Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[!] Error creating options for the datasources custom field. #8

Closed
goggan opened this issue Feb 22, 2021 · 16 comments · Fixed by #13
Closed

[!] Error creating options for the datasources custom field. #8

goggan opened this issue Feb 22, 2021 · 16 comments · Fixed by #13

Comments

@goggan
Copy link

goggan commented Feb 22, 2021

Heya,

Mine crashes out at the datasources custom field, help!

[] Authenticating to https://[redacted].atlassian.net...
[!] Success!
[
] Creating the Att&ck project...
[!] Success!
[*] Creating custom fields ...
[!] Successfully created 'tactic' custom field.
[!] Successfully created 'maturity' custom field.
[!] Successfully created 'url' custom field.
[!] Successfully created 'datasources' custom field.
[!] Successfully created 'id' custom field.
[!] Error creating options for the datasources custom field.

Unfortunately if I try to rerun where it left off, it kicks another error:
[] Authenticating to ...
[!] Success!
[
] Creating the Att&ck project...
[!] Error creating Jira project. Does it already exist ?

Cheers,
Glyn.

@mvelazc0
Copy link
Owner

Thanks for opening this, I will try to replicate it and follow up here.

If you want to re-run it, you will have to manually delete the Project the tool created first.

@mvelazc0
Copy link
Owner

Hello @goggan. I am actually not getting this error. Are you using the Cloud version of Jira ?

Can you manually log in to Jira, delete the project ( and then delete it from trash ) and try again ?

Thanks

@goggan
Copy link
Author

goggan commented Feb 23, 2021

Deleted and trying again now...

@goggan
Copy link
Author

goggan commented Feb 23, 2021

Running against our 'something'.atlassian.net
`:~/mitre/attack2jira# python3 ./attack2jira.py -url https://redacted -u Glyn@redacted -a initialize
Jira API Token for Glyn@redacted:
[] Authenticating to https://redacted...
[!] Success!
[
] Creating the Att&ck project...
[!] Success!
[!] Found custom fields
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 169, in _new_conn
conn = connection.create_connection(
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 96, in create_connection
raise err
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 86, in create_connection
sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 382, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 1012, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 353, in connect
conn = self._new_conn()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 181, in _new_conn
raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x7f754d2e5be0>: Failed to establish a new connection: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 573, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='cti-taxii.mitre.org', port=443): Max retries exceeded with url: /stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/ (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f754d2e5be0>: Failed to establish a new connection: [Errno 111] Connection refused'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/root/mitre/attack2jira/lib/jirahandler.py", line 394, in get_attack_tactics
client = attack_client()
File "/usr/local/lib/python3.8/dist-packages/attackcti/attack_api.py", line 54, in init
self.TC_ENTERPRISE_SOURCE = TAXIICollectionSource(ENTERPRISE_COLLECTION)
File "/usr/local/lib/python3.8/dist-packages/stix2/datastore/taxii.py", line 155, in init
if collection.can_read:
File "/usr/local/lib/python3.8/dist-packages/taxii2client/v20/init.py", line 281, in can_read
self._ensure_loaded()
File "/usr/local/lib/python3.8/dist-packages/taxii2client/v20/init.py", line 353, in _ensure_loaded
self.refresh()
File "/usr/local/lib/python3.8/dist-packages/taxii2client/v20/init.py", line 367, in refresh
response = self.__raw = self._conn.get(self.url,
File "/usr/local/lib/python3.8/dist-packages/taxii2client/common.py", line 296, in get
resp = self.session.get(url, headers=merged_headers, params=params)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 555, in get
return self.request('GET', url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='cti-taxii.mitre.org', port=443): Max retries exceeded with url: /stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/ (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f754d2e5be0>: Failed to establish a new connection: [Errno 111] Connection refused'))
[!] Error connecting obtaining tactics from Att&ck's API !
`

@mvelazc0
Copy link
Owner

Thanks !.

I'm getting the same error but this seems to be an error with the attackcti library not being able to reach the ATT&CK API. I will reach out to the maintainers of the library. I'll keep this issue open.

@mvelazc0
Copy link
Owner

The ATT&CK API is now working, it seems it was an availability issue. Now I see the error you pointed out. It seems that get_data_sources() function in attackcti is returning a list with duplicate data sources. When attack2jira tries to create all the options, Jira does not like it. Should be easy to fix.

{"errorMessages":["Found duplicate option 'Windows Error Reporting'.","Found duplicate option 'Windows Registry'.","Found duplicate option 'File Monitoring'.","Found duplicate option 'SSL/TLS inspection'.","Found duplicate option 'process use of network'.","Found duplicate option 'Sequential Event Recorder'.","Found duplicate option 'Alarm history'."],"errors":{}}
[!] Error creating options for the datasources custom field.

mvelazc0 pushed a commit that referenced this issue Feb 24, 2021
@mvelazc0
Copy link
Owner

mvelazc0 commented Feb 24, 2021

Ok, this is fixed now. Please pull the latest codebase and try it.

There is another issue to fix: I need to think about better presenting techniques vs sub techniques.

@goggan
Copy link
Author

goggan commented Feb 24, 2021 via email

@mvelazc0
Copy link
Owner

Thats weird, the changes I pushed would not affect that.

Please check your Jira environment/permissions/credentials again.

@goggan
Copy link
Author

goggan commented Feb 24, 2021

Yeah, I thought it was odd too, getting our admin to check perms but pretty sure nothing has changed (and I'm still able to trash and erase the old project which implies admin I believe)

@goggan
Copy link
Author

goggan commented Feb 24, 2021

Confirmed, still admin, and can move to trash & restore projects.

@goggan
Copy link
Author

goggan commented Feb 24, 2021

Bah. Disregard. The API reports success on auth based on any valid API key, but if you spell your email address wrong it then spits an error later.

@mvelazc0
Copy link
Owner

Cool. Everything else worked?

@goggan
Copy link
Author

goggan commented Feb 24, 2021

Running now before I give the thumbs up and close!

@mvelazc0
Copy link
Owner

Did it work ?

I also want to pick your brain on how to show Techniques and Sub-Techniques. Are you on slack or discord ?

@goggan
Copy link
Author

goggan commented Feb 25, 2021

It did work! Thanks!

Sorry, thought I closed it.

@goggan goggan closed this as completed Feb 25, 2021
PtrSt2 added a commit to PtrSt2/attack2jira_2023 that referenced this issue Jan 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants