API request for summary and vulnerabilities count not working

[lmcthbe]

Issue Type

• Bug Report

Faraday version

Showing faraday server configuration
version: 3.11.1
bind_address: localhost
port: 5985
websocket_port: 9000
debug: False

Showing faraday plugins data
version: 1.2

Showing dashboard configuration
show_vulns_by_price: False

Showing storage configuration
path: /root/.faraday/storage

Checking if postgreSQL is running...
[+] PostgreSQL is running and up to date
[+] PostgreSQL lock not detected.
[+] PostgreSQL encoding: UTF8

Checking if Faraday is running...
[+] Faraday Server is running. PID:21175

Checking Faraday config...
[+] /.faraday/storage -> Permission accepted
[+] Port 5985 in localhost is open

Steps to reproduce

Working request:
curl -L -b cookie.txt http://127.0.0.1:5985/_api/v2/ws/eworx6/
{"readonly": false, "customer": "", "name": "eworx6", "update_date": "2020-08-20T11:53:08.675918+00:00", "public": false, "active": true, "create_date": "2020-08-19T12:54:48.778466+00:00", "stats": {"services": 17, "web_vulns": 42, "credentials": 0, "code_vulns": 0, "std_vulns": 62, "total_vulns": 104, "hosts": 5}, "duration": {"start_date": 1597841688000, "end_date": null}, "_id": 36, "id": 36, "scope": [], "description": ""}

Not working request but documented in the wiki API Client
GET /_api/ws/workspace_name/summary: Get stats of a workspace (count of vulns, services, etc)
GET /_api/ws/workspace_name/vulns/count: Count workspace's vulns

curl -L -b cookie.txt http://127.0.0.1:5985/_api/v2/ws/eworx6/vulns/count
400 Bad Request
Bad Request
{'message': 'group_by is a required parameter'}

curl -L -b cookie.txt http://127.0.0.1:5985/_api/v2/ws/eworx6/summary
404 Not Found
Not Found
The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.

[aenima-x]

For the count request, you must provide a gropu_by
curl -b cookies -H "Content-Type: application/json" http://localhost:5985/_api/v2/ws/test/vulns/count/\?group_by\=severity
{"groups": [{"count": 10, "name": "med", "severity": "med"}, {"count": 1, "name": "low", "severity": "low"}, {"count": 80, "name": "info", "severity": "info"}], "total_count": 91}

And with the summary, can you send us the link where you saw that?
because that endpoint dont exist

[lmcthbe]

Thanks.

I found the summary API in https://github.com/infobyte/faraday/wiki/API-Client:

This is used by the web and the client to connect to the server. It runs on http://localhost:5985 or wherever you configured Faraday server to listen.

The following endpoints are available:

GET /_api/ws/workspace_name/hosts: Lists the hosts of a workspace
GET /_api/ws: List all workspaces
GET /_api/ws/workspace_name/summary: Get stats of a workspace (count of vulns, services, etc)
GET /_api/ws/workspace_name: Get workspace details
PUT /_api/ws/workspace_name: Create a workspace
DELETE /_api/ws/workspace_name: Delete a workspace
GET /_api/ws/workspace_name/services: List workspace's services
GET /_api/ws/workspace_name/services/count: Count workspace's services
GET /_api/ws/workspace_name/vulns: List workspace's vulns
GET /_api/ws/workspace_name/vulns/count: Count workspace's vulns
GET /_api/ws/workspace_name/notes: List workspace's notes
GET /_api/ws/workspace_name/notes/count: Count workspace's notes
GET /_api/ws/workspace_name/interfaces: List workspace's interfaces
GET /_api/ws/workspace_name/commands: List workspace's commands
GET /_api/ws/workspace_name/credentials: List workspace's credentials
GET /_api/ws/workspace_name/doc/doc_id: Get a generic object
PUT /_api/ws/workspace_name/doc/doc_id: Update or create a generic object
DELETE /_api/ws/workspace_name/doc/doc_id: Delete a generic object

[aenima-x]

That documentation is for an internal client api. Its not the web api. The web api is here: https://api.faradaysec.com It's not 100% ready that documentation, if you want yo see all the faraday api run "faraday-manage show-urls"

…

On Tue, Sep 1, 2020 at 9:58 AM Thierry Beauquier ***@***.***> wrote: Thanks. I found the summary API in https://github.com/infobyte/faraday/wiki/API-Client: This is used by the web and the client to connect to the server. It runs on http://localhost:5985 or wherever you configured Faraday server to listen. The following endpoints are available: GET /_api/ws/workspace_name/hosts: Lists the hosts of a workspace GET /_api/ws: List all workspaces *GET /_api/ws/workspace_name/summary: Get stats of a workspace (count of vulns, services, etc)* GET /_api/ws/workspace_name: Get workspace details PUT /_api/ws/workspace_name: Create a workspace DELETE /_api/ws/workspace_name: Delete a workspace GET /_api/ws/workspace_name/services: List workspace's services GET /_api/ws/workspace_name/services/count: Count workspace's services GET /_api/ws/workspace_name/vulns: List workspace's vulns GET /_api/ws/workspace_name/vulns/count: Count workspace's vulns GET /_api/ws/workspace_name/notes: List workspace's notes GET /_api/ws/workspace_name/notes/count: Count workspace's notes GET /_api/ws/workspace_name/interfaces: List workspace's interfaces GET /_api/ws/workspace_name/commands: List workspace's commands GET /_api/ws/workspace_name/credentials: List workspace's credentials GET /_api/ws/workspace_name/doc/doc_id: Get a generic object PUT /_api/ws/workspace_name/doc/doc_id: Update or create a generic object DELETE /_api/ws/workspace_name/doc/doc_id: Delete a generic object — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#408 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAVJSQ6MK2YEMVJASI4DHJLSDTVWHANCNFSM4QNJGQNA> .

[lmcthbe]

Thanks