jarm: update jarm to not fail on handshake failure #328
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aspacewalz
commented
Sep 30, 2021
Comment on lines
123
to
+124
|
|
||
| // ret, err = zgrab2.ReadAvailable(conn) | ||
| ret, err = zgrab2.ReadAvailableWithOptions(conn, 1484, 500*time.Millisecond, 0, 1484) | ||
| if err != io.EOF && err != nil { | ||
| rawhashes = append(rawhashes, "") | ||
| conn.Close() | ||
| continue | ||
| } | ||
| ret, _ = zgrab2.ReadAvailableWithOptions(conn, 1484, 500*time.Millisecond, 0, 1484) |
There was a problem hiding this comment.
It appears to be the case that error responses from the target should still be processed by ParseServerHello which contains logic for handling the various failure responses appropriately.
aspacewalz
commented
Sep 30, 2021
| @@ -142,12 +130,11 @@ func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, inter | |||
| continue | |||
| } | |||
|
|
|||
| rawhashes = append(rawhashes, string(ans)) | |||
| rawhashes = append(rawhashes, ans) | |||
There was a problem hiding this comment.
ans is already a string. no need to cast.
aspacewalz
commented
Sep 30, 2021
| @@ -120,20 +114,14 @@ func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, inter | |||
| return zgrab2.TryGetScanStatus(err), nil, err | |||
| } | |||
|
|
|||
| _, err = conn.Write([]byte(data)) | |||
| _, err = conn.Write(jarm.BuildProbe(probe)) | |||
There was a problem hiding this comment.
data was already a byte slice and was also only used in this function call.
aspacewalz
commented
Sep 30, 2021
Comment on lines
147
to
+148
| } | ||
| if err != nil { | ||
| return ret, err | ||
| } | ||
|
|
There was a problem hiding this comment.
In this block err is ALWAYS nil so i removed it.
codyprime
approved these changes
Sep 30, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR removes the error handling for a JARM probe response. The reason is that a handshake failure should still be processed the same as any other response. Currently a handshake failure results in the ZeroHash value being returned. This does not match the salesforce jarm module which should be treated as the correct implementation.
After this change, the salesforce and zgrab2 modules will both return the same fingerprint for services that return a handshake failure to one of the probes.
How to Test
go test ./...
Notes & Caveats
This PR is being created to bring the zgrab2 JARM module in line with the behavior of the salesforce jarm tool.