seeing the same result.
legionBug

@securesean
Copy link
Author

Yup! It looks like it's stuck on some script output:
image

@jchoy14 jchoy14 added the bug Something isn't working label May 6, 2020
@ghost-ng
Copy link
Contributor

ghost-ng commented May 20, 2020
edited

just cloned today from github, I have the same issue.

Update: seems to only hang when started with a clean slate. When importing into a current project, it straight up crashes (immediately).

@mcjon3z mcjon3z mentioned this issue Aug 4, 2020
Closed
@sscottgvit
Copy link
Collaborator

@securesean @MidnightSeer Mind giving it another try with 0.3.7?

@re8el
Copy link

re8el commented Oct 26, 2020
edited

Hi,

On Kali
Linux k20 5.8.0-kali3-amd64 #1 SMP Debian 5.8.14-1kali1 (2020-10-13) x86_64 GNU/Linux

On Legion from Kali repos
Legion 0.3.7-1596220187

nmap -Pn -sSV -vvvv --script vulners .... -oX /root/nmap_scan.xml -T4 --open

error msg import to already created session

{"time": "2020-10-26 11:30:08,089", "name": "Importing nmap xml from /root/nmapscan.xml...", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "view", "filename": "view.py", "line": 485}}
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
self.dialect.do_execute(
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/default.py", line 593, in do_execute
cursor.execute(statement, parameters)
sqlite3.IntegrityError: UNIQUE constraint failed: nmapSessionObj.filename

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
File "/usr/share/legion/app/importers/NmapImporter.py", line 119, in run
session.commit()
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 1042, in commit
self.transaction.commit()
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 504, in commit
self._prepare_impl()
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 483, in _prepare_impl
self.session.flush()
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 2523, in flush
self._flush(objects)
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 2664, in flush
transaction.rollback(capture_exception=True)
File "/usr/lib/python3/dist-packages/sqlalchemy/util/langhelpers.py", line 68, in exit
compat.raise(
File "/usr/lib/python3/dist-packages/sqlalchemy/util/compat.py", line 182, in raise
raise exception
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/session.py", line 2624, in _flush
flush_context.execute()
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/unitofwork.py", line 422, in execute
rec.execute(self)
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/unitofwork.py", line 586, in execute
persistence.save_obj(
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/persistence.py", line 239, in save_obj
_emit_insert_statements(
File "/usr/lib/python3/dist-packages/sqlalchemy/orm/persistence.py", line 1083, in _emit_insert_statements
c = cached_connections[connection].execute(statement, multiparams)
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1011, in execute
return meth(self, multiparams, params)
File "/usr/lib/python3/dist-packages/sqlalchemy/sql/elements.py", line 298, in _execute_on_connection
return connection._execute_clauseelement(self, multiparams, params)
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1124, in _execute_clauseelement
ret = self._execute_context(
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1316, in _execute_context
self.handle_dbapi_exception(
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1510, in handle_dbapi_exception
util.raise(
File "/usr/lib/python3/dist-packages/sqlalchemy/util/compat.py", line 182, in raise
raise exception
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
self.dialect.do_execute(
File "/usr/lib/python3/dist-packages/sqlalchemy/engine/default.py", line 593, in do_execute
cursor.execute(statement, parameters)
sqlalchemy.exc.IntegrityError: (sqlite3.IntegrityError) UNIQUE constraint failed: nmapSessionObj.filename
[SQL: INSERT INTO "nmapSessionObj" (filename, "startTime", finish_time, "nmapVersion", "scanArgs", "totalHosts", "upHosts", "downHosts") VALUES (?, ?, ?, ?, ?, ?, ?, ?)]
[parameters: ('/root/nmapscan.xml', 'Sat Oct 24 00:06:05 2020', 'Sat Oct 24 00:36:43 2020', 'unknown', '', '0', '0', '0')]
(Background on this error at: http://sqlalche.me/e/13/gkpj)

error msg import to already created session

sqlalchemy.exc.IntegrityError: (sqlite3.IntegrityError) UNIQUE constraint failed: nmapSessionObj.filename
[SQL: INSERT INTO "nmapSessionObj" (filename, "startTime", finish_time, "nmapVersion", "scanArgs", "totalHosts", "upHosts", "downHosts") VALUES (?, ?, ?, ?, ?, ?, ?, ?)]
[parameters: ('/root/nmap.xml', 'Sat Oct 24 00:06:05 2020', 'Sat Oct 24 00:36:43 2020', 'unknown', '', '0', '0', '0')]
(Background on this error at: http://sqlalche.me/e/13/gkpj)

error msg import to new session

{"time": "2020-10-26 11:32:18,140", "name": "Importing nmap xml from /root/nmap_scan.xml...", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "view", "filename": "view.py", "line": 485}}
QWidget::repaint: Recursive repaint detected
Segmentation fault

@securesean
Copy link
Author

securesean commented Jan 10, 2021
edited

Confirmed that fix worked for me. @re8el I think it would be best if you openned a new issue and uploaded your 'nmap_scan.xml' files so the problem can be replicated and debugged (otherwise we don't know what you're scanning).

Note: The best way to test with the latest/greatest legion is to use Docker. On Kali the best way to do this is:

apt remove docker
apt install docker.io
git clone https://github.com/GoVanguard/legion
cd legion/docker
# add a folder to the docker container in runIt.sh so you can pull files in and out. In the docker run command I add: "-v /opt/legion_output:/opt/legion_output"
./runIt.sh

Then copy the xml scan into the /opt/legion_output folder and try to import it:

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@re8el @securesean @sscottgvit @ghost-ng @jchoy14