New user, so apologies if this facility already exists. One of the things we would like to do is to attribute a Campaign to a specific Threat Actor (e.g., Lazarus, Cobalt Group, ATP28, FINX etc). Is there a way to do that, and if not, would it be possible to consider this as a feature request please?

Outcomes can only be "Detected" or "Blocked", which is mitigated by the fact that the operator can note that the Red Team action caused an Alert. However, there is nothing at a high level that notes this activity. In my organization, that would create a bit of heartburn. We look for the action to be "Detected" or "Not Detected". If it was detected, then it stands to reason that the SOC follows through to stop the bleeding. Yes, we do have cases such as communication being blocked by IronPort or BlueCoat with no alarm, but my leadership prefers to know if 1) the activity was seen and 2) how quick did we respond.

It is a matter of preference, so, this is comment is more of a suggestion that an issue. It's an issue for me, but not necessarily for you.

Could you please add in documentation showing how to upgrade our VECTR instance? We have an internal Docker Hub and if we had the steps to perform this action, it would be great!

For example:

• docker build -f Dockerfile -t hub.company.net/group/sra_vectr_tomcat:x.x.x .
• docker login hub.company.net
• docker push hub.company.net/group/sra_vectr_tomcat:x.x.x

Also, it would be nice for the community to understand if the organization does not have an internal Docker Hub how to add in arguments to utilize a proxy in case the server infrastructure does not have Internet activity.

Keep up the great work!

[X]Verify extracted VECTR release
ERROR: VECTR Deployment can not continue. Please correct any issues marked above or check installation logs.

Can you tell me how to solve it?

I receive an error deploying this solution when we setup our own TLS data. It deploys fine with the self-signed cert and keys.

I have tried using both a full chain for the certificate and just the client certificate and receive the same results.

Error message

[ ✔ ]  VECTR docker-compose file checks out
checking /srv/vectr/vectr-deploy/app/config/vectr.internal.example.com.public.pem  failed
checking /srv/vectr/vectr-deploy/app/config/vectr.internal.example.com.private.key  failed
[ X ]  VECTR secondary docker config file checks out
 ERROR: VECTR Deployment can not continue. Please correct any issues marked above or check installation logs.

TLS files

user@host:/# file /srv/vectr/pki/vectr.internal.example.com.private.key
/srv/vectr/pki/vectr.internal.example.com.private.key: ASCII text

user@host:/# file /srv/vectr/pki/vectr.internal.example.com.public.pem
/srv/vectr/pki/vectr.internal.example.com.public.pem: PEM certificate

user@host:/# file /srv/vectr/pki/vectr.internal.example.com.chain.pem
/srv/vectr/pki/vectr.internal.example.com.chain.pem: PEM certificate

user@host:/# head -n2 /srv/vectr/pki/vectr.internal.example.com.private.key
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCbfW90bPGxuCQa

user@host:/srv/vectr/vectr-staging# head -n2 /srv/vectr/pki/vectr.internal.example.com.public.pem
-----BEGIN CERTIFICATE-----
MIIH7zCCBtegAwIBAgITGwAaVJ9MIqHWs7YoQgAAABpUnzANBgkqhkiG9w0BAQsF

user@host:/srv/vectr/vectr-staging# head -n2 /srv/vectr/pki/vectr.internal.example.com.chain.pem
-----BEGIN CERTIFICATE-----
MIIH7zCCBtegAwIBAgITGwAaVJ9MIqHWs7YoQgAAABpUnzANBgkqhkiG9w0BAQsF

user@host:/srv/vectr/vectr-staging#  openssl rsa -noout -modulus -in /srv/vectr/pki/vectr.internal.example.com.private.key | openssl md5
(stdin)= d14922c95d0cc71df7014d7c071c21fd

user@host:/srv/vectr/vectr-staging#  openssl x509 -noout -modulus -in /srv/vectr/pki/vectr.internal.example.com.public.pem | openssl md5
(stdin)= d14922c95d0cc71df7014d7c071c21fd

user@host:/srv/vectr/vectr-staging# openssl x509 -noout -modulus -in /srv/vectr/pki/vectr.internal.example.com.chain.pem | openssl md5
(stdin)= d14922c95d0cc71df7014d7c071c21fd

Full run output

user@host:/srv/vectr/vectr-staging# rm -f ./vectr.env && bash vectr-install.sh
----------------------------------------
   SRA VECTR Installer (EXPERIMENTAL)
----------------------------------------


It is strongly recommended you read the prompts and hit ENTER to select the default option for each.
Configurability is provided for advanced self-supported installations ONLY.

Enter a name for this vectr configuration [sravectr]: vectr-poc

Enter the VECTR OS user [distro]: vectr-svc
Enter the VECTR deploy directory (this will append /app for where the vectr web app deploys) [/home/distro/vectr]: /srv/vectr/vectr-deploy
Enter the VECTR data directory [/srv/vectr/vectr-deploy/data]: /srv/vectr/vectr-deploy/data
VECTR hostname [vectr.internal]: vectr.internal.example.com
VECTR port [8081]: 443

  WARNING!! SSL Cert creation can vary between OpenSSL versions. If you do not specify an existing key, a self-signed cert will generate.

VECTR SSL certificate existing crt file (Please leave blank if none. Ex: /srv/vectr/vectr-deploy/app/config/ssl.crt) []: /srv/vectr/pki/vectr.internal.example.com.public.pem
VECTR SSL certificate existing key file (Please leave blank if none. Ex: /srv/vectr/vectr-deploy/app/config/ssl.key) []: /srv/vectr/pki/vectr.internal.example.com.private.key
Enter advanced configuration options? [y/N]: N

Configuration data:
  VECTR configuration name: vectr-poc
  VECTR OS user: vectr-svc
  VECTR deploy directory: /srv/vectr/vectr-deploy
  VECTR data directory: /srv/vectr/vectr-deploy/data
  VECTR hostname: vectr.internal.example.com
  VECTR port: 443
  VECTR docker bridge subnet: 10.0.27.0/24
  VECTR docker internal container names: vectr_tomcat and vectr_mongo
  VECTR Mongo DB port: 27018
  CAS directory: /srv/vectr/vectr-deploy/app/cas
  VECTR cert and key: /srv/vectr/pki/vectr.internal.example.com.public.pem and /srv/vectr/pki/vectr.internal.example.com.private.key

 Do you wish to continue with the install? (program will exit and no data will be written if Y not selected) [Y/n]: y
 Writing data to vectr.env config file...
 Deploying VECTR installation according to configuration values selected ...

[ ✔ ]  Docker ce version 17.03 or Docker engine 1.10 or greater
[ ✔ ]  Curl is installed
[ ✔ ]  VECTR OS user exists
[ ✔ ]  No existing VECTR docker containers for this config found
[ ✔ ]  VECTR deploy directory exists
[ ✔ ]  VECTR download temp directory exists
[ ✔ ]  VECTR download temp permissions are OK
[ ✔ ]  VECTR release file URL parsed for download
[ ✔ ]  VECTR release zip name found for comparison
[ ✔ ]  VECTR release zip already exists in temp download dir despite not being installed
[ ✔ ]  VECTR extracted release folder exists
[ ✔ ]  Verify extracted VECTR release
mv: cannot stat '/srv/vectr/vectr-deploy/data/*': No such file or directory
[ ✔ ]  Verify existing VECTR instance backed up
[ ✔ ]  VECTR deployed and check directory permissions are OK after deployment
[ ✔ ]  Verify VECTR deployed to VECTR deploy folder
[ ✔ ]  Verify VECTR tools dir exists for any post-installation scripts
[ ✔ ]  Attempting to use existing SSL certs specified, moving to VECTR config
[ ✔ ]  Verify VECTR SSL certs in config folder
[ ✔ ]  Verify VECTR SSL certs set in ENV file
[ ✔ ]  VECTR docker-compose file checks out
checking /srv/vectr/vectr-deploy/app/config/vectr.internal.example.com.public.pem  failed
checking /srv/vectr/vectr-deploy/app/config/vectr.internal.example.com.private.key  failed
[ X ]  VECTR secondary docker config file checks out
 ERROR: VECTR Deployment can not continue. Please correct any issues marked above or check installation logs.
user@host:/srv/vectr/vectr-staging# echo $?
0
user@host:/srv/vectr/vectr-staging#

For some tests, it's beneficial to provide video evidence to blue team members so that they can see the entire attack. Although Vectr appears to accept the video file, no file is attached to the test case. No error messages are provided.

Is it possible to add multiple usernames (e.g. admin2) to the application? I can see that single admin user is stored in MongoDB. I didn't find any documentation about this.

When you install using 443 as the port for the application it pops an error about the application not being authorized with CAS.

The URL is re-written (at least in chrome) to remove the port declaration :443 (as expected). When this is passed to the CAS portion it errors because it is missing the :443 however it is expected in the vectr-443.json file for the serviceId.

"serviceId" : "https://vectr.totesnotredteam.com:443/sra-purpletools-webui/app\\?client_name=CasClient",

It looks like this is built in the vectr-shared-methods.sh script. to just auto append the port that is defined at install time. If you remove the :443 from the vectr-443.json file it fixes the error.

Should be able to modify the vectr-shared-methods.sh script to ignore the port if it is 443 or 80?

Thanks!

When adding events into the timeline using the "+" symbol on the bottom left of the timeline, I do get an indication that the event was added (type blue, red, or neutral). However, the only way to exit the screen where you add events is to hit the "x" at the top right of the dialog box. Doing that removes the event from the timeline (top left says "Cancelled").

Default Account and Password?

Did not display any login data upon installation. Where can i get the initial login data?
Page loads, get login screen but have no idea how to login

OS: RHEL7.4

Additional steps to account for SElinux: had to add :Z to each of the volume mappings on the docker-compose.yml file and the dev..yml file as well.

Only Errors:

debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype

The vectr-install.sh process ends in a Permission denied error and stops.
vectr-deploy.sh is not able to run.

====
Do you wish to continue with the install? (program will exit and no data will be written if Y not selected) [Y/n]:
Writing data to sravectr.env config file...
Deploying VECTR installation according to configuration values selected ...

./vectr-install.sh: line 462: ./vectr-deploy.sh: Permission denied

I will submit a fix

I have a campaign that has test cases for t1110 brute force, t1213 data from information repositories, and t1039 data from network shared drive, and right now 1213 and 1039 both show up below the brute force in the escalation path.

It would be nice to be able to drag/drop one test case on to another in the escalation path to change the escalation path connections.

In this case, 1213 is actually a top level item, then 1135 network share discovery, then 1039 data from network shared drive, with 1110 brute force being a dead end node off of 1213.

When reviewing report type 'kill chain detailed' under specific assessment, the column named 'detection/prevention tools' displays random string (e.g. 9326d4ec-d9a8-447e-bce2-3271d4af463b) with checkbox instead of specific tool name.

Hi, i am new to using your product, so my apologies in advanced if my lack of experience is the reason for missing this feature.

i noticed in the pre-set databases, the Testcases of performed campaigns have the ability to set detected tools and select the severity they have triggered. these also make the tools section visible in reporting.

however, when i want to make a new Testcase this option is not there also when revieuwing all test cases.

i have followed the steps and installed using the latest version release and did't see any errors while upgrading the databases.

Dockerfile needs updating....
libssl from deb8u6 to deb8u7

When creating a new phase there is no option to add a description and when editing a phase there is no option to edit the description.

In "Test case" list, inside a campaing, some itens show a icon with the description: "Red Team Automation Availble". Can I see this automation? How can I add a automation to a Test Case?

Thanks.

Is any code analysis being performed static or dynamic?

Trying to delete analysis rules, and there doesn't seem to be an option to delete analysis engine rules.

Is it possible set a password to Vectr access MondoDB database? In "vectr.properties" file there are only host and port sets.

What is the recommendation to restric access to databases without cause problems to Vectr?

About backup, there is a way to schedule tasks on Vectr? I used the backup option on GUI and works fine, but I did't locate a option to schedule.

Thanks.
Marco Aurélio

If a phase event is currently on "TBD" and the blue team "accidentally" changes it to "Blocked", simply deleting the timeline entry will not cause the status to go back to "TBD". Not noticing this can cause a difference of results in the timeline and the outcome status.

On VMWare Fusion
Ubuntu 64 bit 18.04.2
Docker 19.03.5, build 633a0ea838
docker-compose version 1.24.1, build 4667896b
Vectr Release Package ce-5.3.1 - MITRE October 2019 Integration

Logging in for the first time to the web interface at localhost:8081 gives me "Invalid service ticket. It was either unrecognized or has expired."

I know the credentials are correct, because if I use the wrong password I get a different response.

Hi,

I the drill down report, I have 3 test cases, all mapped to a MITRE ID, all completed with blocked outcome.
When I switch to Heat map, there are only 2.
Let me know what additional details you need.

Thanks.

The ability to add an analysis rule to a default detection rule mapping (behavior) is not present. The screen & option is there but the checkbox is disabled.

When a new behavior is created, the ability to attach an analysis rule works correctly. Feature request is to extend this functionality to the default behaviors.

Hi,

in reporting -> report type=heatmap -> clicking any one of the cells that has a color in it.
In Chrome (79.0.3945.117), a details modal appears but in FF (71) it doesn't.

Thanks.

hi, currently the zip file when exporting the evidence files is empty.

could you advice me where this data is being stored?

Operating System: Mint 18 Sarah
docker-compose version 1.15.0, build e12f3b9
VECTR Release Version: ce_1.0.0b_20170214

Due to this error when running docker up:

 mongodb-org-tools : Depends: libssl1.0.0 (>= 1.0.1) but it is not installable
E: Unable to correct problems, you have held broken packages.
ERROR: Service 'tomcat' failed to build: The command '/bin/sh -c apt-get update && apt-get install -y apt-utils mongodb-org-tools=3.2.11' returned a non-zero code: 100

I had to modify dockerfile

>>> DOCKERFILE
RUN apt-key ...
RUN wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb && dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb

Last line added after apt-key line

This addition is noisy so non-interactive may be better, but this fixed the issue for me. I also changed the mongodb to 3.2 in the dockerfile to get the latest 3.2 version which didn't seem to have any negative impact on the functionality of the web app.

Hi,

We were running a pentest against our local vectr instance and the following issue was observed.

Observed that Vectr application login is not protected with rate limiter or account lockout policy to prevent password bruteforce attack.
By knowing the username, attacker would be albe to bruteforce the password to find the valid credentials. Note: Observed that login request (/cas/login) contains the 'execution' parameter and that will to be refreshed for every login attempt. If it is designed to prevent bruteforce automation, appears that it is not effective, we can repeatedly use same execution value in bruteforce attack.

reproduction steps:
Configure the browser to use HTTPS proxy like Burp.
Go to login page and enter valid username with wrong password
In Burp proxy, forward the request Intruder.
Add a list of passwords you would like to bruteforce and launch the attack.
For valid password you will receive 302 HTTP response and for invlid one will receive 401 HTTP response.

remediation advice:
Enforce account lock out policy - For 3 to 5 wrong login attempts. account needs to be locked for a period of time long enough to deter brute force attacks.
Prompt a CAPTCH challenge if bruteforce is detected.

Thanks.
Assaf Lowenstein

In the Heatmap View, it would be helpful to be able to toggle unused Techniques, so as to only view Techniques used in a specific campaign. Currently the system shows all Mitre techniques, with unused ones being greyed out but still being displayed in the grid.

@thebleucheese Trying VECTR following your post at unfetter.

Appears to build successfully after running the docker-compose command, but when I browse to the URI listed in the readme (http://your_docker_host:8081/sra-purpletools-webui/app) a server appears to be listening but no data or page is returned. Unfortunately I did not save the output of the docker-compose command.

Do you have a recommended linux distro and version to run this under?

Hello to everyone,

I'm experiencing some issues related to binding the ports/ip and finding the webserver.
I'm using Docker from a Win10 machine.

After performing the command:
docker-compose -f docker-compose.yml -f dev.yml -p dev up -d

Then, with "docker ps" I can see:

I've tried to go into: ** http://your_docker_host:8080/sra-purpletools-webui/app**, as shown in the images below (I've tried with Chrome and IE) but I am not able to connect into the web server. I've tried localhost IP (0.0.0.0) and Ethernet adapter vEthernet (DockerNAT: 192.168.16.1), but no one is able to let me reach the webserver.

I've also tried IP's from docker container (10.0.75.0), but same result.

Could you give me some advice or clue of what I'm doing wrong?

Appreciated

error : for sravectr_tomcat cannot start

https://drive.google.com/drive/u/0/folders/1VG7UCtbnQm6D5UjNy8ji2xA86oDwik5D

After attempting the install on both Ubuntu and Debian, I'm unable to access the Vectr webpage to even attempt to log in.

The docker containers are running fine, however it appears that the TLS session cannot be established. I've installed previous versions (~1 month ago) multiple times without issue.

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8a7ae37e3db vectr_tomcat:latest "catalina.sh run" 2 minutes ago Up 2 minutes 8080/tcp, 0.0.0.0:8081->8443/tcp vectr_tomcat_sandbox1
94213b5f50ff mongo:3.4 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:27018->27017/tcp vectr_mongo_s

Any assistance would be appreciated.

The Heatmap reporting view throws errors when including Assessments that contain Test Cases that don't have MITRE Technique ID's set. MITRE Technique ID's are set in a sub-view of the Test Case panel's Red Team details, found by clicking the cog icon in the Red Team Details header.

This is a bug and will be fixed. You should still be able to view the Heat Map even if some of your test cases do not have an associated MITRE Technique ID.

Hi,

Is there a possibility to add a proxy option? (as it's common in corporate environment)

Thanks in advance

Example of build failing because of the proxy not configured:

$ sudo docker-compose -f docker-compose.yml -f dev.yml -p dev up -d
...
step 3/8 : RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
 ---> Running in b6ebde61d23a
Warning: apt-key output should not be parsed (stdout is not a terminal)
Executing: /tmp/apt-key-gpghome.6Dm9KfzZYy/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
gpg: keyserver receive failed: No keyserver available
ERROR: Service 'tomcat' failed to build: The command '/bin/sh -c apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927' returned a non-zero code: 2

The command works when a proxy is defined:

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options http-proxy=http://proxy.contoso:3128  --recv EA312927
Executing: /tmp/apt-key-gpghome.1YlHaKLm4e/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options http-proxy=http://proxy.contoso:3128 --recv EA312927
gpg: key D68FA50FEA312927: public key "MongoDB 3.2 Release Signing Key <[email protected]>" imported
gpg: key C3B786F0EA312927: public key "Totally Legit Signing Key <[email protected]>" imported
gpg: Total number processed: 2
gpg:               imported: 2

I have looked through the various Report / Assessment screens, but can't see how I can get to the following page?

(Photo 3 of 4 on https://vectr.io/security-risk-advisors-simulation/)

Hi,

I've installed the application by following "Linux Docker Installation (Manual)" from the read me. I had a CAS issue that was solved by using #25.

I have now the following error while using default username and password (admin / 11_ThisIsTheFirstPassword_11):

Invalid service ticket. It was either unrecognized or has expired.

Any ideas on how to solve it ? Thank you.

On a fresh Ubuntu install in ec2 unzip is not installed. I suggest adding unzip to the ubuntu setup instructions

If I create a test case with the phase "Initial Delivery" it will not save as a test case within a campaign. This applies if I use built-in test cases or create a new one. Also when creating a new Phase this will not permanently save as a test case within a campaign.

Using sra-vectr-runtime-5.2.5-ce.zip and following the instructions on Github, I have attempted to install Vectr multiple times on different hosts. All result in "Application Not Authorized to Use CAS" when connecting to it via port 8081.

1. Extracted to /opt/vectr
2. Generate TLS keys
3. docker-compose -f docker-compose.yml -f devSsl.yml -p dev up -d
4. Validate that containers are running with docker ps
5. Connect to port 8081 via HTTPS

I have also tried extracting 5.2.5-ce.zip and then also running ./vectr-install.sh and followed the prompts (all checks pass), but results in the same "Application Not Authorized to Use CAS" error.

What's the proper way to restore VECTR database during version change?

I tried (and failed) with following steps:

1. DB backup was taken via GUI in previous version (ce-5.0.0).
2. Imported with mongorestore -d /tmp/backup/
3. Restarted the mongodb docker instance
4. GUI detected DB that needs to be migrated and failed with error message:

[INFO] com.sra.purpletools.dbmigrations.changelogs.v0029_update_tagging_map migration instantiated. Migration Failure, attempting to restore from backup. Details: /tmp/v0029_update_tagging_map.json (No such file or directory) Backup restored but application can not continue. Please see log file for information on correcting data.

I've tried with two separate DB's created in previous version, both give the same error message about missing "v0029_update_tagging_map.json". I also tried 'recommended upgrade path' (by copying old /data/ folder contents to new instance). That way I wasn't able to login anymore with old (migrated) or new (fresh install) username/password combination.

Would it be possible to update the Mitre datasets to reflect the recent changes published in April 2019 please? This adds 14 new techniques within a new phase amongst other changes; including 'Impact'. More information is detailed here:

https://attack.mitre.org/resources/updates/updates-april-2019/index.html

I have tried to go into Administration > Kill Chains but the Edit button is greyed out. I was able to add the Phase via the Phases Menu.

Also thought it would be worhwhile to load the Mitre PRE-ATT&CK and Mobile frameworks as part of the default installation?

Hi,
not really an issue but a question -
We're looking into the possibility of making proprietary changes to vectr that will fit our business needs but the source code is not available.
Is there a way to obtain it?

Thank you.

When you attach an screenshot/image file to a test case, if you immediately click "save" many times the file fails to attach as evidence. It appears that the test case dialogue must be left open for some time to allow the file to be uploaded in the background. However, it's difficult to know when the upload has completed, as there are no visual indicators or messages.

Adding a visual queue as to when the file has been successfully attached or, even better, attaching the file in the background without the need to leave the test case dialogue open would enhance the experience.

I have seen an EULA document in the repository, is it the actual license of the software?

Thank you.

Hi,

I created a new vendor and tool under administration->vendors and tools (red team section)
then created a new assessment, campaign and a test case.
in the test case under attacker tools, the new tool is not available.

Thanks.

Hello!

Thanks for this tool! A few hours playing with it shows a good potential for my bread-and-butter purple team project tracker!

Quick question; is there a way to have a "rendered" view of the test cases?
Ex: I'm a blue teamer, I want to review a test case covering a complicated TTP closed by a red teamer. Is there a way to have a "presentation layer" for that?
I'm seeing in the examples/templates that there's already some markdown sprinkled here and there, is there a way to actually render the content?

Also, since I would primarily spend my time in the individual "test cases" panes for MITRE ATT&CK assessments, is there a way to make this view a little more comfortable?
Maybe splitting up the test case window into different "red" and "blue" views, each with an "edit" and "view/rendered" mode, which would allow more space to write stuff without scrolling?

These are all humble suggestion, and again, thank you so much for this tool! I'm seeing a lot of ad-hoc tracking and manual reporting of these types of assessment and this could save a lot of time. I could probably try to make the pull request for these features, let me know if you are open for contributions and what are the guidelines, my java web development skills are not really sharp 😃

Looking for information on how to interact with Vectr via REST API. Apologies if this is available and i couldn’t find it.

After upgrading from 5.0 to 5.1, trying to login with admin produces the error “Invalid service ticket. It was either unrecognized or has expired.”