Correct the issue with port scanner output (#978)

tanaydin · web-flow · commit 9aaa7033a5d1 · 2024-12-22T12:34:12.000Z
The issue caused the program to erroneously run a regex pattern on HTML content instead of the request data. This was because the port number wasn't displayed in the HTML's body content. The commit rectifies this problem, ensuring that regex operates on the correct data.
diff --git a/nettacker/core/lib/socket.py b/nettacker/core/lib/socket.py
@@ -233,10 +233,12 @@ def response_conditions_matched(self, sub_step, response):
             return response
         if sub_step["method"] == "tcp_connect_send_and_receive":
             if response:
-                received_content = response["response"]
                 for condition in conditions:
                     regex = re.findall(
-                        re.compile(conditions[condition]["regex"]), received_content
+                        re.compile(conditions[condition]["regex"]),
+                        response["response"]
+                        if condition != "open_port"
+                        else str(response["peer_name"][1]),
                     )
                     reverse = conditions[condition]["reverse"]
                     condition_results[condition] = reverse_and_regex_condition(regex, reverse)
diff --git a/nettacker/modules/scan/port.yaml b/nettacker/modules/scan/port.yaml
@@ -1028,7 +1028,7 @@ payloads:
           condition_type: or
           conditions:
             open_port:
-              regex: ""
+              regex: \d{{1,5}}
               reverse: false
 
             ftp: &ftp
diff --git a/tests/core/lib/test_socket.py b/tests/core/lib/test_socket.py
@@ -9,6 +9,10 @@ class Responses:
 
     tcp_connect_send_and_receive = {
         "response": 'HTTP/1.1 400 Bad Request\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 302\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian)</address>\n</body></html>\n',
+        "peer_name": (
+            "127.0.0.1",
+            80,
+        ),
         "ssl_flag": True,
     }
 

Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,10 @@ class Responses:`
`9`	`9`
`10`	`10`	`tcp_connect_send_and_receive = {`
`11`	`11`	`"response": 'HTTP/1.1 400 Bad Request\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 302\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian)</address>\n</body></html>\n',`
	`12`	`+ "peer_name": (`
	`13`	`+ "127.0.0.1",`
	`14`	`+ 80,`
	`15`	`+ ),`
`12`	`16`	`"ssl_flag": True,`
`13`	`17`	`}`
`14`	`18`