Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Matcher bug fix #409

Merged
merged 3 commits into from
Jan 23, 2024
Merged

Matcher bug fix #409

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
19f7529
fixing bug with signature parsing
liquidsec Jan 23, 2024
67b6a7b
black
liquidsec Jan 23, 2024
667ac8b
Merge branch 'dev' into matcher_bug_fix
liquidsec Jan 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions baddns/lib/matcher.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,12 +75,13 @@ def is_match(self, response):
if not isinstance(response, httpx.Response):
raise TypeError("response must be an httpx.Response object")
self.response = response

matchers_condition = self.rules.get("matchers-condition", "and")
results = []
for matcher in self.rules.get("matchers", []):
matcher_rule = self.rules.get("matcher_rule", [])
for matcher in matcher_rule.get("matchers", []):
match_type = matcher["type"]
match_func = getattr(self, f"_{match_type}", None)

if match_func:
result = match_func(matcher)
results.append(result)
Expand Down
2 changes: 1 addition & 1 deletion baddns/modules/cname.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ def analyze(self):
continue
log.debug("passed IPS")

m = Matcher(sig.signature["matcher_rule"])
m = Matcher(sig.signature)
log.debug("Checking for HTTP matches")
if any(m.is_match(hr) for hr in http_results if hr is not None):
log.debug(f"CNAME {self.cname_dnsmanager.target} Vulnerable")
Expand Down
32 changes: 32 additions & 0 deletions tests/matcher_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,3 +102,35 @@ def test_matcher_3(httpx_mock):
m = Matcher(rules)
r = httpx.get("https://baddns.com/test3")
assert m.is_match(r)


def test_matcher_4(httpx_mock):
httpx_mock.add_response(
url="https://baddns.com/test4",
status_code=302,
text="<html><p>regex_matcher_test_1234</p></html>",
headers={"Foo": "offline.ghost.org"},
)
rules = """
identifiers:
cnames: []
ips: []
nameservers: []
not_cnames: []
matcher_rule:
matchers:
- dsl:
- Host != ip
type: dsl
- regex:
- 'regex_matcher_test_\d{1,4}'
type: regex
matchers-condition: and
mode: http
service_name: test signature regex
source: nucleitemplates
"""
m = Matcher(rules)
r = httpx.get("https://baddns.com/test4")
print(m.is_match(r))
assert m.is_match(r)
Loading