improve/fix check whether the cache returns always a miss

m10x · m10x · commit 3aa98233cb99 · 2024-12-25T09:45:48.000+01:00
diff --git a/pkg/deception.go b/pkg/deception.go
@@ -159,7 +159,7 @@ func webCacheDeceptionTemplate(repResult *reportResult, appendStr string) error
 	indicValue = strings.TrimSpace(strings.ToLower(resp.Header.Get(Config.Website.Cache.Indicator)))
 
 	// check if there's a cache hit and if the body didn't change (otherwise it could be a cached error page, for example)
-	if checkCacheHit(indicValue) && string(body) == Config.Website.Body {
+	if checkCacheHit(indicValue, "") && string(body) == Config.Website.Body {
 		repResult.Vulnerable = true
 		repRequest.Reason = "The response got cached due to Web Cache Deception"
 		msg = fmt.Sprintf("%s was successfully decepted! appended: %s\n", rUrl, appendStr)
diff --git a/pkg/recon.go b/pkg/recon.go
@@ -329,7 +329,7 @@ func checkIfAlwaysMiss(cache CacheStruct) (bool, error) {
 	}
 
 	indicValue := strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-	if !checkCacheHit(indicValue) {
+	if !checkCacheHit(indicValue, cache.Indicator) {
 		addCachebusterMap("always-miss")
 
 		msg := "cache returns always miss"
@@ -470,7 +470,7 @@ func cachebusterCookie(cache *CacheStruct) []error {
 			}
 
 			indicValue := strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-			if checkCacheHit(indicValue) {
+			if checkCacheHit(indicValue, cache.Indicator) {
 				// If there is a hit, the cachebuster didn't work
 				msg := fmt.Sprintf("%s was not successful (Cookie)\n", identifier)
 				PrintVerbose(msg, NoColor, 2)
@@ -520,7 +520,7 @@ func cachebusterCookie(cache *CacheStruct) []error {
 				}
 
 				indicValue = strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-				if checkCacheHit(indicValue) {
+				if checkCacheHit(indicValue, cache.Indicator) {
 					// If there is a hit, the cachebuster didn't work
 					msg := fmt.Sprintf("%s was not successful (Cookie)\n", identifier)
 					PrintVerbose(msg, NoColor, 2)
@@ -687,7 +687,7 @@ func cachebusterHeader(cache *CacheStruct) []error {
 			}
 
 			indicValue := strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-			if checkCacheHit(indicValue) {
+			if checkCacheHit(indicValue, cache.Indicator) {
 				// If there is a hit, the cachebuster didn't work
 				msg := fmt.Sprintf("%s was not successful (Header)\n", identifier)
 				PrintVerbose(msg, NoColor, 2)
@@ -742,7 +742,7 @@ func cachebusterHeader(cache *CacheStruct) []error {
 				}
 
 				indicValue = strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-				if checkCacheHit(indicValue) {
+				if checkCacheHit(indicValue, cache.Indicator) {
 					// If there is a hit, the cachebuster didn't work
 					msg := fmt.Sprintf("%s was not successful (Header)\n", identifier)
 					PrintVerbose(msg, NoColor, 2)
@@ -879,7 +879,7 @@ func cachebusterParameter(cache *CacheStruct) error {
 		}
 
 		indicValue := strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-		if checkCacheHit(indicValue) {
+		if checkCacheHit(indicValue, cache.Indicator) {
 			// If there is a hit, the cachebuster didn't work
 			msg := fmt.Sprintf("%s was not successful (Parameter)\n", identifier)
 			PrintVerbose(msg, NoColor, 2)
@@ -925,7 +925,7 @@ func cachebusterParameter(cache *CacheStruct) error {
 			}
 
 			indicValue = strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-			if checkCacheHit(indicValue) {
+			if checkCacheHit(indicValue, cache.Indicator) {
 				// If there is a hit, the cachebuster didn't work
 				msg := fmt.Sprintf("%s was not successful (Parameter)\n", identifier)
 				PrintVerbose(msg, NoColor, 2)
@@ -1085,7 +1085,7 @@ func cachebusterHTTPMethod(cache *CacheStruct) []error {
 			}
 
 			indicValue := strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-			if checkCacheHit(indicValue) {
+			if checkCacheHit(indicValue, cache.Indicator) {
 				// If there is a hit, the cachebuster didn't work
 				msg := fmt.Sprintf("%s was not successful (HTTP Method)\n", identifier)
 				PrintVerbose(msg, NoColor, 2)
@@ -1129,7 +1129,7 @@ func cachebusterHTTPMethod(cache *CacheStruct) []error {
 				}
 
 				indicValue = strings.TrimSpace(strings.ToLower(resp.Header.Get(cache.Indicator)))
-				if checkCacheHit(indicValue) {
+				if checkCacheHit(indicValue, cache.Indicator) {
 					// If there is a hit, the cachebuster didn't work
 					msg := fmt.Sprintf("%s was not successful (HTTP Method)\n", identifier)
 					PrintVerbose(msg, NoColor, 2)
diff --git a/pkg/techniques.go b/pkg/techniques.go
@@ -680,7 +680,7 @@ func ScanParameterCloaking() reportResult {
 					m.Unlock()
 				}
 				indicValue := respHeader.Get(cache.Indicator)
-				if checkCacheHit(indicValue) {
+				if checkCacheHit(indicValue, cache.Indicator) {
 					m.Lock()
 					unkeyed_parameter = append(unkeyed_parameter, s)
 					m.Unlock()
diff --git a/pkg/utils.go b/pkg/utils.go
@@ -209,11 +209,13 @@ func searchBodyHeadersForString(cb string, body string, headers http.Header) boo
 }
 
 // check if cache was hit
-func checkCacheHit(value string) bool {
-	indicator := Config.Website.Cache.Indicator
+func checkCacheHit(value string, indicator string) bool {
+	if indicator == "" {
+		indicator = Config.Website.Cache.Indicator
+	}
 	if strings.EqualFold("age", indicator) {
 		value = strings.TrimSpace(value)
-		if value != "0" {
+		if value != "0" && value != "" {
 			return true
 		}
 	} else if strings.EqualFold("x-iinfo", indicator) {

Original file line number	Diff line number	Diff line change
`@@ -680,7 +680,7 @@ func ScanParameterCloaking() reportResult {`
`680`	`680`	`m.Unlock()`
`681`	`681`	`}`
`682`	`682`	`indicValue := respHeader.Get(cache.Indicator)`
`683`		`- if checkCacheHit(indicValue) {`
	`683`	`+ if checkCacheHit(indicValue, cache.Indicator) {`
`684`	`684`	`m.Lock()`
`685`	`685`	`unkeyed_parameter = append(unkeyed_parameter, s)`
`686`	`686`	`m.Unlock()`