* Add `--fail-http-to-https` to retry as HTTPS when --retry-https is used and certain known responses are encountered indicating HTTPS should be used
* Apache: HTTP/400, substring "You're speaking plain HTTP to an SSL-enabled server port"
* NGINX: HTTP/400, substring "The plain HTTP request was sent to HTTPS port"
* Add additional substring observed indicating http->https
* Add another observed substring, adjust whitespace
* Use go-ism for slicing implicitly from index 0
Co-authored-by: Adam Greene <copyright@mzpqnxow.com>
* Add support for specifying arbitrary HTTP headers
* * (Minor, Comment) Fix incorrect comment, replace with more helpful (and accurate) comment
* (Minor, Linting) Rename raw_hash => rawHash, 4 occurences (linter)
* (Minor, Linting) Rename s -> scanner, 1 occurence (linter)
* (Sanity Checking) Prevent duplicate custom headers
* (Sanity Checking) Prevent attempts to set known immutable headers (host, content-length)
* Add --custom-header-delimeter for convenience, in practice, quoting the header values that contain comma can be problematic
* Make the separator consistent for both custom-headers-names and custom-headers-values. It's just weird having them be different :>
* Spelling delimiter correctly would probably help...
* Update modules/http/scanner.go
Co-authored-by: engn33r <engn33r@users.noreply.github.com>
Co-authored-by: Adam Greene <copyright@mzpqnxow.com>
Co-authored-by: Zakir Durumeric <zakird@gmail.com>
Co-authored-by: engn33r <engn33r@users.noreply.github.com>
* Set SNI explicitly, in case it's a redirect (fix for #300)
* Fix the SNI issue correctly, using the host portion of addr, while respecting --server-name and --no-sni
* Clean up double error logging pointed out by dadrien
* Comply with RFC4366, do not set SNI server name for IP address
Co-authored-by: Adam Greene <copyright@mzpqnxow.com>
https://github.com/zmap/zgrab2/pull/306
* add smbv1 session setup scan
* remove unused values
* rename os_name to native_os to match smb documentation
* remove superfluous comment
* update zschema to include new SMB fields
* improve clarity on bounds checking for SMBv1 requests
The SMTP module was matching on "STMP" when verifying the contents of the scan response. This PR fixes the typo and adds a test for the VerifySMTPContents() function.
Even if the server does not respond to the telnet commands, the
banner may have useful information. Add the option "--force-banner"
so that the banner string may be returned even on failure.
* telnet module should not return success when it finds something other than telnet
* telnet module should not return success when it finds something other than telnet
* Adds verification step for POP3 banners
* Add validation for IMAP banners & fix some formatting problems
* Verify SMTP banners exist and are successful
* Add check for is_dnp3 flag which seems to be working as expected
* Fix dropping SCAN_APPLICATION_ERROR in IMAP
* Fix dropping SCAN_APPLICATION_ERROR in POP3
* Fix dropping SCAN_APPLICATION_ERROR in SMTP
* Add protocol and blacklist indicators to email protocols
Co-authored-by: Elliot Cubit <elliotcubit@elliots-mbp.lan>
So that we can advertise a slightly more expansive default set of
signature/hash algorithms in the signature_algorithms extension of
the TLS Client Hello, provide an option to use a pre-defined override.
This also splits up the TLS connection helper in tls.go, so that the
tls.Config can be modified by a scanner module.