diff --git a/data/txt/sha256sums.txt b/data/txt/sha256sums.txt
index 56d7cf94dc1..f9c4c8c9fb5 100644
--- a/data/txt/sha256sums.txt
+++ b/data/txt/sha256sums.txt
@@ -158,7 +158,7 @@ ab70028ea7e47484486b88354ed9ef648aac08ccba74a9507e5a401067f13997 extra/shutils/
df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/recloak.sh
1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f extra/shutils/strip.sh
1d6e741e19e467650dce2ca84aa824d6df68ff74aedbe4afa8dbdb0193d94918 extra/vulnserver/__init__.py
-9fb22b629ffb69d9643230f7bea50b0ad25836058647a3b2e88a1e254aa3ce74 extra/vulnserver/vulnserver.py
+3cdb41840cd2eb18a58a3d7cd1b8244ec583eeadafe8b4f8c5a106026c0d9673 extra/vulnserver/vulnserver.py
66d14fc303b061ccf983bf3ff84b5e1345c4fe643b662fbc5ec1a924d6415aee lib/controller/action.py
f0a3c3a555920b7e9321c234b54718e3d70f8ca33a8560a389c3b981e98c1585 lib/controller/checks.py
d7b1d29dfa0e4818553259984602410b14c60803cae9c9bb7b249ed7ad71a3f6 lib/controller/controller.py
diff --git a/extra/vulnserver/vulnserver.py b/extra/vulnserver/vulnserver.py
index bf0b33cfaa0..d8f06132f88 100644
--- a/extra/vulnserver/vulnserver.py
+++ b/extra/vulnserver/vulnserver.py
@@ -11,6 +11,7 @@
import base64
import json
+import os
import re
import sqlite3
import sys
@@ -19,7 +20,7 @@
PY3 = sys.version_info >= (3, 0)
UNICODE_ENCODING = "utf-8"
-DEBUG = False
+DEBUG = os.getenv('VULN_SERVER_DEBUG', '').lower() in ('true', '1', 'yes', 'on')
if PY3:
from http.client import INTERNAL_SERVER_ERROR
@@ -82,12 +83,17 @@ def _(*args, **kwargs):
print = _
+def debug_print(msg):
+ if DEBUG:
+ print("[DEBUG] %s" % msg)
+
class ThreadingServer(ThreadingMixIn, HTTPServer):
def finish_request(self, *args, **kwargs):
try:
HTTPServer.finish_request(self, *args, **kwargs)
except Exception:
if DEBUG:
+ debug_print("Error in finish_request:")
traceback.print_exc()
class ReqHandler(BaseHTTPRequestHandler):
@@ -144,19 +150,26 @@ def do_REQUEST(self):
try:
if self.params.get("echo", ""):
output += "%s<br>" % self.params["echo"]
+ debug_print("Echo parameter: %s" % self.params["echo"])
if self.params.get("reflect", ""):
output += "%s<br>" % self.params.get("id")
+ debug_print("Reflect parameter: %s" % self.params.get("id"))
with _lock:
if "query" in self.params:
+ debug_print("Executing query: %s" % self.params["query"])
_cursor.execute(self.params["query"])
elif "id" in self.params:
if "base64" in self.params:
- _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode())
+ decoded_id = base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode()
+ debug_print("Decoded base64 ID: %s" % decoded_id)
+ _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % decoded_id)
else:
+ debug_print("Executing query with ID: %s" % self.params["id"])
_cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params["id"])
results = _cursor.fetchall()
+ debug_print("Query results: %s" % results)
output += "<b>SQL results:</b><br>\n"
@@ -180,7 +193,9 @@ def do_REQUEST(self):
output += "</body></html>"
except Exception as ex:
code = INTERNAL_SERVER_ERROR
- output = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex)
+ error_msg = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex)
+ debug_print("Error occurred: %s" % error_msg)
+ output = error_msg
self.send_response(code)
@@ -213,7 +228,9 @@ def do_POST(self):
data = self.rfile.read(length)
data = unquote_plus(data.decode(UNICODE_ENCODING, "ignore"))
self.data = data
+ debug_print("Received POST data: %s" % data)
elif self.headers.get("Transfer-encoding") == "chunked":
+ debug_print("Processing chunked transfer encoding")
data, line = b"", b""
count = 0
@@ -243,13 +260,16 @@ def run(address=LISTEN_ADDRESS, port=LISTEN_PORT):
try:
_alive = True
_server = ThreadingServer((address, port), ReqHandler)
+ debug_print("Initializing server at 'http://%s:%d'" % (address, port))
print("[i] running HTTP server at 'http://%s:%d'" % (address, port))
_server.serve_forever()
except KeyboardInterrupt:
+ debug_print("Received keyboard interrupt")
_server.socket.close()
raise
finally:
_alive = False
+ debug_print("Server stopped")
if __name__ == "__main__":
try: