After update, Pathfinder appears to function and work however, after running nmap scan and going to reports, the downloadReport function does not work. caldera was also updated with a git pull. everything else functions as supposed to. Values may not be passed to function properly. Still in the process of tracking the problem down.

Hi Guys,

I just stumbled upon this, you guys have done some serious work here. Thanks for sharing it 🤗.
My question though is whether there is anything in the roadmap to be able to run the initial scan as part of an operation. As far as I understood the nmap scan is done directly from the CALDERA server which limits the visibility over the target network, considering your CALDERA server is not in the same subnet as the vulnerable machines you want to identify.
Running it as part of an operation would likely increase the attack surface, given you have an agent running inside the target subnet.

Selecting the 'nmap' scanner from the Caldera GUI with Pathfinder plugin installed results in a Javascript Reference Error

pathfinder.js:222 ReferenceError: validateFormState is not defined
 at pathfinder.js:207:9
(anonymous) @ pathfinder.js:222

function setupScannerSection(){
.....
.....
        validateFormState(response.enabled, '#startScan')

Would appear the validateFormState function is not defined

*Note : Just cloned the code direct into Caldera plugin - no docker etc

When adding Pathfinder plugin to working Ubuntu 20.04 Caldera 3.1.0 or 4.0.0-Alpha builds, encountered the attached error, referencing c_cve.py. If I copy c_cve.py from pathfinder/app/objects/ to caldera/app/objects, Pathfinder appears to work fine. Looking at caldera/plugins/pathfinder/app/enrichment/cve.py, in line 11 it calls to "from app.objects.c_cve import CVE". If I edit the line to be "from plugins.pathfinder.app.objects.c_cve import CVE", Pathfinder plugin generates no errors on Caldera server version 3.1.0 or 4.0.0-Alpha and appears to operate correctly.

I am trying to import a report into the Pathfinder plugin and it just reloads back to the Scan page. I don't know if this is a known bug or if something else is wrong. I also see a banner at the top that says I am "Currently using the legacy plugin interface for pathfinder". However, I am unaware of a newer version of Pathfinder. It is currently running in Caldera with the server.py script.

I have the following error while testing pathfinder in kali.

nmap scan started with parameters:
{
    "target_specification": "192.168.0.0/24",
    "script": "nmap-vulners",
    "script_args": "",
    "ports": "",
    "pingless": "0"
}
scan initiated, depending on scope it may take a few minutes
scan ID:c3f7f452-6d21-4089-a171-7c4578c794f0 failed. error output: NSE: failed to initialize the script engine:
/usr/bin/../share/nmap/nse_main.lua:821: directory 'nmap-vulners' found, but will not match without '/'
stack traceback:
	[C]: in function 'error'
	/usr/bin/../share/nmap/nse_main.lua:821: in local 'get_chosen_scripts'
	/usr/bin/../share/nmap/nse_main.lua:1312: in main chunk
	[C]: in ?

QUITTING!

Hello everyone, I already mentioned this bug in mitre/caldera#2650 (comment) but since I found another problem regarding this bug I wanted to open an issue for the bug itself here.

CALDERA Version: 4.1.0
Pathfinder Plugin: Newest master branch
Browser: Firefox and Chrome

Bug Description

When running a Pathfinder scan, the default scan parameters in the GUI are not passed on to the scanner. This can also be seen in the output next to the input fields in the GUI.
More precisely, the fields "script" and "pingless" are empty.

To reproduce

• Fresh install CALDERA 4.1.0 and Pathfinder plugin
• Open Pathfinder plugin page
• Choose nmap scanner and enter ip adress
• Click "Scan"

Expected behavior
The pathfinder nmap scan is executed with the default parameters that are seen in the GUI ("script: nmap-vulners, pingless: false").

Screenshot

• First run shows output when executing steps from "to reproduce"
• Second run shows output when first selecting another scanner script and then nmap-vulners again and also checking and un-checking the "no ping" box
  

Current Workaround
To get the pathfinder plugin in to work with the nmap-vulners script, one has to add another script to the plugin. Only by selecting another script and then re-seleting the nmap-vulners script, the field in the scan parameters that can be seen in the output box is set. Without a second scanner script I cannot get the plugin to use the nmap-vulners script at all!
Same applies for the "pingless" field, but here it is easier to check and un-check the box.
Update for easier workaround: Edit the pathfinder/scanners/nmap/scanner.py lines 30 and 33.

self.script = script or "nmap-vulners"
self.pingless = pingless or False

The parameters are still not shown in the output box, but since they are not set when creating the new scanner object, the defined default values are used instead and the scan works as intended.

Suggested fix
The "pingless" part can be fixed by editing line 33 of the nmap/scanner.py as shown above.
The "script" part should still be just considered a workaround because when another script is shown in the drop down menu by default, still the vulners script will be used when the parameter is not set in the scanner fields.

Hello，I found that when scanning for vulnerabilities in the pathfinder plugin, the web page did not show the scanned vulnerabilities, but running the Nmap scan locally did.

Hi! I am new here!
Is there any way to link TTPs and CVEs through the Caldera?
Through the Pathfinder plugin I have received the network topology including the CVES, and then I have created an operation using as adversary the Thief.
Once the operation is done, I use the Debrief plugin to see how the operation is completed and then I can see the used TTPs.
Is there any way to export which CVEs are used/linked to each used TTP?
Thanks in advance!

Hi! I am new here and I am trying to use pathfinder.
I have already installed CALDERA and enabled the Pathfinder plugin.
However, I faced the following difficulty and I cannot "use" the Pathfinder:
nmap: Please install scanner dependencies before scanning, scanning disabled!
Can you help me to overcome this difficulty?
Thank you in advance.

Hello!

It seems the sumbodule link for your nmap-vulners is broken. Version mismatch perhaps?

caldera_pathfinder/scanners/nmap/scripts/

Does anyone know how to get around this?

I got this message how can i update the plugin

Warning: You're currently using the legacy plugin interface for pathfinder. While it might function, we cannot guarantee its full compatibility or stability. For the best experience, we recommend updating to the latest UI version

Hello )
Please tell me, when I run the pathfinder scanner to search for the vulnerability of my network, and set the "script": "nmap-vulners" parameter, then the pathfinder plugin gives an error, what is the problem?
And the second question is how can I connect a third-party scanner such as nessus to the pathfinder plugin?

I installed pathfinder on caldera 3.0.0, and when I started caldera with the command "python3 server.py --insecure", a warning appeared.

Screenshot：

Does it have any impact on subsequent operations? How to eliminate the warning?

Hi,

after the steps which are needed to get this up and running (i think), when i go to the plugins and select pathfinder and initiate a new scan i get the error 'error setting up scanner'

any pointers on this issue?

regards

Lennart

Hey guys. I'm using Caldera v4.0.0 and I added pathfinder plugin. I made a vulnerable vm (https://github.com/timurozkul/HeartBleed) to test it with the ssl-heartbleed.nse script but I get an error that tells me to ensure that the target has a CVE. I tried it manually with nmap and it worked. Another error that I get is on the terminal. Can anybody help me solve this problem? Thank you so much.

Trying to use the pathfinder plugin with Caldera Docker image and getting the error:

error importing plugin=pathfinder, no module named 'networkx'

Have correctly cloned repository into caldera/plugins/pathfinder

ran pip3 install -r requirements.txt in caldera/plugins/pathfinder subdir

Rebuilt docker caldera docker image but still getting the above.

Anyone have any ideas?

Thanks