Skip to content
This repository was archived by the owner on Oct 14, 2020. It is now read-only.

Commit 643369b

Browse files
rfelberrfelber
committed
Bugfix if hostname is null no subsequent scan should be started (use ip instead
1 parent 998639e commit 643369b

File tree

2 files changed

+32
-12
lines changed

2 files changed

+32
-12
lines changed

hooks/imperative-subsequent-scans/hook.js

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,13 +27,15 @@ async function handle({
2727
for (const finding of findings) {
2828
if (
2929
finding.category === "Open Port" &&
30-
finding.attributes.state === "open"
30+
finding.attributes.state === "open" &&
31+
(finding.attributes.hostname != null || finding.attributes.ip_address)
3132
) {
32-
const hostname = finding.attributes.hostname;
33+
34+
const hostname = finding.attributes.hostname || finding.attributes.ip_address;
3335
const port = finding.attributes.port;
3436

3537
console.log(
36-
"Found NMAP 'Open Port' finding for port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'"
38+
"Found NMAP 'Open Port' finding for host '"+hostname+"' port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'"
3739
);
3840

3941
// search for HTTP ports and start subsequent Nikto Scan

hooks/imperative-subsequent-scans/hook.test.js

Lines changed: 27 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -244,6 +244,17 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async
244244
service: "filtered",
245245
},
246246
},
247+
{
248+
name: "Port 445 is open",
249+
category: "Open Port",
250+
attributes: {
251+
state: "open",
252+
hostname: null,
253+
ip_address: "10.10.0.0",
254+
port: 445,
255+
service: "microsoft-ds",
256+
},
257+
},
247258
];
248259

249260
const scan = {
@@ -274,14 +285,21 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async
274285
cascadeNmapZapBaseline
275286
});
276287

277-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(9);
288+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(10);
278289

279290
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, {
280291
name: "nmap-smb-foobar.com",
281292
parameters: ["-Pn", "-p445", "--script", "smb-protocols", "foobar.com"],
282293
parentScan: { metadata: { labels: { foo: "bar" } } },
283294
scanType: "nmap",
284295
});
296+
297+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, {
298+
name: "nmap-smb-10.10.0.0",
299+
parameters: ["-Pn", "-p445", "--script", "smb-protocols", "10.10.0.0"],
300+
parentScan: { metadata: { labels: { foo: "bar" } } },
301+
scanType: "nmap",
302+
});
285303
});
286304

287305
test("Should create subsequent scans for subdomains (AMASS findings)", async () => {
@@ -332,16 +350,16 @@ test("Should create subsequent scans for subdomains (AMASS findings)", async ()
332350
cascadeNmapZapBaseline
333351
});
334352

335-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11);
353+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12);
336354

337-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, {
355+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, {
338356
name: "nmap-www.example.com",
339357
parameters: ["-Pn", "www.example.com"],
340358
parentScan: { metadata: { labels: { foo: "bar" } } },
341359
scanType: "nmap",
342360
});
343361
// even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap
344-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, {
362+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(12, {
345363
name: "nmap-example.example.com",
346364
parameters: ["-Pn", "example.example.com"],
347365
parentScan: { metadata: { labels: { foo: "bar" } } },
@@ -397,10 +415,10 @@ test("Should not create subsequent scans for subdomains (AMASS subsequent scans
397415
cascadeNmapZapBaseline
398416
});
399417

400-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11);
418+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12);
401419
});
402420

403-
test("Should not create subsequent scans for subdomains (no AMASS findings)", async () => {
421+
test("Should not create subsequent scans for empty findings even if activated", async () => {
404422
const findings = [];
405423

406424
const scan = {
@@ -431,10 +449,10 @@ test("Should not create subsequent scans for subdomains (no AMASS findings)", as
431449
cascadeNmapZapBaseline
432450
});
433451

434-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11);
452+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12);
435453
});
436454

437-
test("Should create subsequent scans for open SMB ports (NMAP findings)", async () => {
455+
test("Should not create subsequent scans if no subsequent scan is activated", async () => {
438456
const findings = [
439457
{
440458
name: "Port 445 is open",
@@ -562,5 +580,5 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async
562580
cascadeNmapZapBaseline
563581
});
564582

565-
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11);
583+
expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12);
566584
});

0 commit comments

Comments
 (0)