Hi
When I want to upload Evidence (Memory Image), I get the following error message :
Networking.Error: NetWork Failure
Thank you

Hello,
Tried everyway to launch volweb on production but I can't seem to figure out what the issue with the SSL certificates.
I'm using an existing entrypoint of the minio instance, a reverse proxy subdomaine with a let's encrypt certificate, this vhost is already exposed and proxy pass directly to the minio . So that being said, the minio could be http or https , it's the same for me.

But I keep getting the following errors whenever I try to create a case:

volweb-platform    | 2024-06-10 00:44:44,994 WARNING  Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))': /71a048d5--4b26-8e7c-

volweb-platform    | 2024-06-10 00:44:45,899 WARNING  Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))': /71a048d5--4b26-8e7c-

volweb-platform    | 2024-06-10 00:44:47,616 WARNING  Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))': /71a048d5--4b26-8e7c-

volweb-platform    | 2024-06-10 00:44:50,935 WARNING  Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))': /71a048d5--4b26-8e7c-

volweb-platform    | 2024-06-10 00:44:51,006 ERROR    Internal Server Error: /api/cases

I'm lost in the installation process , I do not understand wether we should keep generating a selfsigned certificate for the local part or not, even if we already have an ssl certificate.

If I don't do it, the nginx docker doesnt fire up anyway, so I guess that means we should do it.
Even the part when we should accept the risk in the browser and add it in your browser's trusted CA is not necessary for this case I guess.

Also in the nginx configuration I'm not sure if we should replace volweb-platform by the actual hostname, I just replaced the servername part.

So the question for this issue would be : Should we create a selfsigned certificate for minio AND nginx ? Because in production, the volweb instance is rarely directly exposed, it's , most of time, behind a reverse proxy that handles the HTTPS certificates.

I also notice that in my reverse proxy nginx log I don't see any request to the minio plateform that I put in the .env file. That means that the volweb plateform doesnt even try to reach minio in https before throwing that error. So the issue is definetly because of the self signed certificated on the local plateform.

I guess the issue comes from the minio certificate, but I have no way to be sure. I tried to look at the code to understand which query is failing and To fix this issue I tried to add ssl=false in voltoos.py s3fs part, but I'm not sure if it's a good idea.

Thank you, and sorry if my questions are dumb :)

Hi
Thank You for Developing this Project

After Successfully Installation I Receive This Error during create Case :

volweb-platform | 2024-06-20 07:36:07,237 WARNING Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f2f62a5c760>: Failed to establish a new connection: [Errno 111] Connection refused')': /806e627c-6008-4993-8523-2f0cebc11247

Please Help me How can i Create Case Without this error

I'm using volweb in an airgap environnement and so fare only one probleme, How can I get the log that will tell me witch symbol I have to upload ?

pls if you dont mind can you make a installation video or one script bash file

Hi
I'm trying to create a new investigation with (user and also admin account) but after clicking on create at the bottom, in the upload process, I frequently face this error: Something went wrong : [object Object], I watched tutorials but I don't what happened in that upload process.
I run docker on the Ubuntu 20.04 release.
@k1nd0ne

Hello,
When I was configuring the python environment, I encountered the following error

> python3 manage.py migrate
Traceback (most recent call last):
  File "/home/toto/desktop/VolWeb-2.0.0/manage.py", line 22, in <module>
    main()
  File "/home/toto/desktop/VolWeb-2.0.0/manage.py", line 18, in main
    execute_from_command_line(sys.argv)
  File "/home/toto/.local/lib/python3.10/site-packages/django/core/management/__init__.py", line 442, in execute_from_command_line
    utility.execute()
  File "/home/toto/.local/lib/python3.10/site-packages/django/core/management/__init__.py", line 382, in execute
    settings.INSTALLED_APPS
  File "/home/toto/.local/lib/python3.10/site-packages/django/conf/__init__.py", line 102, in __getattr__
    self._setup(name)
  File "/home/toto/.local/lib/python3.10/site-packages/django/conf/__init__.py", line 89, in _setup
    self._wrapped = Settings(settings_module)
  File "/home/toto/.local/lib/python3.10/site-packages/django/conf/__init__.py", line 217, in __init__
    mod = importlib.import_module(self.SETTINGS_MODULE)
  File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 883, in exec_module
  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
  File "/home/toto/desktop/VolWeb-2.0.0/VolWeb/settings.py", line 27, in <module>
    CSRF_TRUSTED_ORIGINS = os.getenv("CSRF_TRUSTED_ORIGINS").split(" ")
AttributeError: 'NoneType' object has no attribute 'split'

Ubuntu was unable to obtain the CSRF_TRUSTED_ORIGINS

> echo $CSRF_TRUSTED_ORIGINS                    

My .env file has the following contents

#############VOLWEB PLATFORM INFORMATION#############
# Change with the fqdn or IP of your volweb instance

CSRF_TRUSTED_ORIGINS=https://192.168.145.129 # Change me
DJANGO_SECRET=toto # Change me

WEBSOCKET_URL=wss://192.168.145.129 # Change me

AWS_ENDPOINT_URL=https://192.168.145.129:9000 # Change me
AWS_ENDPOINT_HOST=192.168.145.129:9000 # Change me
AWS_REGION="" # Don't change me if you are using MinIO and not AWS

AWS_ACCESS_KEY_ID=user # Change me with the MINIO/AWS ACL
AWS_SECRET_ACCESS_KEY=password # Change me with the MINIO/AWS ACL

######################################################

#################VOLWEB DATABASE######################
POSTGRES_USER=volweb # Change me
POSTGRES_PASSWORD=volweb # Change me
POSTGRES_DB=volweb

DATABASE=postgres
DATABASE_HOST=volweb-postgresdb
DATABASE_PORT=5432
######################################################

BROKER_HOST=volweb-redis
BROKER_PORT=6379

I don't understand how docker configuration is added to python's venv variables.
Maybe I need to export CSRF_TRUSTED_ORIGINS?

I would really appreciate you helping me with this problem
I run the "VolWeb-2.0" version.
Thank you

hello,

I promise, I followed every part of the installation guide.

i try to create a new case.

As requested, I fill every items as below

but after several seconds, there is this error

i saw a similar trouble and solution was to change rights for volwev/docker/cases but cases wasn't in docker. so I copied this directory into docker but no changes

I try to create a new case directly on /admin but I need a case bucket ID but I don't know what it is ...

some logs

volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:31 +0000] "GET /statistics/ HTTP/2.0" 200 218 "https://192.168.1.5/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:31 +0000] "GET /static/fontawesomefree/webfonts/fa-brands-400.woff2 HTTP/2.0" 200 109808 "https://192.168.1.5/static/fontawesomefree/css/brands.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:44506 - - [01/Apr/2024:19:51:36] "GET /cases/" 200 14038
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:36 +0000] "GET /cases/ HTTP/2.0" 200 14038 "https://192.168.1.5/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:36 +0000] "GET /static/cases/css/cases.css HTTP/2.0" 200 270 "https://192.168.1.5/cases/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:36 +0000] "GET /static/js/cases.js HTTP/2.0" 200 11266 "https://192.168.1.5/cases/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:44508 - - [01/Apr/2024:19:51:36] "GET /websocket-url/" 200 38
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:36 +0000] "GET /websocket-url/ HTTP/2.0" 200 38 "https://192.168.1.5/cases/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:44522 - - [01/Apr/2024:19:51:36] "WSCONNECTING /ws/cases/" - -
volweb-platform | 172.19.0.6:44522 - - [01/Apr/2024:19:51:36] "WSCONNECT /ws/cases/" - -
volweb-platform | 172.19.0.6:44538 - - [01/Apr/2024:19:51:36] "GET /api/cases/" 200 2
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:19:51:36 +0000] "GET /api/cases/ HTTP/2.0" 200 2 "https://192.168.1.5/cases/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 2024-04-01 19:51:48,337 WARNING Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(IsADirectoryError(21, 'Is a directory'))': /265555ec-76c4-4afa-bc6c-90e7d136a749
volweb-platform | 2024-04-01 19:51:48,805 WARNING Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(IsADirectoryError(21, 'Is a directory'))': /265555ec-76c4-4afa-bc6c-90e7d136a749
volweb-platform | 2024-04-01 19:51:49,635 WARNING Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(IsADirectoryError(21, 'Is a directory'))': /265555ec-76c4-4afa-bc6c-90e7d136a749
volweb-platform | 2024-04-01 19:51:51,335 WARNING Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(IsADirectoryError(21, 'Is a directory'))': /265555ec-76c4-4afa-bc6c-90e7d136a749
volweb-platform | 2024-04-01 19:51:54,547 WARNING Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(IsADirectoryError(21, 'Is a directory'))': /265555ec-76c4-4afa-bc6c-90e7d136a749
volweb-platform | 2024-04-01 19:51:54,554 ERROR Internal Server Error: /api/cases/
volweb-platform | 172.19.0.6:54658 - - [01/Apr/2024:19:51:54] "POST /api/cases/" 500 33

if I take uuid in the log ( 265555ec-76c4-4afa-bc6c-90e7d136a749 ) I'm able to create a case on /admin, it works :)

but after that, I try to upload a dump file and there is an network error .

logs

volweb-platform | 172.19.0.6:41298 - - [01/Apr/2024:20:01:21] "GET /api/cases/1/" 200 191
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:20:01:21 +0000] "GET /api/cases/1/ HTTP/2.0" 200 191 "https://192.168.1.5/evidences/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:41312 - - [01/Apr/2024:20:01:21] "GET /minio_secrets/" 200 109
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:20:01:21 +0000] "GET /minio_secrets/ HTTP/2.0" 200 109 "https://192.168.1.5/evidences/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:51766 - - [01/Apr/2024:20:03:52] "GET /api/cases/1/" 200 191
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:20:03:52 +0000] "GET /api/cases/1/ HTTP/2.0" 200 191 "https://192.168.1.5/evidences/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"
volweb-platform | 172.19.0.6:51782 - - [01/Apr/2024:20:03:52] "GET /minio_secrets/" 200 109
volweb_nginx | 192.168.1.3 - - [01/Apr/2024:20:03:52 +0000] "GET /minio_secrets/ HTTP/2.0" 200 109 "https://192.168.1.5/evidences/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-"

Hope you ll be able to help me :)

Do not add plugins for volatility3

Identified a bug when looking for a file using the searchbar and trying to dump a file.

• Multiple tasks are launched to dump the same file.
• When the ImageSection dump is a success but not the DataSection for example, the engines thinks it was a success.

Fix will be available in the next release.

Collecting psycopg2==2.9.3 (from -r .\requirements.txt (line 55))
Downloading psycopg2-2.9.3.tar.gz (380 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 380.6/380.6 kB 8.1 MB/s eta 0:00:00
Installing build dependencies ... done
Getting requirements to build wheel ... error
error: subprocess-exited-with-error

× Getting requirements to build wheel did not run successfully.
│ exit code: 1
╰─> [21 lines of output]
running egg_info
writing psycopg2.egg-info\PKG-INFO
writing dependency_links to psycopg2.egg-info\dependency_links.txt
writing top-level names to psycopg2.egg-info\top_level.txt

  Error: pg_config executable not found.

  pg_config is required to build psycopg2 from source.  Please add the directory
  containing pg_config to the $PATH or specify the full executable path with the
  option:

      python setup.py build_ext --pg-config /path/to/pg_config build ...

  or with the pg_config option in 'setup.cfg'.

  If you prefer to avoid building psycopg2 from source, please install the PyPI
  'psycopg2-binary' package instead.

  For further information please check the 'doc/src/install.rst' file (also at
  <https://www.psycopg.org/docs/install.html>).

  [end of output]

note: This error originates from a subprocess, and is likely not a problem with pip.
error: subprocess-exited-with-error

× Getting requirements to build wheel did not run successfully.
│ exit code: 1
╰─> See above for output.

note: This error originates from a subprocess, and is likely not a problem with pip.

Can we up to psycopg2-2.9.9 ?

Hi,

Trying to make the docker-compose infraestructure work found out that using the documentation commands the self-signed certificates where giving errors on the connection towards Minio, the solution I found was to add the cert_check=False after line 61 on https://github.com/k1nd0ne/VolWeb/blob/main/cases/views.py

Didnt create a PR as I think it should be up to the dev to decide if this should be hardcoded or another option that the userrs could customize.

Sadly seems that while creating cases now is possible uploading evidences still doesn't work it gives an xhr error:

Cross origin requests blocked: Source politic doesnt allow the read of remote resources (sorry, is a rough translation)

Best regards

Hello,
I got some errors while trying to upload the ISF file. I got "CSRF verification failed. Request aborted." I have no idea what happened. I'll appreciate you help me.
I run the "VolWeb-1.3.2-beta" version.
Thank you