* Add support for specifying arbitrary HTTP headers
* * (Minor, Comment) Fix incorrect comment, replace with more helpful (and accurate) comment
* (Minor, Linting) Rename raw_hash => rawHash, 4 occurences (linter)
* (Minor, Linting) Rename s -> scanner, 1 occurence (linter)
* (Sanity Checking) Prevent duplicate custom headers
* (Sanity Checking) Prevent attempts to set known immutable headers (host, content-length)
* Add --custom-header-delimeter for convenience, in practice, quoting the header values that contain comma can be problematic
* Make the separator consistent for both custom-headers-names and custom-headers-values. It's just weird having them be different :>
* Spelling delimiter correctly would probably help...
* Update modules/http/scanner.go
Co-authored-by: engn33r <engn33r@users.noreply.github.com>
Co-authored-by: Adam Greene <copyright@mzpqnxow.com>
Co-authored-by: Zakir Durumeric <zakird@gmail.com>
Co-authored-by: engn33r <engn33r@users.noreply.github.com>
* Set SNI explicitly, in case it's a redirect (fix for #300)
* Fix the SNI issue correctly, using the host portion of addr, while respecting --server-name and --no-sni
* Clean up double error logging pointed out by dadrien
* Comply with RFC4366, do not set SNI server name for IP address
Co-authored-by: Adam Greene <copyright@mzpqnxow.com>
https://github.com/zmap/zgrab2/pull/306
* add smbv1 session setup scan
* remove unused values
* rename os_name to native_os to match smb documentation
* remove superfluous comment
* update zschema to include new SMB fields
* improve clarity on bounds checking for SMBv1 requests
The SMTP module was matching on "STMP" when verifying the contents of the scan response. This PR fixes the typo and adds a test for the VerifySMTPContents() function.
Even if the server does not respond to the telnet commands, the
banner may have useful information. Add the option "--force-banner"
so that the banner string may be returned even on failure.
* telnet module should not return success when it finds something other than telnet
* telnet module should not return success when it finds something other than telnet
* Adds verification step for POP3 banners
* Add validation for IMAP banners & fix some formatting problems
* Verify SMTP banners exist and are successful
* Add check for is_dnp3 flag which seems to be working as expected
* Fix dropping SCAN_APPLICATION_ERROR in IMAP
* Fix dropping SCAN_APPLICATION_ERROR in POP3
* Fix dropping SCAN_APPLICATION_ERROR in SMTP
* Add protocol and blacklist indicators to email protocols
Co-authored-by: Elliot Cubit <elliotcubit@elliots-mbp.lan>
So that we can advertise a slightly more expansive default set of
signature/hash algorithms in the signature_algorithms extension of
the TLS Client Hello, provide an option to use a pre-defined override.
This also splits up the TLS connection helper in tls.go, so that the
tls.Config can be modified by a scanner module.
If the --max-redirects value is exceeded, we return
SCAN_APPLICATION_ERROR with "Too many redirect" as the error message.
Add an option to suppress this error, and return success even if we
exceed the maximum specified number of redirects.
The Scanner.config struct is a configuration for all instances of
Scanner. Scanner.Scan() is called concurrently by multiple worker
goroutines; while Scanner is dereferenced before the call, the config
struct is a pointer, and so modifications to it will affect all other
running scans done with that Scanner.
Make sure we treat it as immutable during anything invoked by
Scanner.Scan() in the http module.
https://github.com/zmap/zgrab2/pull/245
The goroutine running the monitor isn't actually closed. This PR updates
the API to allow that Goroutine to properly block program exit. This can
be leveraged as we continue to make the configuration non-global.
This updates MakeMonitor() to take the channel size as a parameter,
instead of reading it from the global `config` object. Unfortunately,
the caller of MakeMonitor() doesn't actually have access to the global,
since it's in a different package (bin vs the root package). Luckily,
there doesn't appear to be a reason to have a buffer in this channel.
This updates the caller to pass a hardcoded size of 1.
This abstracts more of the help text into the ScanModule definition,
removing some more of the need for `zgrab2.AddCommand()`
https://github.com/zmap/zgrab2/pull/248
If both an IP address and a domain are specified for a scan, have the
HTTP scanner use a fake resolver in the DialContext, so that we always
scan the intended IP and Domain name pair.
However, make sure redirects still function as normal, so only use our
fake resolver if the domain name matches the original targeted domain
name.
In addition, the custom resolver is only used if the network specified
is one that supports domain names.
