Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correct the issue with port scanner output (#978) 

The issue caused the program to erroneously run a regex pattern on HTML content instead of the request data. This was because the port number wasn't displayed in the HTML's body content. The commit rectifies this problem, ensuring that regex operates on the correct data.
This commit is contained in:
tanaydin sirin 2024-12-22 13:34:12 +01:00 committed by GitHub
parent f65f9bc972
commit 9aaa7033a5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nettacker/core/lib/socket.py
View File

@ -233,10 +233,12 @@ class SocketEngine(BaseEngine):
return response return response
if sub_step["method"] == "tcp_connect_send_and_receive": if sub_step["method"] == "tcp_connect_send_and_receive":
if response: if response:
received_content = response["response"]
for condition in conditions: for condition in conditions:
regex = re.findall( regex = re.findall(
re.compile(conditions[condition]["regex"]), received_content re.compile(conditions[condition]["regex"]),
response["response"]
if condition != "open_port"
else str(response["peer_name"][1]),
) )
reverse = conditions[condition]["reverse"] reverse = conditions[condition]["reverse"]
condition_results[condition] = reverse_and_regex_condition(regex, reverse) condition_results[condition] = reverse_and_regex_condition(regex, reverse)

2
nettacker/modules/scan/port.yaml
View File

@ -1028,7 +1028,7 @@ payloads:
condition_type: or condition_type: or
conditions: conditions:
open_port: open_port:
regex: "" regex: \d{{1,5}}
reverse: false reverse: false
ftp: &ftp ftp: &ftp

4
tests/core/lib/test_socket.py
View File

@ -9,6 +9,10 @@ class Responses:
tcp_connect_send_and_receive = { tcp_connect_send_and_receive = {
"response": 'HTTP/1.1 400 Bad Request\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 302\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian)</address>\n</body></html>\n', "response": 'HTTP/1.1 400 Bad Request\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 302\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian)</address>\n</body></html>\n',
"peer_name": (
"127.0.0.1",
80,
),
"ssl_flag": True, "ssl_flag": True,
} }