Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

flexible scripts report handler #5

Closed
MindPatch opened this issue Sep 5, 2022 · 0 comments
Closed

flexible scripts report handler #5

MindPatch opened this issue Sep 5, 2022 · 0 comments
Labels
core-changes make changes for Lotus Core in Rust
Milestone
0.0.4-beta

Comments

@MindPatch
Copy link
Contributor

MindPatch commented Sep 5, 2022
edited
Loading

lotus get lua table from the scripts that includes valid value if its valid or not to include in the report, and the report name, payload , match
we need something more flexible for the scripts because not all scanners output like each other somethimes you need to pass more variables and different value types in the report

function main(url) 
    found = {}
    found["valid"] = false
    local new_url = urljoin(url,"/secured/phpinfo.php")
    local resp = send_req(new_url)
    if resp.url:GetStrOrNil() then 
        local body = resp.body:GetStrOrNil()
        local status = resp.status:GetStrOrNil()
        if ( string.find(body,"PHP Extension") and string.find(body,"PHP Version")) then 
            found["url"] = resp.url:GetStrOrNil()
            found["match"] = "/secured/phpinfo.php"
            found["valid"] = true
            found["payload"] = ""
        end
    end
    return found
end

how lotus handle it in Rust

            if out.get::<_, bool>("valid").unwrap() == true {
                debug!("valid bug");
                let new_report = Report {
                    url: out.get("url").unwrap(),
                    match_payload: out.get("match").unwrap(),
                    payload: out.get("payload").unwrap(),
                };
                let results = serde_json::to_string(&new_report).unwrap();
                self.write_report(output_dir, &results);
            }
@MindPatch MindPatch added the core-changes make changes for Lotus Core in Rust label Sep 5, 2022
@MindPatch MindPatch added this to the 0.0.1-beta milestone Sep 5, 2022
@MindPatch MindPatch changed the title fixable scripts report handler flexible scripts report handler Sep 5, 2022
@MindPatch MindPatch mentioned this issue Sep 29, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core-changes make changes for Lotus Core in Rust
Projects
None yet
Milestone
0.0.4-beta
Development

No branches or pull requests
1 participant
@MindPatch