API key for VulnCheck is not configured correctly about sploitscan HOT 20 CLOSED

Oh, my...
It works now... Now I see that there is another config.json in /opt/SploitScan/sploitscan....
But it is strange, because I used all the locations that were mentioned in README... And it still keep fetching one from the sploitscan subdirectory...
Hmm

Thank you, anyway. You were very fast, I couldn't keep the pace, that's why some of my comments went amiss, sorry for that.

from sploitscan.

Get rid of the space after the colon

from sploitscan.

i hace ene error, i tried rid the space but still appears "API key for VulnCheck is not configured correctly".

i have config.json file in /etc/sploitscan and ~/.sploitscan

im doing something wrong ?

Thank you

from sploitscan.

Can you please run the latest version with -d and check where it takes the config file from? Also, how did you install it?

from sploitscan.

Can you please run the latest version with -d and check where it takes the config file from? Also, how did you install it?

Kali/Ubuntu/Debian

apt install sploitscan

i installed for Kali, with apt, but the -d option don't appear on my version.

i tried with macOS too but have same problem.

from sploitscan.

Sorry, yes. Kali is outdated and should hopefully be updated soon coming from the Debian repositories.

On Mac please uninstall and install via pip.

from sploitscan.

I used git clone and venv to install sploitscan. I have config file in three locations: local directory, ~/.config/sploitscan and /etc/sploitscan directories... In all three files I removed the space after column.
The version is 0.10.
I used -d switch.
Config file was taken from local directory:
"uccessfully loaded config file: /opt/SploitScan/sploitscan/config.json"

Unfortunately, I still get the same error:
"API key for VulnCheck is not configured correctly."

from sploitscan.

It takes the config from /opt/SploitScan/sploitscan/config.json. Meaning sploitscan was installed in /opt/SploitScan/.

The spaces are irrelevant. Your issue should go away if you enter the vulncheck key in that file.

I will look into it (for Kali).

from sploitscan.

You can now also specify your config file manually.

from sploitscan.

But my API key is already in place. Look at my first comment, the one that opened this issue. I played with the space, but found it has no effect. I even deleted the API key and generated a new one. I also experimented with config file location. Eventually, I kept the three identical copies on three locations.

from sploitscan.

Yes. But your error indicates a different location. Your version (0.7) is relatively outdated.

Please pull the most recent one from GitHub and see if the issue persists. Which I doubt. In any case, add -c /path/to/config.json and see if it still persists.

from sploitscan.

My version was 0.10.1 at the time of my previous comment. Now, it is 0.10.2. Even Kali has 0.9.1-2...
I never had 0.7, nor I ever mentioned that.

I am confused. You've closed the issue while I still receive the same error, and can't see what I am doing wrong.
My config.json looks like this:
{
"vulncheck_api_key": "vulncheck_64b239d2f920[...]6171078db4bf5f6c4aa2644a043",
"openai_api_key": ""
}
???

from sploitscan.

Can you please show me from where you run it, run it with -d (including path output) and potentially with -c to define a config?

from sploitscan.

from sploitscan.

On thing I spontaneously see is you are inside:
/opt/SploitScan/
But you point the config to
/opt/sploitscan/
Can you please
-c /opt/SploitScan/config.json

from sploitscan.

Sorry for bad formatting of my previous comment. It was edited in webmail.

BTW, could it be that vulncheck site is messing something? I see that their "copy to clipboard" function is not working as expected... They don't allow me to see the key after its creation and copying, so it is not possible to verify that the clipboard copy is correct.

from sploitscan.

Yeah, I had an incident before where my key (for an unknown to me reason) didn't work anymore. Created a new one and it worked.

But yes, your folders were a bit messed up in your post.

Try to point to the correct directory first as suggested (case sensitive) and if it still doesn't work, I'd just make a new key and try again.

Btw. 0.10.3 is out with hopefully more tipps.

from sploitscan.

I changed a few things now but yeah it searches for config.json automatically in the ./sploitscan/ directory. Might reconsider just putting it into the root directory of wherever the application lies. Glad it works now.

from sploitscan.

Sorry, yes. Kali is outdated and should hopefully be updated soon coming from the Debian repositories.

On Mac please uninstall and install via pip.

if i install on kali from repository, can work ?

on MacOS i installed from pip

from sploitscan.

Finally works on macOS thank you!

from sploitscan.