From 892e1e3c87bb4f004a3831db42df266c9f79d6f3 Mon Sep 17 00:00:00 2001 From: Nils Hanke Date: Wed, 23 Mar 2022 13:12:56 -0700 Subject: [PATCH 01/38] Use bodyTextLen instead of readLen for FailHTTPToHTTPS logic respContentLength can be -1 in certain cases, in which case readLen will be maxReadLen for the current scan. This will, however, then cause the FailHTTPToHTTPS if-condition to fail as the readLen is > 1024, even though the body content length can be in this range. So let us use the actual body length for the check to avoid this issue. --- modules/http/scanner.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/http/scanner.go b/modules/http/scanner.go index 6992b7ee4..6e299de55 100644 --- a/modules/http/scanner.go +++ b/modules/http/scanner.go @@ -549,7 +549,8 @@ func (scan *scan) Grab() *zgrab2.ScanError { } // Application-specific logic for retrying HTTP as HTTPS; if condition matches, return protocol error - if scan.scanner.config.FailHTTPToHTTPS && scan.results.Response.StatusCode == 400 && readLen < 1024 && readLen > 24 { + bodyTextLen := int64(len(bodyText)) + if scan.scanner.config.FailHTTPToHTTPS && scan.results.Response.StatusCode == 400 && bodyTextLen < 1024 && bodyTextLen > 24 { // Apache: "You're speaking plain HTTP to an SSL-enabled server port" // NGINX: "The plain HTTP request was sent to HTTPS port" var sliceLen int64 = 128 @@ -557,7 +558,6 @@ func (scan *scan) Grab() *zgrab2.ScanError { sliceLen = readLen } - bodyTextLen := int64(len(bodyText)) if bodyTextLen < sliceLen { sliceLen = bodyTextLen } From 4c0baa311b8f493b5c115ee7bde1f2ad79022fed Mon Sep 17 00:00:00 2001 From: AlexAQ972 Date: Wed, 25 Sep 2024 11:08:39 +0800 Subject: [PATCH 02/38] New Protocol: MQTT v3.1.1 and v5.0 --- integration_tests/mqtt/cleanup.sh | 9 + integration_tests/mqtt/mosquitto.conf | 1 + integration_tests/mqtt/setup.sh | 27 +++ integration_tests/mqtt/test.sh | 24 ++ modules/mqtt.go | 7 + modules/mqtt/scanner.go | 321 ++++++++++++++++++++++++++ zgrab2_schemas/zgrab2/__init__.py | 1 + zgrab2_schemas/zgrab2/mqtt.py | 22 ++ 8 files changed, 412 insertions(+) create mode 100755 integration_tests/mqtt/cleanup.sh create mode 100644 integration_tests/mqtt/mosquitto.conf create mode 100755 integration_tests/mqtt/setup.sh create mode 100755 integration_tests/mqtt/test.sh create mode 100644 modules/mqtt.go create mode 100644 modules/mqtt/scanner.go create mode 100644 zgrab2_schemas/zgrab2/mqtt.py diff --git a/integration_tests/mqtt/cleanup.sh b/integration_tests/mqtt/cleanup.sh new file mode 100755 index 000000000..b926199dd --- /dev/null +++ b/integration_tests/mqtt/cleanup.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set +e + +echo "mqtt/cleanup: Tests cleanup for mqtt" + +CONTAINER_NAME=zgrab_mqtt + +docker stop $CONTAINER_NAME diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf new file mode 100644 index 000000000..b87bc15f5 --- /dev/null +++ b/integration_tests/mqtt/mosquitto.conf @@ -0,0 +1 @@ +listener 1883 0.0.0.0 \ No newline at end of file diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh new file mode 100755 index 000000000..fb6231ad3 --- /dev/null +++ b/integration_tests/mqtt/setup.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash + +echo "mqtt/setup: Tests setup for mqtt" + +CONTAINER_TAG="eclipse-mosquitto" +CONTAINER_NAME="zgrab_mqtt" + +# If the container is already running, use it. +if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then + echo "mqtt/setup: Container $CONTAINER_NAME already running -- nothing to setup" + exit 0 +fi + +DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf" + +# If it is not running, try launching it -- on success, use that. +echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." +if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then + echo "eclipse-mosquitto launch fail" + + #echo "mqtt/setup: Building docker image $CONTAINER_TAG..." + # If it fails, build it from ./container/Dockerfile + #docker build -t $CONTAINER_TAG ./container + # Try again + #echo "mqtt/setup: Launching $CONTAINER_NAME..." + #docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG +fi diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh new file mode 100755 index 000000000..55d0ddc84 --- /dev/null +++ b/integration_tests/mqtt/test.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +set -e +MODULE_DIR=$(dirname $0) +ZGRAB_ROOT=$(git rev-parse --show-toplevel) +ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output + +mkdir -p $ZGRAB_OUTPUT/mqtt + +CONTAINER_NAME=zgrab_mqtt + +OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json + +echo "mqtt/test: Tests runner for mqtt" +# TODO FIXME: Add any necessary flags or additional tests +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt > $OUTPUT_FILE +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE + +# Dump the docker logs +echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" +docker logs --tail all $CONTAINER_NAME +echo ")}] END docker logs from $CONTAINER_NAME" + +# TODO: If there are any other relevant log files, dump those to stdout here. diff --git a/modules/mqtt.go b/modules/mqtt.go new file mode 100644 index 000000000..4b0091374 --- /dev/null +++ b/modules/mqtt.go @@ -0,0 +1,7 @@ +package modules + +import "github.com/zmap/zgrab2/modules/mqtt" + +func init() { + mqtt.RegisterModule() +} diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go new file mode 100644 index 000000000..1c23a962b --- /dev/null +++ b/modules/mqtt/scanner.go @@ -0,0 +1,321 @@ +package mqtt + +import ( + "encoding/binary" + "fmt" + "io" + "net" + + log "github.com/sirupsen/logrus" + "github.com/zmap/zgrab2" +) + +// ScanResults is the output of the scan. +type ScanResults struct { + SessionPresent bool `json:"session_present,omitempty"` + ConnectReturnCode byte `json:"connect_return_code,omitempty"` + Response string `json:"response,omitempty"` + TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` +} + +// Flags are the MQTT-specific command-line flags. +type Flags struct { + zgrab2.BaseFlags + zgrab2.TLSFlags + + Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` + V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` + UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` +} + +// Module implements the zgrab2.Module interface. +type Module struct { +} + +// Scanner implements the zgrab2.Scanner interface, and holds the state +// for a single scan. +type Scanner struct { + config *Flags +} + +// Connection holds the state for a single connection to the MQTT server. +type Connection struct { + conn net.Conn + config *Flags + results ScanResults +} + +// RegisterModule registers the MQTT zgrab2 module. +func RegisterModule() { + var module Module + _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) + if err != nil { + log.Fatal(err) + } +} + +// NewFlags returns the default flags object to be filled in with the +// command-line arguments. +func (m *Module) NewFlags() interface{} { + return new(Flags) +} + +// NewScanner returns a new Scanner instance. +func (m *Module) NewScanner() zgrab2.Scanner { + return new(Scanner) +} + +// Description returns an overview of this module. +func (m *Module) Description() string { + return "Perform an MQTT scan" +} + +// Validate flags +func (f *Flags) Validate(args []string) error { + return nil +} + +// Help returns this module's help string. +func (f *Flags) Help() string { + return "" +} + +// Protocol returns the protocol identifier for the scanner. +func (s *Scanner) Protocol() string { + return "mqtt" +} + +// Init initializes the Scanner instance with the flags from the command line. +func (s *Scanner) Init(flags zgrab2.ScanFlags) error { + f, _ := flags.(*Flags) + s.config = f + return nil +} + +// InitPerSender does nothing in this module. +func (s *Scanner) InitPerSender(senderID int) error { + return nil +} + +// GetName returns the configured name for the Scanner. +func (s *Scanner) GetName() string { + return s.config.Name +} + +// GetTrigger returns the Trigger defined in the Flags. +func (scanner *Scanner) GetTrigger() string { + return scanner.config.Trigger +} + +// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. +func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { + var packet []byte + if v5 { + packet = []byte{ + // Fixed Header + 0x10, // Control Packet Type (CONNECT) and flags + 0x17, // Remaining Length (23 bytes) + + // Variable Header + 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name + 0x05, // Protocol Level (MQTT v5.0) + 0x02, // Connect Flags (Clean Start) + 0x00, 0x3C, // Keep Alive (60 seconds) + + // Properties + 0x00, // Properties Length (0) + + // Payload + 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier + } + } else { + packet = []byte{ + // Fixed Header + 0x10, // Control Packet Type (CONNECT) and flags + 0x16, // Remaining Length (22 bytes) + + // Variable Header + 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name + 0x04, // Protocol Level (MQTT v3.1.1) + 0x02, // Connect Flags (Clean Start) + 0x00, 0x3C, // Keep Alive (60 seconds) + + // Payload + 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier + } + } + _, err := mqtt.conn.Write(packet) + return err +} + +// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. +func (mqtt *Connection) ReadMQTTv3Packet() error { + response := make([]byte, 4) + _, err := mqtt.conn.Read(response) + if err != nil { + return err + } + + mqtt.results.Response = fmt.Sprintf("%X", response) + + // DISCONNECT packet + if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { + return nil + } + + // Check if the response is a valid CONNACK packet + if response[0] != 0x20 || response[1] != 0x02 { + return fmt.Errorf("invalid CONNACK packet") + } + + mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 + mqtt.results.ConnectReturnCode = response[3] + + return nil +} + +// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. +func (mqtt *Connection) ReadMQTTv5Packet() error { + // Read the first byte to determine the packet type + firstByte := make([]byte, 1) + _, err := io.ReadFull(mqtt.conn, firstByte) + if err != nil { + return err + } + + packetType := firstByte[0] >> 4 + + // Read the remaining length + remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) + if err != nil { + return err + } + + // Convert remaining length bytes to integer + remainingLength, _ := binary.Uvarint(remainingLengthBytes) + + // Allocate the packet buffer with the correct size + packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) + packet[0] = firstByte[0] + copy(packet[1:], remainingLengthBytes) + + // Read the rest of the packet + _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) + if err != nil { + return err + } + + // Store the original response + mqtt.results.Response = fmt.Sprintf("%X", packet) + + // Process the packet based on its type + switch packetType { + case 2: // CONNACK + return mqtt.processConnAck(packet) + case 14: // DISCONNECT + return mqtt.processDisconnect(packet) + default: + return fmt.Errorf("unexpected packet type: %d", packetType) + } +} + +func (mqtt *Connection) processConnAck(packet []byte) error { + if len(packet) < 4 { + return fmt.Errorf("invalid CONNACK packet length") + } + + mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 + mqtt.results.ConnectReturnCode = packet[3] + + // Process properties if present + if len(packet) > 4 { + propertiesLength, n := binary.Uvarint(packet[4:]) + propertiesStart := 4 + n + propertiesEnd := propertiesStart + int(propertiesLength) + + if propertiesEnd > len(packet) { + return fmt.Errorf("invalid properties length in CONNACK") + } + } + + return nil +} + +func (mqtt *Connection) processDisconnect(packet []byte) error { + if len(packet) < 2 { + return fmt.Errorf("invalid DISCONNECT packet length") + } + + // Process properties if present + if len(packet) > 3 { + propertiesLength, n := binary.Uvarint(packet[3:]) + propertiesStart := 3 + n + propertiesEnd := propertiesStart + int(propertiesLength) + + if propertiesEnd > len(packet) { + return fmt.Errorf("invalid properties length in DISCONNECT") + } + } + + return nil +} + +func readVariableByteInteger(r io.Reader) ([]byte, error) { + var result []byte + for i := 0; i < 4; i++ { + b := make([]byte, 1) + _, err := r.Read(b) + if err != nil { + return nil, err + } + result = append(result, b[0]) + if b[0]&0x80 == 0 { + break + } + } + if len(result) == 4 && result[3]&0x80 != 0 { + return nil, fmt.Errorf("invalid variable byte integer") + } + return result, nil +} + +// Scan performs the configured scan on the MQTT server. +func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { + conn, err := t.Open(&s.config.BaseFlags) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) + } + defer conn.Close() + + mqtt := Connection{conn: conn, config: s.config} + + if s.config.UseTLS { + tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) + } + mqtt.results.TLSLog = tlsConn.GetLog() + + if err := tlsConn.Handshake(); err != nil { + return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) + } + + mqtt.conn = tlsConn + } + + if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) + } + + if s.config.V5 { + err = mqtt.ReadMQTTv5Packet() + } else { + err = mqtt.ReadMQTTv3Packet() + } + + if err != nil { + return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) + } + + return zgrab2.SCAN_SUCCESS, &mqtt.results, nil +} diff --git a/zgrab2_schemas/zgrab2/__init__.py b/zgrab2_schemas/zgrab2/__init__.py index 5ca9ed17b..c7a0e2053 100644 --- a/zgrab2_schemas/zgrab2/__init__.py +++ b/zgrab2_schemas/zgrab2/__init__.py @@ -22,3 +22,4 @@ from . import ipp from . import banner from . import amqp091 +from . import mqtt diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py new file mode 100644 index 000000000..0c0be42b4 --- /dev/null +++ b/zgrab2_schemas/zgrab2/mqtt.py @@ -0,0 +1,22 @@ +# zschema sub-schema for zgrab2's MQTT module +# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +from zschema.leaves import * +from zschema.compounds import * +import zschema.registry + +from . import zgrab2 + +# Schema for ScanResults struct +mqtt_scan_response = SubRecord({ + "session_present": Boolean(), + "connect_return_code": Byte(), + "response": String(), + "tls": zgrab2.tls_log, +}) + +mqtt_scan = SubRecord({ + "result": mqtt_scan_response, +}, extends=zgrab2.base_scan_response) + +zschema.registry.register_schema("zgrab2-mqtt", mqtt_scan) +zgrab2.register_scan_response_type("mqtt", mqtt_scan) \ No newline at end of file From 5a9700263398cd40f21ef246157b28276acfa986 Mon Sep 17 00:00:00 2001 From: AlexAQ972 Date: Wed, 25 Sep 2024 11:49:48 +0800 Subject: [PATCH 03/38] Add TLS test for MQTT v3.1.1 and v5.0 --- integration_tests/mqtt/mosquitto.conf | 7 +++- integration_tests/mqtt/multiple.ini | 23 +++++++++++++ integration_tests/mqtt/server.crt | 20 +++++++++++ integration_tests/mqtt/server.csr | 16 +++++++++ integration_tests/mqtt/server.key | 28 ++++++++++++++++ integration_tests/mqtt/server.pem | 48 +++++++++++++++++++++++++++ integration_tests/mqtt/setup.sh | 2 +- integration_tests/mqtt/test.sh | 7 ++-- 8 files changed, 147 insertions(+), 4 deletions(-) create mode 100644 integration_tests/mqtt/multiple.ini create mode 100644 integration_tests/mqtt/server.crt create mode 100644 integration_tests/mqtt/server.csr create mode 100644 integration_tests/mqtt/server.key create mode 100644 integration_tests/mqtt/server.pem diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf index b87bc15f5..c0efbf2f5 100644 --- a/integration_tests/mqtt/mosquitto.conf +++ b/integration_tests/mqtt/mosquitto.conf @@ -1 +1,6 @@ -listener 1883 0.0.0.0 \ No newline at end of file +listener 1883 0.0.0.0 + +listener 8883 0.0.0.0 +protocol mqtt +certfile /mosquitto/server.pem +keyfile /mosquitto/server.key \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini new file mode 100644 index 000000000..74f050237 --- /dev/null +++ b/integration_tests/mqtt/multiple.ini @@ -0,0 +1,23 @@ +[mqtt] +name="mqtt-tls" +trigger="mqtt-tls" +port=8883 +tls=true + +[mqtt] +name="mqtt-tls-v5" +trigger="mqtt-tls-v5" +port=8883 +tls=true +v5=true + +[mqtt] +name="mqtt" +trigger="mqtt" +port=1883 + +[mqtt] +name="mqtt-v5" +trigger="mqtt-v5" +port=1883 +v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt new file mode 100644 index 000000000..1a7c0ff26 --- /dev/null +++ b/integration_tests/mqtt/server.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy +MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD +VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 +VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl +5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe +Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W +C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s +A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g +1MDuvzVplpxKk3tkj8Ou +-----END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr new file mode 100644 index 000000000..e1fb51461 --- /dev/null +++ b/integration_tests/mqtt/server.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp +b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs +IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE +q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 +XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu +mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h +-----END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key new file mode 100644 index 000000000..a82fc343d --- /dev/null +++ b/integration_tests/mqtt/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E +jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW +HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK +xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr +e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI +CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 +sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV +S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH +WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF +Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN +NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ +5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 +yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW +ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N +4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE +tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu +7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY +2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh +JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE +CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv +rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K +iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC +Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl +49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc +eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw +skYVITHcfYVzVgxC9JIIKGg= +-----END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem new file mode 100644 index 000000000..97774dfb4 --- /dev/null +++ b/integration_tests/mqtt/server.pem @@ -0,0 +1,48 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E +jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW +HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK +xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr +e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI +CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 +sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV +S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH +WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF +Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN +NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ +5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 +yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW +ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N +4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE +tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu +7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY +2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh +JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE +CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv +rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K +iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC +Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl +49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc +eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw +skYVITHcfYVzVgxC9JIIKGg= +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy +MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD +VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 +VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl +5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe +Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W +C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s +A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g +1MDuvzVplpxKk3tkj8Ou +-----END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh index fb6231ad3..462846419 100755 --- a/integration_tests/mqtt/setup.sh +++ b/integration_tests/mqtt/setup.sh @@ -11,7 +11,7 @@ if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then exit 0 fi -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf" +DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" # If it is not running, try launching it -- on success, use that. echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh index 55d0ddc84..8f2ae805b 100755 --- a/integration_tests/mqtt/test.sh +++ b/integration_tests/mqtt/test.sh @@ -13,8 +13,11 @@ OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json echo "mqtt/test: Tests runner for mqtt" # TODO FIXME: Add any necessary flags or additional tests -CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt > $OUTPUT_FILE -CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE +echo -e ",target,mqtt +,target,mqtt-tls +,target,mqtt-v5 +,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE +#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE # Dump the docker logs echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" From 282fd569928a9cbfe90ed3698af164fb909af056 Mon Sep 17 00:00:00 2001 From: Sergey Batalov Date: Wed, 25 Sep 2024 10:53:30 +0500 Subject: [PATCH 04/38] Make banner read options configurable via CLI --- modules/banner/scanner.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/banner/scanner.go b/modules/banner/scanner.go index 1b268e066..bc6afe651 100644 --- a/modules/banner/scanner.go +++ b/modules/banner/scanner.go @@ -17,6 +17,7 @@ import ( "net" "regexp" "strconv" + "time" "github.com/zmap/zgrab2" ) @@ -24,6 +25,9 @@ import ( // Flags give the command-line flags for the banner module. type Flags struct { zgrab2.BaseFlags + ReadTimeout int `long:"read-timeout" default:"10" description:"Read timeout in milliseconds"` + BufferSize int `long:"buffer-size" default:"8209" description:"Read buffer size in bytes"` + MaxReadSize int `long:"max-read-size" default:"512" description:"Maximum amount of data to read in KiB (1024 bytes)"` Probe string `long:"probe" default:"\\n" description:"Probe to send to the server. Use triple slashes to escape, for example \\\\\\n is literal \\n. Mutually exclusive with --probe-file."` ProbeFile string `long:"probe-file" description:"Read probe from file as byte array (hex). Mutually exclusive with --probe."` Pattern string `long:"pattern" description:"Pattern to match, must be valid regexp."` @@ -177,7 +181,11 @@ func (s *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{} for try := 0; try < s.config.MaxTries; try++ { _, err = conn.Write(s.probe) - data, readErr = zgrab2.ReadAvailable(conn) + data, readErr = zgrab2.ReadAvailableWithOptions(conn, + s.config.BufferSize, + time.Duration(s.config.ReadTimeout)*time.Millisecond, + 0, + s.config.MaxReadSize*1024) if err != nil { continue } From deba94c4f099eb35a96b92c12acc18f618669330 Mon Sep 17 00:00:00 2001 From: Sergey Batalov Date: Wed, 25 Sep 2024 11:52:17 +0500 Subject: [PATCH 05/38] Run gofmt on modules/banner/scanner.go --- modules/banner/scanner.go | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/modules/banner/scanner.go b/modules/banner/scanner.go index bc6afe651..f3767518e 100644 --- a/modules/banner/scanner.go +++ b/modules/banner/scanner.go @@ -25,19 +25,19 @@ import ( // Flags give the command-line flags for the banner module. type Flags struct { zgrab2.BaseFlags - ReadTimeout int `long:"read-timeout" default:"10" description:"Read timeout in milliseconds"` - BufferSize int `long:"buffer-size" default:"8209" description:"Read buffer size in bytes"` - MaxReadSize int `long:"max-read-size" default:"512" description:"Maximum amount of data to read in KiB (1024 bytes)"` - Probe string `long:"probe" default:"\\n" description:"Probe to send to the server. Use triple slashes to escape, for example \\\\\\n is literal \\n. Mutually exclusive with --probe-file."` - ProbeFile string `long:"probe-file" description:"Read probe from file as byte array (hex). Mutually exclusive with --probe."` - Pattern string `long:"pattern" description:"Pattern to match, must be valid regexp."` - UseTLS bool `long:"tls" description:"Sends probe with TLS connection. Loads TLS module command options."` - MaxTries int `long:"max-tries" default:"1" description:"Number of tries for timeouts and connection errors before giving up. Includes making TLS connection if enabled."` - Hex bool `long:"hex" description:"Store banner value in hex. Mutually exclusive with --base64."` - Base64 bool `long:"base64" description:"Store banner value in base64. Mutually exclusive with --hex."` - MD5 bool `long:"md5" description:"Calculate MD5 hash of banner value."` - SHA1 bool `long:"sha1" description:"Calculate SHA1 hash of banner value."` - SHA256 bool `long:"sha256" description:"Calculate SHA256 hash of banner value."` + ReadTimeout int `long:"read-timeout" default:"10" description:"Read timeout in milliseconds"` + BufferSize int `long:"buffer-size" default:"8209" description:"Read buffer size in bytes"` + MaxReadSize int `long:"max-read-size" default:"512" description:"Maximum amount of data to read in KiB (1024 bytes)"` + Probe string `long:"probe" default:"\\n" description:"Probe to send to the server. Use triple slashes to escape, for example \\\\\\n is literal \\n. Mutually exclusive with --probe-file."` + ProbeFile string `long:"probe-file" description:"Read probe from file as byte array (hex). Mutually exclusive with --probe."` + Pattern string `long:"pattern" description:"Pattern to match, must be valid regexp."` + UseTLS bool `long:"tls" description:"Sends probe with TLS connection. Loads TLS module command options."` + MaxTries int `long:"max-tries" default:"1" description:"Number of tries for timeouts and connection errors before giving up. Includes making TLS connection if enabled."` + Hex bool `long:"hex" description:"Store banner value in hex. Mutually exclusive with --base64."` + Base64 bool `long:"base64" description:"Store banner value in base64. Mutually exclusive with --hex."` + MD5 bool `long:"md5" description:"Calculate MD5 hash of banner value."` + SHA1 bool `long:"sha1" description:"Calculate SHA1 hash of banner value."` + SHA256 bool `long:"sha256" description:"Calculate SHA256 hash of banner value."` zgrab2.TLSFlags } From c1942104c2c698da25715190d0bd9ba7f25f5472 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 16:38:19 +0800 Subject: [PATCH 06/38] New Protocol: PPTP --- modules/mqtt.go | 7 - modules/mqtt/scanner.go | 321 ------------------------------ modules/pptp.go | 7 + modules/pptp/scanner.go | 179 +++++++++++++++++ zgrab2_schemas/zgrab2/__init__.py | 2 +- zgrab2_schemas/zgrab2/pptp.py | 20 ++ 6 files changed, 207 insertions(+), 329 deletions(-) delete mode 100644 modules/mqtt.go delete mode 100644 modules/mqtt/scanner.go create mode 100644 modules/pptp.go create mode 100644 modules/pptp/scanner.go create mode 100644 zgrab2_schemas/zgrab2/pptp.py diff --git a/modules/mqtt.go b/modules/mqtt.go deleted file mode 100644 index 4b0091374..000000000 --- a/modules/mqtt.go +++ /dev/null @@ -1,7 +0,0 @@ -package modules - -import "github.com/zmap/zgrab2/modules/mqtt" - -func init() { - mqtt.RegisterModule() -} diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go deleted file mode 100644 index 1c23a962b..000000000 --- a/modules/mqtt/scanner.go +++ /dev/null @@ -1,321 +0,0 @@ -package mqtt - -import ( - "encoding/binary" - "fmt" - "io" - "net" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - SessionPresent bool `json:"session_present,omitempty"` - ConnectReturnCode byte `json:"connect_return_code,omitempty"` - Response string `json:"response,omitempty"` - TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` -} - -// Flags are the MQTT-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - zgrab2.TLSFlags - - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` - V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` - UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// Connection holds the state for a single connection to the MQTT server. -type Connection struct { - conn net.Conn - config *Flags - results ScanResults -} - -// RegisterModule registers the MQTT zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Perform an MQTT scan" -} - -// Validate flags -func (f *Flags) Validate(args []string) error { - return nil -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "mqtt" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. -func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { - var packet []byte - if v5 { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x17, // Remaining Length (23 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x05, // Protocol Level (MQTT v5.0) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Properties - 0x00, // Properties Length (0) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } else { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x16, // Remaining Length (22 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x04, // Protocol Level (MQTT v3.1.1) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } - _, err := mqtt.conn.Write(packet) - return err -} - -// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. -func (mqtt *Connection) ReadMQTTv3Packet() error { - response := make([]byte, 4) - _, err := mqtt.conn.Read(response) - if err != nil { - return err - } - - mqtt.results.Response = fmt.Sprintf("%X", response) - - // DISCONNECT packet - if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { - return nil - } - - // Check if the response is a valid CONNACK packet - if response[0] != 0x20 || response[1] != 0x02 { - return fmt.Errorf("invalid CONNACK packet") - } - - mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = response[3] - - return nil -} - -// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. -func (mqtt *Connection) ReadMQTTv5Packet() error { - // Read the first byte to determine the packet type - firstByte := make([]byte, 1) - _, err := io.ReadFull(mqtt.conn, firstByte) - if err != nil { - return err - } - - packetType := firstByte[0] >> 4 - - // Read the remaining length - remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) - if err != nil { - return err - } - - // Convert remaining length bytes to integer - remainingLength, _ := binary.Uvarint(remainingLengthBytes) - - // Allocate the packet buffer with the correct size - packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) - packet[0] = firstByte[0] - copy(packet[1:], remainingLengthBytes) - - // Read the rest of the packet - _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) - if err != nil { - return err - } - - // Store the original response - mqtt.results.Response = fmt.Sprintf("%X", packet) - - // Process the packet based on its type - switch packetType { - case 2: // CONNACK - return mqtt.processConnAck(packet) - case 14: // DISCONNECT - return mqtt.processDisconnect(packet) - default: - return fmt.Errorf("unexpected packet type: %d", packetType) - } -} - -func (mqtt *Connection) processConnAck(packet []byte) error { - if len(packet) < 4 { - return fmt.Errorf("invalid CONNACK packet length") - } - - mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = packet[3] - - // Process properties if present - if len(packet) > 4 { - propertiesLength, n := binary.Uvarint(packet[4:]) - propertiesStart := 4 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in CONNACK") - } - } - - return nil -} - -func (mqtt *Connection) processDisconnect(packet []byte) error { - if len(packet) < 2 { - return fmt.Errorf("invalid DISCONNECT packet length") - } - - // Process properties if present - if len(packet) > 3 { - propertiesLength, n := binary.Uvarint(packet[3:]) - propertiesStart := 3 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in DISCONNECT") - } - } - - return nil -} - -func readVariableByteInteger(r io.Reader) ([]byte, error) { - var result []byte - for i := 0; i < 4; i++ { - b := make([]byte, 1) - _, err := r.Read(b) - if err != nil { - return nil, err - } - result = append(result, b[0]) - if b[0]&0x80 == 0 { - break - } - } - if len(result) == 4 && result[3]&0x80 != 0 { - return nil, fmt.Errorf("invalid variable byte integer") - } - return result, nil -} - -// Scan performs the configured scan on the MQTT server. -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - defer conn.Close() - - mqtt := Connection{conn: conn, config: s.config} - - if s.config.UseTLS { - tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) - } - mqtt.results.TLSLog = tlsConn.GetLog() - - if err := tlsConn.Handshake(); err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) - } - - mqtt.conn = tlsConn - } - - if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) - } - - if s.config.V5 { - err = mqtt.ReadMQTTv5Packet() - } else { - err = mqtt.ReadMQTTv3Packet() - } - - if err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) - } - - return zgrab2.SCAN_SUCCESS, &mqtt.results, nil -} diff --git a/modules/pptp.go b/modules/pptp.go new file mode 100644 index 000000000..305ce0aee --- /dev/null +++ b/modules/pptp.go @@ -0,0 +1,7 @@ +package modules + +import "github.com/zmap/zgrab2/modules/pptp" + +func init() { + pptp.RegisterModule() +} diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go new file mode 100644 index 000000000..ad2f27f1b --- /dev/null +++ b/modules/pptp/scanner.go @@ -0,0 +1,179 @@ +// Package pptp contains the zgrab2 Module implementation for PPTP. +package pptp + +import ( + "encoding/binary" + "fmt" + "net" + "time" + + log "github.com/sirupsen/logrus" + "github.com/zmap/zgrab2" +) + +// ScanResults is the output of the scan. +type ScanResults struct { + // Banner is the initial data banner sent by the server. + Banner string `json:"banner,omitempty"` + + // ControlMessage is the received PPTP control message. + ControlMessage string `json:"control_message,omitempty"` +} + +// Flags are the PPTP-specific command-line flags. +type Flags struct { + zgrab2.BaseFlags + Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` +} + +// Module implements the zgrab2.Module interface. +type Module struct { +} + +// Scanner implements the zgrab2.Scanner interface, and holds the state +// for a single scan. +type Scanner struct { + config *Flags +} + +// RegisterModule registers the pptp zgrab2 module. +func RegisterModule() { + var module Module + _, err := zgrab2.AddCommand("pptp", "PPTP", module.Description(), 1723, &module) + if err != nil { + log.Fatal(err) + } +} + +// NewFlags returns the default flags object to be filled in with the +// command-line arguments. +func (m *Module) NewFlags() interface{} { + return new(Flags) +} + +// NewScanner returns a new Scanner instance. +func (m *Module) NewScanner() zgrab2.Scanner { + return new(Scanner) +} + +// Description returns an overview of this module. +func (m *Module) Description() string { + return "Scan for PPTP" +} + +// Validate flags +func (f *Flags) Validate(args []string) (err error) { + return +} + +// Help returns this module's help string. +func (f *Flags) Help() string { + return "" +} + +// Protocol returns the protocol identifier for the scanner. +func (s *Scanner) Protocol() string { + return "pptp" +} + +// Init initializes the Scanner instance with the flags from the command line. +func (s *Scanner) Init(flags zgrab2.ScanFlags) error { + f, _ := flags.(*Flags) + s.config = f + return nil +} + +// InitPerSender does nothing in this module. +func (s *Scanner) InitPerSender(senderID int) error { + return nil +} + +// GetName returns the configured name for the Scanner. +func (s *Scanner) GetName() string { + return s.config.Name +} + +// GetTrigger returns the Trigger defined in the Flags. +func (scanner *Scanner) GetTrigger() string { + return scanner.config.Trigger +} + +// PPTP Start-Control-Connection-Request message constants +const ( + PPTP_MAGIC_COOKIE = 0x1A2B3C4D + PPTP_CONTROL_MESSAGE = 1 + PPTP_START_CONN_REQUEST = 1 + PPTP_PROTOCOL_VERSION = 0x0100 // Split into two 16-bit values for binary.BigEndian.PutUint16 +) + +// Connection holds the state for a single connection to the PPTP server. +type Connection struct { + config *Flags + results ScanResults + conn net.Conn +} + +// Create the Start-Control-Connection-Request message +func createSCCRMessage() []byte { + message := make([]byte, 156) + binary.BigEndian.PutUint16(message[0:2], 156) // Length + binary.BigEndian.PutUint16(message[2:4], PPTP_CONTROL_MESSAGE) // PPTP Message Type + binary.BigEndian.PutUint32(message[4:8], PPTP_MAGIC_COOKIE) // Magic Cookie + binary.BigEndian.PutUint16(message[8:10], PPTP_START_CONN_REQUEST) // Control Message Type + binary.BigEndian.PutUint16(message[10:12], uint16(PPTP_PROTOCOL_VERSION>>16)) // Protocol Version (high 16 bits) + binary.BigEndian.PutUint16(message[12:14], uint16(PPTP_PROTOCOL_VERSION&0xFFFF)) // Protocol Version (low 16 bits) + binary.BigEndian.PutUint32(message[14:18], 0) // Framing Capabilities + binary.BigEndian.PutUint32(message[18:22], 0) // Bearer Capabilities + binary.BigEndian.PutUint16(message[22:24], 0) // Maximum Channels + binary.BigEndian.PutUint16(message[24:26], 0) // Firmware Revision + copy(message[26:90], "ZGRAB2-SCANNER") // Host Name + copy(message[90:], "ZGRAB2") // Vendor Name + return message +} + +// Read response from the PPTP server +func (pptp *Connection) readResponse() (string, error) { + buffer := make([]byte, 1024) + pptp.conn.SetReadDeadline(time.Now().Add(5 * time.Second)) + n, err := pptp.conn.Read(buffer) + if err != nil { + return "", err + } + return string(buffer[:n]), nil +} + +// Scan performs the configured scan on the PPTP server +func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { + var err error + conn, err := t.Open(&s.config.BaseFlags) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) + } + cn := conn + defer func() { + cn.Close() + }() + + results := ScanResults{} + + pptp := Connection{conn: cn, config: s.config, results: results} + + // Send Start-Control-Connection-Request message + request := createSCCRMessage() + _, err = pptp.conn.Write(request) + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error sending PPTP SCCR message: %w", err) + } + + // Read the response + response, err := pptp.readResponse() + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error reading PPTP response: %w", err) + } + + // Store the banner and control message + pptp.results.Banner = string(request) + pptp.results.ControlMessage = response + + return zgrab2.SCAN_SUCCESS, &pptp.results, nil +} \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/__init__.py b/zgrab2_schemas/zgrab2/__init__.py index c7a0e2053..e0806003c 100644 --- a/zgrab2_schemas/zgrab2/__init__.py +++ b/zgrab2_schemas/zgrab2/__init__.py @@ -22,4 +22,4 @@ from . import ipp from . import banner from . import amqp091 -from . import mqtt +from . import pptp diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py new file mode 100644 index 000000000..9273387a3 --- /dev/null +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -0,0 +1,20 @@ +# zschema sub-schema for zgrab2's MQTT module +# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +from zschema.leaves import * +from zschema.compounds import * +import zschema.registry + +from . import zgrab2 + +# Schema for ScanResults struct +pptp_scan_response = SubRecord({ + "banner": String(), + "control_message": String(), +}) + +pptp_scan = SubRecord({ + "result": pptp_scan_response, +}, extends=zgrab2.base_scan_response) + +zschema.registry.register_schema("zgrab2-pptp", pptp_scan) +zgrab2.register_scan_response_type("pptp", pptp_scan) \ No newline at end of file From 4966b2034437abaf761ad23cafdfa9252374f4b4 Mon Sep 17 00:00:00 2001 From: AlexAQ972 <182717094+AlexAQ972@users.noreply.github.com> Date: Fri, 27 Sep 2024 16:43:48 +0800 Subject: [PATCH 07/38] Delete modules/mqtt directory --- modules/mqtt/scanner.go | 321 ---------------------------------------- 1 file changed, 321 deletions(-) delete mode 100644 modules/mqtt/scanner.go diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go deleted file mode 100644 index 1c23a962b..000000000 --- a/modules/mqtt/scanner.go +++ /dev/null @@ -1,321 +0,0 @@ -package mqtt - -import ( - "encoding/binary" - "fmt" - "io" - "net" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - SessionPresent bool `json:"session_present,omitempty"` - ConnectReturnCode byte `json:"connect_return_code,omitempty"` - Response string `json:"response,omitempty"` - TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` -} - -// Flags are the MQTT-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - zgrab2.TLSFlags - - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` - V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` - UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// Connection holds the state for a single connection to the MQTT server. -type Connection struct { - conn net.Conn - config *Flags - results ScanResults -} - -// RegisterModule registers the MQTT zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Perform an MQTT scan" -} - -// Validate flags -func (f *Flags) Validate(args []string) error { - return nil -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "mqtt" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. -func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { - var packet []byte - if v5 { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x17, // Remaining Length (23 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x05, // Protocol Level (MQTT v5.0) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Properties - 0x00, // Properties Length (0) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } else { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x16, // Remaining Length (22 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x04, // Protocol Level (MQTT v3.1.1) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } - _, err := mqtt.conn.Write(packet) - return err -} - -// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. -func (mqtt *Connection) ReadMQTTv3Packet() error { - response := make([]byte, 4) - _, err := mqtt.conn.Read(response) - if err != nil { - return err - } - - mqtt.results.Response = fmt.Sprintf("%X", response) - - // DISCONNECT packet - if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { - return nil - } - - // Check if the response is a valid CONNACK packet - if response[0] != 0x20 || response[1] != 0x02 { - return fmt.Errorf("invalid CONNACK packet") - } - - mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = response[3] - - return nil -} - -// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. -func (mqtt *Connection) ReadMQTTv5Packet() error { - // Read the first byte to determine the packet type - firstByte := make([]byte, 1) - _, err := io.ReadFull(mqtt.conn, firstByte) - if err != nil { - return err - } - - packetType := firstByte[0] >> 4 - - // Read the remaining length - remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) - if err != nil { - return err - } - - // Convert remaining length bytes to integer - remainingLength, _ := binary.Uvarint(remainingLengthBytes) - - // Allocate the packet buffer with the correct size - packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) - packet[0] = firstByte[0] - copy(packet[1:], remainingLengthBytes) - - // Read the rest of the packet - _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) - if err != nil { - return err - } - - // Store the original response - mqtt.results.Response = fmt.Sprintf("%X", packet) - - // Process the packet based on its type - switch packetType { - case 2: // CONNACK - return mqtt.processConnAck(packet) - case 14: // DISCONNECT - return mqtt.processDisconnect(packet) - default: - return fmt.Errorf("unexpected packet type: %d", packetType) - } -} - -func (mqtt *Connection) processConnAck(packet []byte) error { - if len(packet) < 4 { - return fmt.Errorf("invalid CONNACK packet length") - } - - mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = packet[3] - - // Process properties if present - if len(packet) > 4 { - propertiesLength, n := binary.Uvarint(packet[4:]) - propertiesStart := 4 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in CONNACK") - } - } - - return nil -} - -func (mqtt *Connection) processDisconnect(packet []byte) error { - if len(packet) < 2 { - return fmt.Errorf("invalid DISCONNECT packet length") - } - - // Process properties if present - if len(packet) > 3 { - propertiesLength, n := binary.Uvarint(packet[3:]) - propertiesStart := 3 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in DISCONNECT") - } - } - - return nil -} - -func readVariableByteInteger(r io.Reader) ([]byte, error) { - var result []byte - for i := 0; i < 4; i++ { - b := make([]byte, 1) - _, err := r.Read(b) - if err != nil { - return nil, err - } - result = append(result, b[0]) - if b[0]&0x80 == 0 { - break - } - } - if len(result) == 4 && result[3]&0x80 != 0 { - return nil, fmt.Errorf("invalid variable byte integer") - } - return result, nil -} - -// Scan performs the configured scan on the MQTT server. -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - defer conn.Close() - - mqtt := Connection{conn: conn, config: s.config} - - if s.config.UseTLS { - tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) - } - mqtt.results.TLSLog = tlsConn.GetLog() - - if err := tlsConn.Handshake(); err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) - } - - mqtt.conn = tlsConn - } - - if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) - } - - if s.config.V5 { - err = mqtt.ReadMQTTv5Packet() - } else { - err = mqtt.ReadMQTTv3Packet() - } - - if err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) - } - - return zgrab2.SCAN_SUCCESS, &mqtt.results, nil -} From 70a20a4ec28a357a1287edfbe3aec9b6bc33418a Mon Sep 17 00:00:00 2001 From: AlexAQ972 <182717094+AlexAQ972@users.noreply.github.com> Date: Fri, 27 Sep 2024 16:44:04 +0800 Subject: [PATCH 08/38] Delete modules/mqtt.go --- modules/mqtt.go | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 modules/mqtt.go diff --git a/modules/mqtt.go b/modules/mqtt.go deleted file mode 100644 index 4b0091374..000000000 --- a/modules/mqtt.go +++ /dev/null @@ -1,7 +0,0 @@ -package modules - -import "github.com/zmap/zgrab2/modules/mqtt" - -func init() { - mqtt.RegisterModule() -} From 4fbd8551f5ea25c1bab82be960e5838b9a1275d7 Mon Sep 17 00:00:00 2001 From: AlexAQ972 <182717094+AlexAQ972@users.noreply.github.com> Date: Fri, 27 Sep 2024 16:46:03 +0800 Subject: [PATCH 09/38] Create scanner.go --- modules/pptp/scanner.go | 179 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 179 insertions(+) create mode 100644 modules/pptp/scanner.go diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go new file mode 100644 index 000000000..d7bdc91b1 --- /dev/null +++ b/modules/pptp/scanner.go @@ -0,0 +1,179 @@ +// Package pptp contains the zgrab2 Module implementation for PPTP. +package pptp + +import ( + "encoding/binary" + "fmt" + "net" + "time" + + log "github.com/sirupsen/logrus" + "github.com/zmap/zgrab2" +) + +// ScanResults is the output of the scan. +type ScanResults struct { + // Banner is the initial data banner sent by the server. + Banner string `json:"banner,omitempty"` + + // ControlMessage is the received PPTP control message. + ControlMessage string `json:"control_message,omitempty"` +} + +// Flags are the PPTP-specific command-line flags. +type Flags struct { + zgrab2.BaseFlags + Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` +} + +// Module implements the zgrab2.Module interface. +type Module struct { +} + +// Scanner implements the zgrab2.Scanner interface, and holds the state +// for a single scan. +type Scanner struct { + config *Flags +} + +// RegisterModule registers the pptp zgrab2 module. +func RegisterModule() { + var module Module + _, err := zgrab2.AddCommand("pptp", "PPTP", module.Description(), 1723, &module) + if err != nil { + log.Fatal(err) + } +} + +// NewFlags returns the default flags object to be filled in with the +// command-line arguments. +func (m *Module) NewFlags() interface{} { + return new(Flags) +} + +// NewScanner returns a new Scanner instance. +func (m *Module) NewScanner() zgrab2.Scanner { + return new(Scanner) +} + +// Description returns an overview of this module. +func (m *Module) Description() string { + return "Scan for PPTP" +} + +// Validate flags +func (f *Flags) Validate(args []string) (err error) { + return +} + +// Help returns this module's help string. +func (f *Flags) Help() string { + return "" +} + +// Protocol returns the protocol identifier for the scanner. +func (s *Scanner) Protocol() string { + return "pptp" +} + +// Init initializes the Scanner instance with the flags from the command line. +func (s *Scanner) Init(flags zgrab2.ScanFlags) error { + f, _ := flags.(*Flags) + s.config = f + return nil +} + +// InitPerSender does nothing in this module. +func (s *Scanner) InitPerSender(senderID int) error { + return nil +} + +// GetName returns the configured name for the Scanner. +func (s *Scanner) GetName() string { + return s.config.Name +} + +// GetTrigger returns the Trigger defined in the Flags. +func (scanner *Scanner) GetTrigger() string { + return scanner.config.Trigger +} + +// PPTP Start-Control-Connection-Request message constants +const ( + PPTP_MAGIC_COOKIE = 0x1A2B3C4D + PPTP_CONTROL_MESSAGE = 1 + PPTP_START_CONN_REQUEST = 1 + PPTP_PROTOCOL_VERSION = 0x0100 // Split into two 16-bit values for binary.BigEndian.PutUint16 +) + +// Connection holds the state for a single connection to the PPTP server. +type Connection struct { + config *Flags + results ScanResults + conn net.Conn +} + +// Create the Start-Control-Connection-Request message +func createSCCRMessage() []byte { + message := make([]byte, 156) + binary.BigEndian.PutUint16(message[0:2], 156) // Length + binary.BigEndian.PutUint16(message[2:4], PPTP_CONTROL_MESSAGE) // PPTP Message Type + binary.BigEndian.PutUint32(message[4:8], PPTP_MAGIC_COOKIE) // Magic Cookie + binary.BigEndian.PutUint16(message[8:10], PPTP_START_CONN_REQUEST) // Control Message Type + binary.BigEndian.PutUint16(message[10:12], uint16(PPTP_PROTOCOL_VERSION>>16)) // Protocol Version (high 16 bits) + binary.BigEndian.PutUint16(message[12:14], uint16(PPTP_PROTOCOL_VERSION&0xFFFF)) // Protocol Version (low 16 bits) + binary.BigEndian.PutUint32(message[14:18], 0) // Framing Capabilities + binary.BigEndian.PutUint32(message[18:22], 0) // Bearer Capabilities + binary.BigEndian.PutUint16(message[22:24], 0) // Maximum Channels + binary.BigEndian.PutUint16(message[24:26], 0) // Firmware Revision + copy(message[26:90], "ZGRAB2-SCANNER") // Host Name + copy(message[90:], "ZGRAB2") // Vendor Name + return message +} + +// Read response from the PPTP server +func (pptp *Connection) readResponse() (string, error) { + buffer := make([]byte, 1024) + pptp.conn.SetReadDeadline(time.Now().Add(5 * time.Second)) + n, err := pptp.conn.Read(buffer) + if err != nil { + return "", err + } + return string(buffer[:n]), nil +} + +// Scan performs the configured scan on the PPTP server +func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { + var err error + conn, err := t.Open(&s.config.BaseFlags) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) + } + cn := conn + defer func() { + cn.Close() + }() + + results := ScanResults{} + + pptp := Connection{conn: cn, config: s.config, results: results} + + // Send Start-Control-Connection-Request message + request := createSCCRMessage() + _, err = pptp.conn.Write(request) + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error sending PPTP SCCR message: %w", err) + } + + // Read the response + response, err := pptp.readResponse() + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error reading PPTP response: %w", err) + } + + // Store the banner and control message + pptp.results.Banner = string(request) + pptp.results.ControlMessage = response + + return zgrab2.SCAN_SUCCESS, &pptp.results, nil +} From 8d5e02e4ef8413061cb00a8b19038edd852d61b1 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 16:57:29 +0800 Subject: [PATCH 10/38] Revert "Add TLS test for MQTT v3.1.1 and v5.0" This reverts commit 5a9700263398cd40f21ef246157b28276acfa986. --- integration_tests/mqtt/mosquitto.conf | 7 +--- integration_tests/mqtt/multiple.ini | 23 ------------- integration_tests/mqtt/server.crt | 20 ----------- integration_tests/mqtt/server.csr | 16 --------- integration_tests/mqtt/server.key | 28 ---------------- integration_tests/mqtt/server.pem | 48 --------------------------- integration_tests/mqtt/setup.sh | 2 +- integration_tests/mqtt/test.sh | 7 ++-- 8 files changed, 4 insertions(+), 147 deletions(-) delete mode 100644 integration_tests/mqtt/multiple.ini delete mode 100644 integration_tests/mqtt/server.crt delete mode 100644 integration_tests/mqtt/server.csr delete mode 100644 integration_tests/mqtt/server.key delete mode 100644 integration_tests/mqtt/server.pem diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf index c0efbf2f5..b87bc15f5 100644 --- a/integration_tests/mqtt/mosquitto.conf +++ b/integration_tests/mqtt/mosquitto.conf @@ -1,6 +1 @@ -listener 1883 0.0.0.0 - -listener 8883 0.0.0.0 -protocol mqtt -certfile /mosquitto/server.pem -keyfile /mosquitto/server.key \ No newline at end of file +listener 1883 0.0.0.0 \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini deleted file mode 100644 index 74f050237..000000000 --- a/integration_tests/mqtt/multiple.ini +++ /dev/null @@ -1,23 +0,0 @@ -[mqtt] -name="mqtt-tls" -trigger="mqtt-tls" -port=8883 -tls=true - -[mqtt] -name="mqtt-tls-v5" -trigger="mqtt-tls-v5" -port=8883 -tls=true -v5=true - -[mqtt] -name="mqtt" -trigger="mqtt" -port=1883 - -[mqtt] -name="mqtt-v5" -trigger="mqtt-v5" -port=1883 -v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt deleted file mode 100644 index 1a7c0ff26..000000000 --- a/integration_tests/mqtt/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr deleted file mode 100644 index e1fb51461..000000000 --- a/integration_tests/mqtt/server.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp -b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs -IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE -q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 -XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu -mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h ------END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key deleted file mode 100644 index a82fc343d..000000000 --- a/integration_tests/mqtt/server.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem deleted file mode 100644 index 97774dfb4..000000000 --- a/integration_tests/mqtt/server.pem +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh index 462846419..fb6231ad3 100755 --- a/integration_tests/mqtt/setup.sh +++ b/integration_tests/mqtt/setup.sh @@ -11,7 +11,7 @@ if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then exit 0 fi -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" +DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf" # If it is not running, try launching it -- on success, use that. echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh index 8f2ae805b..55d0ddc84 100755 --- a/integration_tests/mqtt/test.sh +++ b/integration_tests/mqtt/test.sh @@ -13,11 +13,8 @@ OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json echo "mqtt/test: Tests runner for mqtt" # TODO FIXME: Add any necessary flags or additional tests -echo -e ",target,mqtt -,target,mqtt-tls -,target,mqtt-v5 -,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE -#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt > $OUTPUT_FILE +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE # Dump the docker logs echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" From e2325fdeeaf482b882b3674d8d036b03683351e3 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 17:04:57 +0800 Subject: [PATCH 11/38] Reapply "Add TLS test for MQTT v3.1.1 and v5.0" This reverts commit 8d5e02e4ef8413061cb00a8b19038edd852d61b1. --- integration_tests/mqtt/mosquitto.conf | 7 +++- integration_tests/mqtt/multiple.ini | 23 +++++++++++++ integration_tests/mqtt/server.crt | 20 +++++++++++ integration_tests/mqtt/server.csr | 16 +++++++++ integration_tests/mqtt/server.key | 28 ++++++++++++++++ integration_tests/mqtt/server.pem | 48 +++++++++++++++++++++++++++ integration_tests/mqtt/setup.sh | 2 +- integration_tests/mqtt/test.sh | 7 ++-- 8 files changed, 147 insertions(+), 4 deletions(-) create mode 100644 integration_tests/mqtt/multiple.ini create mode 100644 integration_tests/mqtt/server.crt create mode 100644 integration_tests/mqtt/server.csr create mode 100644 integration_tests/mqtt/server.key create mode 100644 integration_tests/mqtt/server.pem diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf index b87bc15f5..c0efbf2f5 100644 --- a/integration_tests/mqtt/mosquitto.conf +++ b/integration_tests/mqtt/mosquitto.conf @@ -1 +1,6 @@ -listener 1883 0.0.0.0 \ No newline at end of file +listener 1883 0.0.0.0 + +listener 8883 0.0.0.0 +protocol mqtt +certfile /mosquitto/server.pem +keyfile /mosquitto/server.key \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini new file mode 100644 index 000000000..74f050237 --- /dev/null +++ b/integration_tests/mqtt/multiple.ini @@ -0,0 +1,23 @@ +[mqtt] +name="mqtt-tls" +trigger="mqtt-tls" +port=8883 +tls=true + +[mqtt] +name="mqtt-tls-v5" +trigger="mqtt-tls-v5" +port=8883 +tls=true +v5=true + +[mqtt] +name="mqtt" +trigger="mqtt" +port=1883 + +[mqtt] +name="mqtt-v5" +trigger="mqtt-v5" +port=1883 +v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt new file mode 100644 index 000000000..1a7c0ff26 --- /dev/null +++ b/integration_tests/mqtt/server.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy +MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD +VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 +VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl +5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe +Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W +C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s +A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g +1MDuvzVplpxKk3tkj8Ou +-----END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr new file mode 100644 index 000000000..e1fb51461 --- /dev/null +++ b/integration_tests/mqtt/server.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp +b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs +IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE +q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 +XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu +mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h +-----END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key new file mode 100644 index 000000000..a82fc343d --- /dev/null +++ b/integration_tests/mqtt/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E +jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW +HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK +xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr +e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI +CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 +sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV +S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH +WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF +Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN +NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ +5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 +yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW +ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N +4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE +tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu +7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY +2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh +JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE +CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv +rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K +iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC +Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl +49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc +eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw +skYVITHcfYVzVgxC9JIIKGg= +-----END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem new file mode 100644 index 000000000..97774dfb4 --- /dev/null +++ b/integration_tests/mqtt/server.pem @@ -0,0 +1,48 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E +jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW +HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK +xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr +e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI +CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 +sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV +S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH +WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF +Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN +NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ +5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 +yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW +ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N +4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE +tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu +7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY +2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh +JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE +CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv +rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K +iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC +Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl +49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc +eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw +skYVITHcfYVzVgxC9JIIKGg= +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy +MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh +fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR +EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B +Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj +SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ +BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD +VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 +VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl +5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe +Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W +C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s +A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g +1MDuvzVplpxKk3tkj8Ou +-----END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh index fb6231ad3..462846419 100755 --- a/integration_tests/mqtt/setup.sh +++ b/integration_tests/mqtt/setup.sh @@ -11,7 +11,7 @@ if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then exit 0 fi -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf" +DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" # If it is not running, try launching it -- on success, use that. echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh index 55d0ddc84..8f2ae805b 100755 --- a/integration_tests/mqtt/test.sh +++ b/integration_tests/mqtt/test.sh @@ -13,8 +13,11 @@ OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json echo "mqtt/test: Tests runner for mqtt" # TODO FIXME: Add any necessary flags or additional tests -CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt > $OUTPUT_FILE -CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE +echo -e ",target,mqtt +,target,mqtt-tls +,target,mqtt-v5 +,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE +#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE # Dump the docker logs echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" From f9ed52e010f2422a9e94460416d2d7ef3bd8db49 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 17:07:39 +0800 Subject: [PATCH 12/38] Delete pptp --- modules/pptp/scanner.go | 179 ---------------------------------------- 1 file changed, 179 deletions(-) delete mode 100644 modules/pptp/scanner.go diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go deleted file mode 100644 index d7bdc91b1..000000000 --- a/modules/pptp/scanner.go +++ /dev/null @@ -1,179 +0,0 @@ -// Package pptp contains the zgrab2 Module implementation for PPTP. -package pptp - -import ( - "encoding/binary" - "fmt" - "net" - "time" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - // Banner is the initial data banner sent by the server. - Banner string `json:"banner,omitempty"` - - // ControlMessage is the received PPTP control message. - ControlMessage string `json:"control_message,omitempty"` -} - -// Flags are the PPTP-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// RegisterModule registers the pptp zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("pptp", "PPTP", module.Description(), 1723, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Scan for PPTP" -} - -// Validate flags -func (f *Flags) Validate(args []string) (err error) { - return -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "pptp" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// PPTP Start-Control-Connection-Request message constants -const ( - PPTP_MAGIC_COOKIE = 0x1A2B3C4D - PPTP_CONTROL_MESSAGE = 1 - PPTP_START_CONN_REQUEST = 1 - PPTP_PROTOCOL_VERSION = 0x0100 // Split into two 16-bit values for binary.BigEndian.PutUint16 -) - -// Connection holds the state for a single connection to the PPTP server. -type Connection struct { - config *Flags - results ScanResults - conn net.Conn -} - -// Create the Start-Control-Connection-Request message -func createSCCRMessage() []byte { - message := make([]byte, 156) - binary.BigEndian.PutUint16(message[0:2], 156) // Length - binary.BigEndian.PutUint16(message[2:4], PPTP_CONTROL_MESSAGE) // PPTP Message Type - binary.BigEndian.PutUint32(message[4:8], PPTP_MAGIC_COOKIE) // Magic Cookie - binary.BigEndian.PutUint16(message[8:10], PPTP_START_CONN_REQUEST) // Control Message Type - binary.BigEndian.PutUint16(message[10:12], uint16(PPTP_PROTOCOL_VERSION>>16)) // Protocol Version (high 16 bits) - binary.BigEndian.PutUint16(message[12:14], uint16(PPTP_PROTOCOL_VERSION&0xFFFF)) // Protocol Version (low 16 bits) - binary.BigEndian.PutUint32(message[14:18], 0) // Framing Capabilities - binary.BigEndian.PutUint32(message[18:22], 0) // Bearer Capabilities - binary.BigEndian.PutUint16(message[22:24], 0) // Maximum Channels - binary.BigEndian.PutUint16(message[24:26], 0) // Firmware Revision - copy(message[26:90], "ZGRAB2-SCANNER") // Host Name - copy(message[90:], "ZGRAB2") // Vendor Name - return message -} - -// Read response from the PPTP server -func (pptp *Connection) readResponse() (string, error) { - buffer := make([]byte, 1024) - pptp.conn.SetReadDeadline(time.Now().Add(5 * time.Second)) - n, err := pptp.conn.Read(buffer) - if err != nil { - return "", err - } - return string(buffer[:n]), nil -} - -// Scan performs the configured scan on the PPTP server -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - var err error - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - cn := conn - defer func() { - cn.Close() - }() - - results := ScanResults{} - - pptp := Connection{conn: cn, config: s.config, results: results} - - // Send Start-Control-Connection-Request message - request := createSCCRMessage() - _, err = pptp.conn.Write(request) - if err != nil { - return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error sending PPTP SCCR message: %w", err) - } - - // Read the response - response, err := pptp.readResponse() - if err != nil { - return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error reading PPTP response: %w", err) - } - - // Store the banner and control message - pptp.results.Banner = string(request) - pptp.results.ControlMessage = response - - return zgrab2.SCAN_SUCCESS, &pptp.results, nil -} From c62177354797848a572b76ac5a157d0bd63f3d7d Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 17:13:14 +0800 Subject: [PATCH 13/38] New Protocol: Socks5 --- modules/mqtt.go | 7 - modules/mqtt/scanner.go | 321 ------------------------------ modules/socks5.go | 7 + modules/socks5/scanner.go | 255 ++++++++++++++++++++++++ zgrab2_schemas/zgrab2/__init__.py | 2 +- zgrab2_schemas/zgrab2/mqtt.py | 22 -- zgrab2_schemas/zgrab2/socks5.py | 31 +++ 7 files changed, 294 insertions(+), 351 deletions(-) delete mode 100644 modules/mqtt.go delete mode 100644 modules/mqtt/scanner.go create mode 100644 modules/socks5.go create mode 100644 modules/socks5/scanner.go delete mode 100644 zgrab2_schemas/zgrab2/mqtt.py create mode 100644 zgrab2_schemas/zgrab2/socks5.py diff --git a/modules/mqtt.go b/modules/mqtt.go deleted file mode 100644 index 4b0091374..000000000 --- a/modules/mqtt.go +++ /dev/null @@ -1,7 +0,0 @@ -package modules - -import "github.com/zmap/zgrab2/modules/mqtt" - -func init() { - mqtt.RegisterModule() -} diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go deleted file mode 100644 index 1c23a962b..000000000 --- a/modules/mqtt/scanner.go +++ /dev/null @@ -1,321 +0,0 @@ -package mqtt - -import ( - "encoding/binary" - "fmt" - "io" - "net" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - SessionPresent bool `json:"session_present,omitempty"` - ConnectReturnCode byte `json:"connect_return_code,omitempty"` - Response string `json:"response,omitempty"` - TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` -} - -// Flags are the MQTT-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - zgrab2.TLSFlags - - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` - V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` - UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// Connection holds the state for a single connection to the MQTT server. -type Connection struct { - conn net.Conn - config *Flags - results ScanResults -} - -// RegisterModule registers the MQTT zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Perform an MQTT scan" -} - -// Validate flags -func (f *Flags) Validate(args []string) error { - return nil -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "mqtt" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. -func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { - var packet []byte - if v5 { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x17, // Remaining Length (23 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x05, // Protocol Level (MQTT v5.0) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Properties - 0x00, // Properties Length (0) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } else { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x16, // Remaining Length (22 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x04, // Protocol Level (MQTT v3.1.1) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } - _, err := mqtt.conn.Write(packet) - return err -} - -// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. -func (mqtt *Connection) ReadMQTTv3Packet() error { - response := make([]byte, 4) - _, err := mqtt.conn.Read(response) - if err != nil { - return err - } - - mqtt.results.Response = fmt.Sprintf("%X", response) - - // DISCONNECT packet - if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { - return nil - } - - // Check if the response is a valid CONNACK packet - if response[0] != 0x20 || response[1] != 0x02 { - return fmt.Errorf("invalid CONNACK packet") - } - - mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = response[3] - - return nil -} - -// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. -func (mqtt *Connection) ReadMQTTv5Packet() error { - // Read the first byte to determine the packet type - firstByte := make([]byte, 1) - _, err := io.ReadFull(mqtt.conn, firstByte) - if err != nil { - return err - } - - packetType := firstByte[0] >> 4 - - // Read the remaining length - remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) - if err != nil { - return err - } - - // Convert remaining length bytes to integer - remainingLength, _ := binary.Uvarint(remainingLengthBytes) - - // Allocate the packet buffer with the correct size - packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) - packet[0] = firstByte[0] - copy(packet[1:], remainingLengthBytes) - - // Read the rest of the packet - _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) - if err != nil { - return err - } - - // Store the original response - mqtt.results.Response = fmt.Sprintf("%X", packet) - - // Process the packet based on its type - switch packetType { - case 2: // CONNACK - return mqtt.processConnAck(packet) - case 14: // DISCONNECT - return mqtt.processDisconnect(packet) - default: - return fmt.Errorf("unexpected packet type: %d", packetType) - } -} - -func (mqtt *Connection) processConnAck(packet []byte) error { - if len(packet) < 4 { - return fmt.Errorf("invalid CONNACK packet length") - } - - mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = packet[3] - - // Process properties if present - if len(packet) > 4 { - propertiesLength, n := binary.Uvarint(packet[4:]) - propertiesStart := 4 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in CONNACK") - } - } - - return nil -} - -func (mqtt *Connection) processDisconnect(packet []byte) error { - if len(packet) < 2 { - return fmt.Errorf("invalid DISCONNECT packet length") - } - - // Process properties if present - if len(packet) > 3 { - propertiesLength, n := binary.Uvarint(packet[3:]) - propertiesStart := 3 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in DISCONNECT") - } - } - - return nil -} - -func readVariableByteInteger(r io.Reader) ([]byte, error) { - var result []byte - for i := 0; i < 4; i++ { - b := make([]byte, 1) - _, err := r.Read(b) - if err != nil { - return nil, err - } - result = append(result, b[0]) - if b[0]&0x80 == 0 { - break - } - } - if len(result) == 4 && result[3]&0x80 != 0 { - return nil, fmt.Errorf("invalid variable byte integer") - } - return result, nil -} - -// Scan performs the configured scan on the MQTT server. -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - defer conn.Close() - - mqtt := Connection{conn: conn, config: s.config} - - if s.config.UseTLS { - tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) - } - mqtt.results.TLSLog = tlsConn.GetLog() - - if err := tlsConn.Handshake(); err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) - } - - mqtt.conn = tlsConn - } - - if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) - } - - if s.config.V5 { - err = mqtt.ReadMQTTv5Packet() - } else { - err = mqtt.ReadMQTTv3Packet() - } - - if err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) - } - - return zgrab2.SCAN_SUCCESS, &mqtt.results, nil -} diff --git a/modules/socks5.go b/modules/socks5.go new file mode 100644 index 000000000..629e05ce7 --- /dev/null +++ b/modules/socks5.go @@ -0,0 +1,7 @@ +package modules + +import "github.com/zmap/zgrab2/modules/socks5" + +func init() { + socks5.RegisterModule() +} diff --git a/modules/socks5/scanner.go b/modules/socks5/scanner.go new file mode 100644 index 000000000..258712cc3 --- /dev/null +++ b/modules/socks5/scanner.go @@ -0,0 +1,255 @@ +// Package socks5 contains the zgrab2 Module implementation for SOCKS5. +package socks5 + +import ( + "fmt" + "net" + + log "github.com/sirupsen/logrus" + "github.com/zmap/zgrab2" +) + +// ScanResults is the output of the scan. +type ScanResults struct { + Version string `json:"version,omitempty"` + MethodSelection string `json:"method_selection,omitempty"` + ConnectionResponse string `json:"connection_response,omitempty"` + ConnectionResponseExplanation map[string]string `json:"connection_response_explanation,omitempty"` +} + +// Flags are the SOCKS5-specific command-line flags. +type Flags struct { + zgrab2.BaseFlags + Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` +} + +// Module implements the zgrab2.Module interface. +type Module struct { +} + +// Scanner implements the zgrab2.Scanner interface, and holds the state +// for a single scan. +type Scanner struct { + config *Flags +} + +// Connection holds the state for a single connection to the SOCKS5 server. +type Connection struct { + buffer [10000]byte + config *Flags + results ScanResults + conn net.Conn +} + +// RegisterModule registers the socks5 zgrab2 module. +func RegisterModule() { + var module Module + _, err := zgrab2.AddCommand("socks5", "SOCKS5", module.Description(), 1080, &module) + if err != nil { + log.Fatal(err) + } +} + +// NewFlags returns the default flags object to be filled in with the +// command-line arguments. +func (m *Module) NewFlags() interface{} { + return new(Flags) +} + +// NewScanner returns a new Scanner instance. +func (m *Module) NewScanner() zgrab2.Scanner { + return new(Scanner) +} + +// Description returns an overview of this module. +func (m *Module) Description() string { + return "Perform a SOCKS5 scan" +} + +// Validate flags +func (f *Flags) Validate(args []string) (err error) { + return +} + +// Help returns this module's help string. +func (f *Flags) Help() string { + return "" +} + +// Protocol returns the protocol identifier for the scanner. +func (s *Scanner) Protocol() string { + return "socks5" +} + +// Init initializes the Scanner instance with the flags from the command line. +func (s *Scanner) Init(flags zgrab2.ScanFlags) error { + f, _ := flags.(*Flags) + s.config = f + return nil +} + +// InitPerSender does nothing in this module. +func (s *Scanner) InitPerSender(senderID int) error { + return nil +} + +// GetName returns the configured name for the Scanner. +func (s *Scanner) GetName() string { + return s.config.Name +} + +// GetTrigger returns the Trigger defined in the Flags. +func (scanner *Scanner) GetTrigger() string { + return scanner.config.Trigger +} + +// readResponse reads a response from the SOCKS5 server. +func (conn *Connection) readResponse(expectedLength int) ([]byte, error) { + resp := make([]byte, expectedLength) + _, err := conn.conn.Read(resp) + if err != nil { + return nil, err + } + return resp, nil +} + +// sendCommand sends a command to the SOCKS5 server. +func (conn *Connection) sendCommand(cmd []byte) error { + _, err := conn.conn.Write(cmd) + return err +} + +// explainResponse converts the raw response into a human-readable explanation. +func explainResponse(resp []byte) map[string]string { + if len(resp) < 10 { + return map[string]string{"error": "response too short"} + } + + return map[string]string{ + "Version": fmt.Sprintf("0x%02x (SOCKS Version 5)", resp[0]), + "Reply": fmt.Sprintf("0x%02x (%s)", resp[1], getReplyDescription(resp[1])), + "Reserved": fmt.Sprintf("0x%02x", resp[2]), + "Address Type": fmt.Sprintf("0x%02x (%s)", resp[3], getAddressTypeDescription(resp[3])), + "Bound Address": fmt.Sprintf("%d.%d.%d.%d", resp[4], resp[5], resp[6], resp[7]), + "Bound Port": fmt.Sprintf("%d", int(resp[8])<<8|int(resp[9])), + } +} + +func getReplyDescription(code byte) string { + switch code { + case 0x00: + return "succeeded" + case 0x01: + return "general SOCKS server failure" + case 0x02: + return "connection not allowed by ruleset" + case 0x03: + return "network unreachable" + case 0x04: + return "host unreachable" + case 0x05: + return "connection refused" + case 0x06: + return "TTL expired" + case 0x07: + return "command not supported" + case 0x08: + return "address type not supported" + default: + return "unassigned" + } +} + +func getAddressTypeDescription(code byte) string { + switch code { + case 0x01: + return "IPv4 address" + case 0x03: + return "Domain name" + case 0x04: + return "IPv6 address" + default: + return "unknown" + } +} + +// PerformHandshake performs the SOCKS5 handshake. +func (conn *Connection) PerformHandshake() (bool, error) { + // Send version identifier/method selection message + verMethodSel := []byte{0x05, 0x01, 0x00} // VER = 0x05, NMETHODS = 1, METHODS = 0x00 (NO AUTHENTICATION REQUIRED) + err := conn.sendCommand(verMethodSel) + if err != nil { + return false, fmt.Errorf("error sending version identifier/method selection: %w", err) + } + conn.results.Version = "0x05" + + // Read method selection response + methodSelResp, err := conn.readResponse(2) + if err != nil { + return false, fmt.Errorf("error reading method selection response: %w", err) + } + conn.results.MethodSelection = fmt.Sprintf("%x", methodSelResp) + + if methodSelResp[1] == 0xFF { + return true, fmt.Errorf("no acceptable authentication methods") + } + + return false, nil +} + +// PerformConnectionRequest sends a connection request to the SOCKS5 server. +func (conn *Connection) PerformConnectionRequest() error { + // Send a connection request + req := []byte{0x05, 0x01, 0x00, 0x01, 0xA6, 0x6F, 0x04, 0x64, 0x00, 0x50} // VER = 0x05, CMD = CONNECT, RSV = 0x00, ATYP = IPv4, DST.ADDR = 166.111.4.100, DST.PORT = 80 + err := conn.sendCommand(req) + if err != nil { + return fmt.Errorf("error sending connection request: %w", err) + } + + // Read connection response + resp, err := conn.readResponse(10) + if err != nil { + return fmt.Errorf("error reading connection response: %w", err) + } + conn.results.ConnectionResponse = fmt.Sprintf("%x", resp) + conn.results.ConnectionResponseExplanation = explainResponse(resp) + + if resp[1] != 0x00 { + return fmt.Errorf("connection request failed with response: %x", resp) + } + + return nil +} + +// Scan performs the configured scan on the SOCKS5 server. +func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { + var err error + var have_auth bool + conn, err := t.Open(&s.config.BaseFlags) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) + } + cn := conn + defer func() { + cn.Close() + }() + + results := ScanResults{} + socks5Conn := Connection{conn: cn, config: s.config, results: results} + + have_auth, err = socks5Conn.PerformHandshake() + if err != nil { + if have_auth { + return zgrab2.SCAN_SUCCESS, &socks5Conn.results, nil + } else { + return zgrab2.TryGetScanStatus(err), &socks5Conn.results, fmt.Errorf("error during handshake: %w", err) + } + } + + err = socks5Conn.PerformConnectionRequest() + if err != nil { + return zgrab2.TryGetScanStatus(err), &socks5Conn.results, fmt.Errorf("error during connection request: %w", err) + } + + return zgrab2.SCAN_SUCCESS, &socks5Conn.results, nil +} \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/__init__.py b/zgrab2_schemas/zgrab2/__init__.py index c7a0e2053..d2eab36cb 100644 --- a/zgrab2_schemas/zgrab2/__init__.py +++ b/zgrab2_schemas/zgrab2/__init__.py @@ -22,4 +22,4 @@ from . import ipp from . import banner from . import amqp091 -from . import mqtt +from . import socks5 diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py deleted file mode 100644 index 0c0be42b4..000000000 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ /dev/null @@ -1,22 +0,0 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. -from zschema.leaves import * -from zschema.compounds import * -import zschema.registry - -from . import zgrab2 - -# Schema for ScanResults struct -mqtt_scan_response = SubRecord({ - "session_present": Boolean(), - "connect_return_code": Byte(), - "response": String(), - "tls": zgrab2.tls_log, -}) - -mqtt_scan = SubRecord({ - "result": mqtt_scan_response, -}, extends=zgrab2.base_scan_response) - -zschema.registry.register_schema("zgrab2-mqtt", mqtt_scan) -zgrab2.register_scan_response_type("mqtt", mqtt_scan) \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/socks5.py b/zgrab2_schemas/zgrab2/socks5.py new file mode 100644 index 000000000..e2bf917cd --- /dev/null +++ b/zgrab2_schemas/zgrab2/socks5.py @@ -0,0 +1,31 @@ +# zschema sub-schema for zgrab2's MQTT module +# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +from zschema.leaves import * +from zschema.compounds import * +import zschema.registry + +from . import zgrab2 + +# Schema for ScanResults struct +socks5_response_explanation = SubRecord({ + "Version": String(), + "Reply": String(), + "Reserved": String(), + "Address Type": String(), + "Bound Address": String(), + "Bound Port": String(), +}) + +socks5_scan_response = SubRecord({ + "version": String(), + "method_selection": String(), + "connection_response": String(), + "connection_response_explanation": socks5_response_explanation, +}) + +socks5_scan = SubRecord({ + "result": socks5_scan_response, +}, extends=zgrab2.base_scan_response) + +zschema.registry.register_schema("zgrab2-socks5", socks5_scan) +zgrab2.register_scan_response_type("socks5", socks5_scan) \ No newline at end of file From 0250159fa114da1defe43381825e39b9d2ba5536 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sat, 28 Sep 2024 17:03:40 +0800 Subject: [PATCH 14/38] Add Socks5 integration_test --- integration_tests/socks5/3proxy.cfg | 12 ++++++++++++ integration_tests/socks5/cleanup.sh | 9 +++++++++ integration_tests/socks5/setup.sh | 26 ++++++++++++++++++++++++++ integration_tests/socks5/test.sh | 23 +++++++++++++++++++++++ 4 files changed, 70 insertions(+) create mode 100644 integration_tests/socks5/3proxy.cfg create mode 100644 integration_tests/socks5/cleanup.sh create mode 100644 integration_tests/socks5/setup.sh create mode 100644 integration_tests/socks5/test.sh diff --git a/integration_tests/socks5/3proxy.cfg b/integration_tests/socks5/3proxy.cfg new file mode 100644 index 000000000..e2970a621 --- /dev/null +++ b/integration_tests/socks5/3proxy.cfg @@ -0,0 +1,12 @@ +internal 0.0.0.0 +external 0.0.0.0 + +maxconn 10 + +auth none + +socks -p1080 + +allow * + +flush \ No newline at end of file diff --git a/integration_tests/socks5/cleanup.sh b/integration_tests/socks5/cleanup.sh new file mode 100644 index 000000000..7e039ded8 --- /dev/null +++ b/integration_tests/socks5/cleanup.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set +e + +echo "socks5/cleanup: Tests cleanup for socks5" + +CONTAINER_NAME=zgrab_socks5 + +docker stop $CONTAINER_NAME diff --git a/integration_tests/socks5/setup.sh b/integration_tests/socks5/setup.sh new file mode 100644 index 000000000..c391d7568 --- /dev/null +++ b/integration_tests/socks5/setup.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +echo "socks5/setup: Tests setup for socks5" + +CONTAINER_TAG="3proxy/3proxy" +CONTAINER_NAME="zgrab_socks5" + +# If the container is already running, use it. +if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then + echo "socks5/setup: Container $CONTAINER_NAME already running -- nothing to setup" + exit 0 +fi + +DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -e "PROXY_USER=user" -e "PROXY_PASS=password" -v ./3proxy.cfg:/etc/3proxy/3proxy.cfg -td" + +# If it is not running, try launching it -- on success, use that. +echo "socks5/setup: Trying to launch $CONTAINER_NAME..." +if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then + echo "failed" + # echo "socks5/setup: Building docker image $CONTAINER_TAG..." + # # If it fails, build it from ./container/Dockerfile + # docker build -t $CONTAINER_TAG ./container + # # Try again + # echo "socks5/setup: Launching $CONTAINER_NAME..." + # docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG +fi diff --git a/integration_tests/socks5/test.sh b/integration_tests/socks5/test.sh new file mode 100644 index 000000000..52df6eeb7 --- /dev/null +++ b/integration_tests/socks5/test.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +set -e +MODULE_DIR=$(dirname $0) +ZGRAB_ROOT=$(git rev-parse --show-toplevel) +ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output + +mkdir -p $ZGRAB_OUTPUT/socks5 + +CONTAINER_NAME=zgrab_socks5 + +OUTPUT_FILE=$ZGRAB_OUTPUT/socks5/socks5.json + +echo "socks5/test: Tests runner for socks5" +# TODO FIXME: Add any necessary flags or additional tests +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh socks5 > $OUTPUT_FILE + +# Dump the docker logs +echo "socks5/test: BEGIN docker logs from $CONTAINER_NAME [{(" +docker logs --tail all $CONTAINER_NAME +echo ")}] END docker logs from $CONTAINER_NAME" + +# TODO: If there are any other relevant log files, dump those to stdout here. From 1c7ec6720726f4b92a6790a5a06a49e5e4db335e Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sat, 28 Sep 2024 17:04:35 +0800 Subject: [PATCH 15/38] Add pptp integration_test --- integration_tests/pptp/chap-secrets | 3 +++ integration_tests/pptp/cleanup.sh | 9 +++++++++ integration_tests/pptp/setup.sh | 26 ++++++++++++++++++++++++++ integration_tests/pptp/test.sh | 23 +++++++++++++++++++++++ 4 files changed, 61 insertions(+) create mode 100644 integration_tests/pptp/chap-secrets create mode 100644 integration_tests/pptp/cleanup.sh create mode 100644 integration_tests/pptp/setup.sh create mode 100644 integration_tests/pptp/test.sh diff --git a/integration_tests/pptp/chap-secrets b/integration_tests/pptp/chap-secrets new file mode 100644 index 000000000..6bb970db4 --- /dev/null +++ b/integration_tests/pptp/chap-secrets @@ -0,0 +1,3 @@ +# Secrets for authentication using PAP +# client server secret acceptable local IP addresses +username * password * \ No newline at end of file diff --git a/integration_tests/pptp/cleanup.sh b/integration_tests/pptp/cleanup.sh new file mode 100644 index 000000000..23837101e --- /dev/null +++ b/integration_tests/pptp/cleanup.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set +e + +echo "pptp/cleanup: Tests cleanup for pptp" + +CONTAINER_NAME=zgrab_pptp + +docker stop $CONTAINER_NAME diff --git a/integration_tests/pptp/setup.sh b/integration_tests/pptp/setup.sh new file mode 100644 index 000000000..a587ee90d --- /dev/null +++ b/integration_tests/pptp/setup.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +echo "pptp/setup: Tests setup for pptp" + +CONTAINER_TAG="mobtitude/vpn-pptp" +CONTAINER_NAME="zgrab_pptp" + +# If the container is already running, use it. +if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then + echo "pptp/setup: Container $CONTAINER_NAME already running -- nothing to setup" + exit 0 +fi + +DOCKER_RUN_FLAGS="--rm --privileged --name $CONTAINER_NAME -td -v ./chap-secrets:/etc/ppp/chap-secrets" + +# If it is not running, try launching it -- on success, use that. +echo "pptp/setup: Trying to launch $CONTAINER_NAME..." +if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then + echo "failed" + # echo "pptp/setup: Building docker image $CONTAINER_TAG..." + # # If it fails, build it from ./container/Dockerfile + # docker build -t $CONTAINER_TAG ./container + # # Try again + # echo "pptp/setup: Launching $CONTAINER_NAME..." + # docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG +fi diff --git a/integration_tests/pptp/test.sh b/integration_tests/pptp/test.sh new file mode 100644 index 000000000..83b152f81 --- /dev/null +++ b/integration_tests/pptp/test.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +set -e +MODULE_DIR=$(dirname $0) +ZGRAB_ROOT=$(git rev-parse --show-toplevel) +ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output + +mkdir -p $ZGRAB_OUTPUT/pptp + +CONTAINER_NAME=zgrab_pptp + +OUTPUT_FILE=$ZGRAB_OUTPUT/pptp/pptp.json + +echo "pptp/test: Tests runner for pptp" +# TODO FIXME: Add any necessary flags or additional tests +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh pptp > $OUTPUT_FILE + +# Dump the docker logs +echo "pptp/test: BEGIN docker logs from $CONTAINER_NAME [{(" +docker logs --tail all $CONTAINER_NAME +echo ")}] END docker logs from $CONTAINER_NAME" + +# TODO: If there are any other relevant log files, dump those to stdout here. From 1d8e41ccf5b41229d4e5ce57990ccbbe0f88e810 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sun, 29 Sep 2024 17:10:09 +0800 Subject: [PATCH 16/38] delete mqtt --- integration_tests/mqtt/cleanup.sh | 9 ----- integration_tests/mqtt/mosquitto.conf | 6 ---- integration_tests/mqtt/multiple.ini | 23 ------------- integration_tests/mqtt/server.crt | 20 ----------- integration_tests/mqtt/server.csr | 16 --------- integration_tests/mqtt/server.key | 28 ---------------- integration_tests/mqtt/server.pem | 48 --------------------------- integration_tests/mqtt/setup.sh | 27 --------------- integration_tests/mqtt/test.sh | 27 --------------- zgrab2_schemas/zgrab2/mqtt.py | 22 ------------ zgrab2_schemas/zgrab2/pptp.py | 4 +-- 11 files changed, 2 insertions(+), 228 deletions(-) delete mode 100755 integration_tests/mqtt/cleanup.sh delete mode 100644 integration_tests/mqtt/mosquitto.conf delete mode 100644 integration_tests/mqtt/multiple.ini delete mode 100644 integration_tests/mqtt/server.crt delete mode 100644 integration_tests/mqtt/server.csr delete mode 100644 integration_tests/mqtt/server.key delete mode 100644 integration_tests/mqtt/server.pem delete mode 100755 integration_tests/mqtt/setup.sh delete mode 100755 integration_tests/mqtt/test.sh delete mode 100644 zgrab2_schemas/zgrab2/mqtt.py diff --git a/integration_tests/mqtt/cleanup.sh b/integration_tests/mqtt/cleanup.sh deleted file mode 100755 index b926199dd..000000000 --- a/integration_tests/mqtt/cleanup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set +e - -echo "mqtt/cleanup: Tests cleanup for mqtt" - -CONTAINER_NAME=zgrab_mqtt - -docker stop $CONTAINER_NAME diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf deleted file mode 100644 index c0efbf2f5..000000000 --- a/integration_tests/mqtt/mosquitto.conf +++ /dev/null @@ -1,6 +0,0 @@ -listener 1883 0.0.0.0 - -listener 8883 0.0.0.0 -protocol mqtt -certfile /mosquitto/server.pem -keyfile /mosquitto/server.key \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini deleted file mode 100644 index 74f050237..000000000 --- a/integration_tests/mqtt/multiple.ini +++ /dev/null @@ -1,23 +0,0 @@ -[mqtt] -name="mqtt-tls" -trigger="mqtt-tls" -port=8883 -tls=true - -[mqtt] -name="mqtt-tls-v5" -trigger="mqtt-tls-v5" -port=8883 -tls=true -v5=true - -[mqtt] -name="mqtt" -trigger="mqtt" -port=1883 - -[mqtt] -name="mqtt-v5" -trigger="mqtt-v5" -port=1883 -v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt deleted file mode 100644 index 1a7c0ff26..000000000 --- a/integration_tests/mqtt/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr deleted file mode 100644 index e1fb51461..000000000 --- a/integration_tests/mqtt/server.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp -b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs -IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE -q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 -XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu -mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h ------END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key deleted file mode 100644 index a82fc343d..000000000 --- a/integration_tests/mqtt/server.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem deleted file mode 100644 index 97774dfb4..000000000 --- a/integration_tests/mqtt/server.pem +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh deleted file mode 100755 index 462846419..000000000 --- a/integration_tests/mqtt/setup.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -echo "mqtt/setup: Tests setup for mqtt" - -CONTAINER_TAG="eclipse-mosquitto" -CONTAINER_NAME="zgrab_mqtt" - -# If the container is already running, use it. -if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then - echo "mqtt/setup: Container $CONTAINER_NAME already running -- nothing to setup" - exit 0 -fi - -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" - -# If it is not running, try launching it -- on success, use that. -echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." -if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then - echo "eclipse-mosquitto launch fail" - - #echo "mqtt/setup: Building docker image $CONTAINER_TAG..." - # If it fails, build it from ./container/Dockerfile - #docker build -t $CONTAINER_TAG ./container - # Try again - #echo "mqtt/setup: Launching $CONTAINER_NAME..." - #docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG -fi diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh deleted file mode 100755 index 8f2ae805b..000000000 --- a/integration_tests/mqtt/test.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -set -e -MODULE_DIR=$(dirname $0) -ZGRAB_ROOT=$(git rev-parse --show-toplevel) -ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output - -mkdir -p $ZGRAB_OUTPUT/mqtt - -CONTAINER_NAME=zgrab_mqtt - -OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json - -echo "mqtt/test: Tests runner for mqtt" -# TODO FIXME: Add any necessary flags or additional tests -echo -e ",target,mqtt -,target,mqtt-tls -,target,mqtt-v5 -,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE -#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE - -# Dump the docker logs -echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" -docker logs --tail all $CONTAINER_NAME -echo ")}] END docker logs from $CONTAINER_NAME" - -# TODO: If there are any other relevant log files, dump those to stdout here. diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py deleted file mode 100644 index 0c0be42b4..000000000 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ /dev/null @@ -1,22 +0,0 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. -from zschema.leaves import * -from zschema.compounds import * -import zschema.registry - -from . import zgrab2 - -# Schema for ScanResults struct -mqtt_scan_response = SubRecord({ - "session_present": Boolean(), - "connect_return_code": Byte(), - "response": String(), - "tls": zgrab2.tls_log, -}) - -mqtt_scan = SubRecord({ - "result": mqtt_scan_response, -}, extends=zgrab2.base_scan_response) - -zschema.registry.register_schema("zgrab2-mqtt", mqtt_scan) -zgrab2.register_scan_response_type("mqtt", mqtt_scan) \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py index 9273387a3..7526bb48d 100644 --- a/zgrab2_schemas/zgrab2/pptp.py +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -1,5 +1,5 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +# zschema sub-schema for zgrab2's PPTP module +# Registers zgrab2-pptp globally, and pptp with the main zgrab2 schema. from zschema.leaves import * from zschema.compounds import * import zschema.registry From 28dace6b495a26f1df41e82eaed2ecb181ded98d Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sun, 29 Sep 2024 17:11:42 +0800 Subject: [PATCH 17/38] delete mqtt --- integration_tests/mqtt/cleanup.sh | 9 ----- integration_tests/mqtt/mosquitto.conf | 6 ---- integration_tests/mqtt/multiple.ini | 23 ------------- integration_tests/mqtt/server.crt | 20 ----------- integration_tests/mqtt/server.csr | 16 --------- integration_tests/mqtt/server.key | 28 ---------------- integration_tests/mqtt/server.pem | 48 --------------------------- integration_tests/mqtt/setup.sh | 27 --------------- integration_tests/mqtt/test.sh | 27 --------------- zgrab2_schemas/zgrab2/socks5.py | 4 +-- 10 files changed, 2 insertions(+), 206 deletions(-) delete mode 100755 integration_tests/mqtt/cleanup.sh delete mode 100644 integration_tests/mqtt/mosquitto.conf delete mode 100644 integration_tests/mqtt/multiple.ini delete mode 100644 integration_tests/mqtt/server.crt delete mode 100644 integration_tests/mqtt/server.csr delete mode 100644 integration_tests/mqtt/server.key delete mode 100644 integration_tests/mqtt/server.pem delete mode 100755 integration_tests/mqtt/setup.sh delete mode 100755 integration_tests/mqtt/test.sh diff --git a/integration_tests/mqtt/cleanup.sh b/integration_tests/mqtt/cleanup.sh deleted file mode 100755 index b926199dd..000000000 --- a/integration_tests/mqtt/cleanup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set +e - -echo "mqtt/cleanup: Tests cleanup for mqtt" - -CONTAINER_NAME=zgrab_mqtt - -docker stop $CONTAINER_NAME diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf deleted file mode 100644 index c0efbf2f5..000000000 --- a/integration_tests/mqtt/mosquitto.conf +++ /dev/null @@ -1,6 +0,0 @@ -listener 1883 0.0.0.0 - -listener 8883 0.0.0.0 -protocol mqtt -certfile /mosquitto/server.pem -keyfile /mosquitto/server.key \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini deleted file mode 100644 index 74f050237..000000000 --- a/integration_tests/mqtt/multiple.ini +++ /dev/null @@ -1,23 +0,0 @@ -[mqtt] -name="mqtt-tls" -trigger="mqtt-tls" -port=8883 -tls=true - -[mqtt] -name="mqtt-tls-v5" -trigger="mqtt-tls-v5" -port=8883 -tls=true -v5=true - -[mqtt] -name="mqtt" -trigger="mqtt" -port=1883 - -[mqtt] -name="mqtt-v5" -trigger="mqtt-v5" -port=1883 -v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt deleted file mode 100644 index 1a7c0ff26..000000000 --- a/integration_tests/mqtt/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr deleted file mode 100644 index e1fb51461..000000000 --- a/integration_tests/mqtt/server.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp -b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs -IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE -q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 -XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu -mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h ------END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key deleted file mode 100644 index a82fc343d..000000000 --- a/integration_tests/mqtt/server.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem deleted file mode 100644 index 97774dfb4..000000000 --- a/integration_tests/mqtt/server.pem +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh deleted file mode 100755 index 462846419..000000000 --- a/integration_tests/mqtt/setup.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -echo "mqtt/setup: Tests setup for mqtt" - -CONTAINER_TAG="eclipse-mosquitto" -CONTAINER_NAME="zgrab_mqtt" - -# If the container is already running, use it. -if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then - echo "mqtt/setup: Container $CONTAINER_NAME already running -- nothing to setup" - exit 0 -fi - -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" - -# If it is not running, try launching it -- on success, use that. -echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." -if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then - echo "eclipse-mosquitto launch fail" - - #echo "mqtt/setup: Building docker image $CONTAINER_TAG..." - # If it fails, build it from ./container/Dockerfile - #docker build -t $CONTAINER_TAG ./container - # Try again - #echo "mqtt/setup: Launching $CONTAINER_NAME..." - #docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG -fi diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh deleted file mode 100755 index 8f2ae805b..000000000 --- a/integration_tests/mqtt/test.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -set -e -MODULE_DIR=$(dirname $0) -ZGRAB_ROOT=$(git rev-parse --show-toplevel) -ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output - -mkdir -p $ZGRAB_OUTPUT/mqtt - -CONTAINER_NAME=zgrab_mqtt - -OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json - -echo "mqtt/test: Tests runner for mqtt" -# TODO FIXME: Add any necessary flags or additional tests -echo -e ",target,mqtt -,target,mqtt-tls -,target,mqtt-v5 -,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE -#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE - -# Dump the docker logs -echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" -docker logs --tail all $CONTAINER_NAME -echo ")}] END docker logs from $CONTAINER_NAME" - -# TODO: If there are any other relevant log files, dump those to stdout here. diff --git a/zgrab2_schemas/zgrab2/socks5.py b/zgrab2_schemas/zgrab2/socks5.py index e2bf917cd..d94750147 100644 --- a/zgrab2_schemas/zgrab2/socks5.py +++ b/zgrab2_schemas/zgrab2/socks5.py @@ -1,5 +1,5 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +# zschema sub-schema for zgrab2's Socks5 module +# Registers zgrab2-socks5 globally, and socks5 with the main zgrab2 schema. from zschema.leaves import * from zschema.compounds import * import zschema.registry From c81d4d29955f3ef336605036917a1357e4954e18 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Mon, 30 Sep 2024 12:52:30 +0800 Subject: [PATCH 18/38] update mqtt.py --- zgrab2_schemas/zgrab2/mqtt.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py index 0c0be42b4..007d5062d 100644 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ b/zgrab2_schemas/zgrab2/mqtt.py @@ -9,7 +9,7 @@ # Schema for ScanResults struct mqtt_scan_response = SubRecord({ "session_present": Boolean(), - "connect_return_code": Byte(), + "connect_return_code": Binary(), "response": String(), "tls": zgrab2.tls_log, }) From 79ece602b3dc643a6c3199b2bd9348c8504cbcd9 Mon Sep 17 00:00:00 2001 From: Sandy Date: Mon, 30 Dec 2024 23:38:54 -0500 Subject: [PATCH 19/38] upgrade to go1.23 Signed-off-by: Sandy --- Dockerfile | 2 +- go.mod | 35 +++++----- go.sum | 136 +++++++++++++++++++++++++------------ modules/amqp091/scanner.go | 2 +- 4 files changed, 113 insertions(+), 62 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5368a5271..d2a34db3f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ ## Build image ## -ARG GO_VERSION=1.20 +ARG GO_VERSION=1.23 FROM golang:${GO_VERSION}-alpine3.16 as build # System dependencies diff --git a/go.mod b/go.mod index f434f4e4d..0fffd39c8 100644 --- a/go.mod +++ b/go.mod @@ -1,16 +1,18 @@ module github.com/zmap/zgrab2 -go 1.20 +go 1.23 + +toolchain go1.23.0 require ( github.com/hdm/jarm-go v0.0.7 - github.com/prometheus/client_golang v1.14.0 - github.com/rabbitmq/amqp091-go v1.9.0 - github.com/sirupsen/logrus v1.9.0 - github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 + github.com/prometheus/client_golang v1.20.2 + github.com/rabbitmq/amqp091-go v1.10.0 + github.com/sirupsen/logrus v1.9.3 + github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 golang.org/x/crypto v0.31.0 - golang.org/x/net v0.25.0 + golang.org/x/net v0.28.0 golang.org/x/sys v0.28.0 golang.org/x/text v0.21.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c @@ -20,15 +22,16 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/golang/protobuf v1.5.3 // indirect - github.com/kr/pretty v0.2.1 // indirect - github.com/kr/text v0.1.0 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect - github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.42.0 // indirect - github.com/prometheus/procfs v0.9.0 // indirect - github.com/weppos/publicsuffix-go v0.30.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/klauspost/compress v1.17.9 // indirect + github.com/kr/pretty v0.3.1 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.57.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect + github.com/rogpeppe/go-internal v1.10.0 // indirect + github.com/weppos/publicsuffix-go v0.40.2 // indirect github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect ) diff --git a/go.sum b/go.sum index 82a338dc2..26a583e0b 100644 --- a/go.sum +++ b/go.sum @@ -1,68 +1,80 @@ +cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/RumbleDiscovery/rumble-tools v0.0.0-20201105153123-f2adbb3244d2/go.mod h1:jD2+mU+E2SZUuAOHZvZj4xP4frlOo+N/YrXDvASFhkE= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= -github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-github/v50 v50.2.0/go.mod h1:VBY8FB6yPIjrtKhozXv4FQupxKLS6H4m6xFZlT43q8Q= +github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/hdm/jarm-go v0.0.7 h1:Eq0geenHrBSYuKrdVhrBdMMzOmA+CAMLzN2WrF3eL6A= github.com/hdm/jarm-go v0.0.7/go.mod h1:kinGoS0+Sdn1Rr54OtanET5E5n7AlD6T6CrJAKDjJSQ= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM= -github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= -github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= -github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= -github.com/rabbitmq/amqp091-go v1.9.0 h1:qrQtyzB4H8BQgEuJwhmVQqVHB9O4+MNDJCCAcpc3Aoo= -github.com/rabbitmq/amqp091-go v1.9.0/go.mod h1:+jPrT9iY2eLjRaMSRHUhc3z14E/l85kv/f+6luSD3pc= +github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg= +github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= +github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw= +github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= -github.com/weppos/publicsuffix-go v0.30.0 h1:QHPZ2GRu/YE7cvejH9iyavPOkVCB4dNxp2ZvtT+vQLY= -github.com/weppos/publicsuffix-go v0.30.0/go.mod h1:kBi8zwYnR0zrbm8RcuN1o9Fzgpnnn+btVN8uWPMyXAY= -github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220927085643-dc0d00c92642/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= +github.com/weppos/publicsuffix-go v0.40.2 h1:LlnoSH0Eqbsi3ReXZWBKCK5lHyzf3sc1JEHH1cnlfho= +github.com/weppos/publicsuffix-go v0.40.2/go.mod h1:XsLZnULC3EJ1Gvk9GVjuCTZ8QUu9ufE4TZpOizDShko= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 h1:Nzukz5fNOBIHOsnP+6I79kPx3QhLv8nBy2mfFhBRq30= @@ -71,13 +83,13 @@ github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54t github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk= github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= -github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 h1:DZH5n7L3L8RxKdSyJHZt7WePgwdhHnPhQFdQSJaHF+o= -github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300/go.mod h1:mOd4yUMgn2fe2nV9KXsa9AyQBFZGzygVPovsZR+Rl5w= +github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 h1:DCz0McWRVJNICkHdu2XpETqeLvPtZXs315OZyUs1BDk= +github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77/go.mod h1:aSvf+uTU222mUYq/KQj3oiEU7ajhCZe8RRSLHIoM4EM= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 h1:XYA+NN2AS4mRmIDVu2nCtrjU17zKlRihO3MnlcmueUw= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6/go.mod h1:HXDUD+uue8yeLHr0eXx1lvY6CvMiHbTKw5nGmA9OUoo= github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -87,30 +99,44 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200528225125-3c3fba18258b/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -122,24 +148,42 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -147,13 +191,18 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -161,7 +210,6 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EV gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 h1:VpOs+IwYnYBaFnrNAeB8UUWtL3vEUnzSCL1nVjPhqrw= gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/modules/amqp091/scanner.go b/modules/amqp091/scanner.go index ce436f9c6..e4a01710a 100644 --- a/modules/amqp091/scanner.go +++ b/modules/amqp091/scanner.go @@ -247,7 +247,7 @@ func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, inter if err != amqpLib.ErrSASL && err != amqpLib.ErrCredentials && amqpConn.Config.ChannelMax > 0 { result.AuthSuccess = true result.Tune = &connectionTune{ - ChannelMax: amqpConn.Config.ChannelMax, + ChannelMax: int(amqpConn.Config.ChannelMax), FrameMax: amqpConn.Config.FrameSize, Heartbeat: int(amqpConn.Config.Heartbeat.Seconds()), } From 60637916565379635220ab16065d3a84ecd31cec Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Mon, 30 Dec 2024 14:28:40 -0700 Subject: [PATCH 20/38] update net --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 0fffd39c8..81b3963de 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 golang.org/x/crypto v0.31.0 - golang.org/x/net v0.28.0 + golang.org/x/net v0.33.0 golang.org/x/sys v0.28.0 golang.org/x/text v0.21.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c diff --git a/go.sum b/go.sum index 26a583e0b..b53479f15 100644 --- a/go.sum +++ b/go.sum @@ -127,8 +127,8 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From dd4923d0fdc31e6b402e915ee0fb22d84eee64ea Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Mon, 30 Dec 2024 14:33:04 -0700 Subject: [PATCH 21/38] upgrade golang docker image --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d2a34db3f..d531fd050 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ ## Build image ## ARG GO_VERSION=1.23 -FROM golang:${GO_VERSION}-alpine3.16 as build +FROM golang:${GO_VERSION}-alpine3.21 as build # System dependencies RUN apk add --no-cache make From cdf832c1e01308969be039c7d3f0352ed44b9368 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 16:43:02 -0800 Subject: [PATCH 22/38] build(deps): bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#480) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.31.0 to 0.32.0. - [Commits](https://github.com/golang/crypto/compare/v0.31.0...v0.32.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 4b5cb0421..2e73f5f5e 100644 --- a/go.mod +++ b/go.mod @@ -9,9 +9,9 @@ require ( github.com/sirupsen/logrus v1.9.0 github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 - golang.org/x/crypto v0.31.0 + golang.org/x/crypto v0.32.0 golang.org/x/net v0.26.0 - golang.org/x/sys v0.28.0 + golang.org/x/sys v0.29.0 golang.org/x/text v0.21.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 diff --git a/go.sum b/go.sum index b8cd4db1a..7e6fef3b1 100644 --- a/go.sum +++ b/go.sum @@ -91,8 +91,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= +golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= @@ -130,8 +130,8 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= From cf1b13d159e6830eff30a6163e0a3004a9a5b97f Mon Sep 17 00:00:00 2001 From: Daniel Lenski Date: Mon, 20 Jan 2025 17:04:54 -0800 Subject: [PATCH 23/38] Document the PORT field for CSV-format input (#456) The optional `PORT` argument was added in 7c933df01f2feea7108a712db1cfba5f9da1817a, and documented via comments in `input.go`, but it was never added to the main documentation in `README.md`. Co-authored-by: Zakir Durumeric --- README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 298d17069..4375ca8ce 100644 --- a/README.md +++ b/README.md @@ -72,17 +72,18 @@ Module specific options must be included after the module. Application specific ## Input Format -Targets are specified with input files or from `stdin`, in CSV format. Each input line has three fields: +Targets are specified with input files or from `stdin`, in CSV format. Each input line has up to four fields: ```text -IP, DOMAIN, TAG +IP, DOMAIN, TAG, PORT ``` Each line must specify `IP`, `DOMAIN`, or both. If only `DOMAIN` is provided, scanners perform a DNS hostname lookup to determine the IP address. If both `IP` and `DOMAIN` are provided, scanners connect to `IP` but use `DOMAIN` in protocol-specific contexts, such as the HTTP HOST header and TLS SNI extension. If the `IP` field contains a CIDR block, the framework will expand it to one target for each IP address in the block. -The `TAG` field is optional and used with the `--trigger` scanner argument. +The `TAG` field is optional and used with the `--trigger` scanner argument. The `PORT` field is also optional, and acts +as a per-line override for the `-p`/`--port` option. Unused fields can be blank, and trailing unused fields can be omitted entirely. For backwards compatibility, the parser allows lines with only one field to contain `DOMAIN`. @@ -93,7 +94,9 @@ These are examples of valid input lines: domain.com 10.0.0.1, domain.com 10.0.0.1, domain.com, tag +10.0.0.1, domain.com, tag, 1234 10.0.0.1, , tag +10.0.0.1, , , 5678 , domain.com, tag 192.168.0.0/24, , tag From 1415558e3fbb4f9ae287eec264f532946ee49b12 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Wed, 22 Jan 2025 13:50:39 -0800 Subject: [PATCH 24/38] go mod tidy --- go.sum | 98 +++++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 73 insertions(+), 25 deletions(-) diff --git a/go.sum b/go.sum index 7e6fef3b1..5e91c0866 100644 --- a/go.sum +++ b/go.sum @@ -1,22 +1,33 @@ +cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/RumbleDiscovery/rumble-tools v0.0.0-20201105153123-f2adbb3244d2/go.mod h1:jD2+mU+E2SZUuAOHZvZj4xP4frlOo+N/YrXDvASFhkE= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= -github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-github/v50 v50.2.0/go.mod h1:VBY8FB6yPIjrtKhozXv4FQupxKLS6H4m6xFZlT43q8Q= +github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/hdm/jarm-go v0.0.7 h1:Eq0geenHrBSYuKrdVhrBdMMzOmA+CAMLzN2WrF3eL6A= github.com/hdm/jarm-go v0.0.7/go.mod h1:kinGoS0+Sdn1Rr54OtanET5E5n7AlD6T6CrJAKDjJSQ= github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -26,6 +37,7 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= @@ -39,34 +51,30 @@ github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+ github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= -github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= +github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= -github.com/rabbitmq/amqp091-go v1.9.0 h1:qrQtyzB4H8BQgEuJwhmVQqVHB9O4+MNDJCCAcpc3Aoo= -github.com/rabbitmq/amqp091-go v1.9.0/go.mod h1:+jPrT9iY2eLjRaMSRHUhc3z14E/l85kv/f+6luSD3pc= +github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw= +github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= -github.com/weppos/publicsuffix-go v0.30.0 h1:QHPZ2GRu/YE7cvejH9iyavPOkVCB4dNxp2ZvtT+vQLY= -github.com/weppos/publicsuffix-go v0.30.0/go.mod h1:kBi8zwYnR0zrbm8RcuN1o9Fzgpnnn+btVN8uWPMyXAY= -github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220927085643-dc0d00c92642/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= +github.com/weppos/publicsuffix-go v0.40.2 h1:LlnoSH0Eqbsi3ReXZWBKCK5lHyzf3sc1JEHH1cnlfho= +github.com/weppos/publicsuffix-go v0.40.2/go.mod h1:XsLZnULC3EJ1Gvk9GVjuCTZ8QUu9ufE4TZpOizDShko= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 h1:Nzukz5fNOBIHOsnP+6I79kPx3QhLv8nBy2mfFhBRq30= @@ -75,13 +83,13 @@ github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54t github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk= github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= -github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 h1:DZH5n7L3L8RxKdSyJHZt7WePgwdhHnPhQFdQSJaHF+o= -github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300/go.mod h1:mOd4yUMgn2fe2nV9KXsa9AyQBFZGzygVPovsZR+Rl5w= +github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 h1:DCz0McWRVJNICkHdu2XpETqeLvPtZXs315OZyUs1BDk= +github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77/go.mod h1:aSvf+uTU222mUYq/KQj3oiEU7ajhCZe8RRSLHIoM4EM= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 h1:XYA+NN2AS4mRmIDVu2nCtrjU17zKlRihO3MnlcmueUw= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6/go.mod h1:HXDUD+uue8yeLHr0eXx1lvY6CvMiHbTKw5nGmA9OUoo= github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -91,29 +99,44 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200528225125-3c3fba18258b/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= -golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= +golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -125,24 +148,42 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -150,8 +191,16 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -161,7 +210,6 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EV gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 h1:VpOs+IwYnYBaFnrNAeB8UUWtL3vEUnzSCL1nVjPhqrw= gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From 31269a418e251ff1501a309093e5b2444822c38e Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Wed, 22 Jan 2025 13:54:20 -0800 Subject: [PATCH 25/38] pull zcrypto update --- go.mod | 12 +++++----- go.sum | 73 ++++++++++++++++++++++------------------------------------ 2 files changed, 33 insertions(+), 52 deletions(-) diff --git a/go.mod b/go.mod index 620671ba3..8c8dccd71 100644 --- a/go.mod +++ b/go.mod @@ -9,10 +9,10 @@ require ( github.com/prometheus/client_golang v1.20.5 github.com/rabbitmq/amqp091-go v1.10.0 github.com/sirupsen/logrus v1.9.3 - github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 + github.com/zmap/zcrypto v0.0.0-20250122162432-7a1cf5fc45e3 github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 golang.org/x/crypto v0.32.0 - golang.org/x/net v0.33.0 + golang.org/x/net v0.34.0 golang.org/x/sys v0.29.0 golang.org/x/text v0.21.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c @@ -23,15 +23,15 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/klauspost/compress v1.17.9 // indirect + github.com/klauspost/compress v1.17.11 // indirect github.com/kr/pretty v0.3.1 // indirect github.com/kr/text v0.2.0 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.57.0 // indirect + github.com/prometheus/common v0.62.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/rogpeppe/go-internal v1.10.0 // indirect - github.com/weppos/publicsuffix-go v0.40.2 // indirect + github.com/weppos/publicsuffix-go v0.40.3-0.20241218111332-1518a6f1cb34 // indirect github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.36.3 // indirect ) diff --git a/go.sum b/go.sum index 5e91c0866..53d503325 100644 --- a/go.sum +++ b/go.sum @@ -1,32 +1,19 @@ -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/RumbleDiscovery/rumble-tools v0.0.0-20201105153123-f2adbb3244d2/go.mod h1:jD2+mU+E2SZUuAOHZvZj4xP4frlOo+N/YrXDvASFhkE= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-github/v50 v50.2.0/go.mod h1:VBY8FB6yPIjrtKhozXv4FQupxKLS6H4m6xFZlT43q8Q= -github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/hdm/jarm-go v0.0.7 h1:Eq0geenHrBSYuKrdVhrBdMMzOmA+CAMLzN2WrF3eL6A= github.com/hdm/jarm-go v0.0.7/go.mod h1:kinGoS0+Sdn1Rr54OtanET5E5n7AlD6T6CrJAKDjJSQ= -github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= -github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= @@ -51,8 +38,8 @@ github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+ github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= -github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw= @@ -66,15 +53,21 @@ github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= -github.com/weppos/publicsuffix-go v0.40.2 h1:LlnoSH0Eqbsi3ReXZWBKCK5lHyzf3sc1JEHH1cnlfho= -github.com/weppos/publicsuffix-go v0.40.2/go.mod h1:XsLZnULC3EJ1Gvk9GVjuCTZ8QUu9ufE4TZpOizDShko= +github.com/weppos/publicsuffix-go v0.40.3-0.20241218111332-1518a6f1cb34 h1:kUUh6yN67WhST4I2kCc9NPC5UroReYRZFtnEFn1Cifg= +github.com/weppos/publicsuffix-go v0.40.3-0.20241218111332-1518a6f1cb34/go.mod h1:v7GQkAtYF7dDQH8N8t3wjfdiTzHMmHz33uasFn4Hy+s= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 h1:Nzukz5fNOBIHOsnP+6I79kPx3QhLv8nBy2mfFhBRq30= @@ -83,8 +76,8 @@ github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54t github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk= github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= -github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77 h1:DCz0McWRVJNICkHdu2XpETqeLvPtZXs315OZyUs1BDk= -github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77/go.mod h1:aSvf+uTU222mUYq/KQj3oiEU7ajhCZe8RRSLHIoM4EM= +github.com/zmap/zcrypto v0.0.0-20250122162432-7a1cf5fc45e3 h1:FuipZLtvE6MD8pE2+i7ffRLfzhA5rYuHh2Fpkcm7kT0= +github.com/zmap/zcrypto v0.0.0-20250122162432-7a1cf5fc45e3/go.mod h1:pob0DAA9zuaUHasPvZRGmhRYeDhkl8lpShnX80ji5xU= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6 h1:XYA+NN2AS4mRmIDVu2nCtrjU17zKlRihO3MnlcmueUw= github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6/go.mod h1:HXDUD+uue8yeLHr0eXx1lvY6CvMiHbTKw5nGmA9OUoo= github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8= @@ -98,11 +91,11 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= @@ -112,7 +105,6 @@ golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200528225125-3c3fba18258b/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= @@ -121,15 +113,14 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= -golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= +golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= +golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -137,6 +128,7 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -148,17 +140,15 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= @@ -166,24 +156,21 @@ golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXR golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -195,14 +182,8 @@ golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU= +google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= From 7f282219f089f610e92afca329234adb4deddbc4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Jan 2025 22:07:51 +0000 Subject: [PATCH 26/38] build(deps): bump alpine from 3.20 to 3.21 Bumps alpine from 3.20 to 3.21. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d531fd050..dad1b960b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,7 @@ COPY . . RUN make all ## Runtime image ## -FROM alpine:3.20 as run +FROM alpine:3.21 as run COPY --from=build /usr/src/zgrab2/cmd/zgrab2/zgrab2 /usr/bin/zgrab2 From 7f137e16e39e5c6463473766e7ee43493a4fb724 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Jan 2025 23:55:40 +0000 Subject: [PATCH 27/38] build(deps): bump actions/attest-build-provenance from 1 to 2 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 1 to 2. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/v1...v2) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index fd4b66aaf..de5278e44 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -70,7 +70,7 @@ jobs: outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@v2 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} subject-digest: ${{ steps.build.outputs.digest }} @@ -146,7 +146,7 @@ jobs: echo "IMAGE_DIGEST=$IMAGE_DIGEST" >> $GITHUB_OUTPUT - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@v2 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} subject-digest: ${{ steps.inspect.outputs.IMAGE_DIGEST }} From d844a6ec63f6801b98c7b6ba41039e4bb6507596 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Wed, 22 Jan 2025 16:12:38 -0800 Subject: [PATCH 28/38] lint --- modules/socks5/scanner.go | 2 +- zgrab2_schemas/zgrab2/socks5.py | 43 +++++++++++++++++++-------------- 2 files changed, 26 insertions(+), 19 deletions(-) diff --git a/modules/socks5/scanner.go b/modules/socks5/scanner.go index 258712cc3..0cdef7a3b 100644 --- a/modules/socks5/scanner.go +++ b/modules/socks5/scanner.go @@ -252,4 +252,4 @@ func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result in } return zgrab2.SCAN_SUCCESS, &socks5Conn.results, nil -} \ No newline at end of file +} diff --git a/zgrab2_schemas/zgrab2/socks5.py b/zgrab2_schemas/zgrab2/socks5.py index d94750147..c41975c44 100644 --- a/zgrab2_schemas/zgrab2/socks5.py +++ b/zgrab2_schemas/zgrab2/socks5.py @@ -7,25 +7,32 @@ from . import zgrab2 # Schema for ScanResults struct -socks5_response_explanation = SubRecord({ - "Version": String(), - "Reply": String(), - "Reserved": String(), - "Address Type": String(), - "Bound Address": String(), - "Bound Port": String(), -}) +socks5_response_explanation = SubRecord( + { + "Version": String(), + "Reply": String(), + "Reserved": String(), + "Address Type": String(), + "Bound Address": String(), + "Bound Port": String(), + } +) -socks5_scan_response = SubRecord({ - "version": String(), - "method_selection": String(), - "connection_response": String(), - "connection_response_explanation": socks5_response_explanation, -}) +socks5_scan_response = SubRecord( + { + "version": String(), + "method_selection": String(), + "connection_response": String(), + "connection_response_explanation": socks5_response_explanation, + } +) -socks5_scan = SubRecord({ - "result": socks5_scan_response, -}, extends=zgrab2.base_scan_response) +socks5_scan = SubRecord( + { + "result": socks5_scan_response, + }, + extends=zgrab2.base_scan_response, +) zschema.registry.register_schema("zgrab2-socks5", socks5_scan) -zgrab2.register_scan_response_type("socks5", socks5_scan) \ No newline at end of file +zgrab2.register_scan_response_type("socks5", socks5_scan) From f8bc6390faeb97523edae2f37a16151a2988239a Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Wed, 22 Jan 2025 16:27:03 -0800 Subject: [PATCH 29/38] socks5: made integration test shell scripts executable --- integration_tests/socks5/cleanup.sh | 0 integration_tests/socks5/setup.sh | 0 integration_tests/socks5/test.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 integration_tests/socks5/cleanup.sh mode change 100644 => 100755 integration_tests/socks5/setup.sh mode change 100644 => 100755 integration_tests/socks5/test.sh diff --git a/integration_tests/socks5/cleanup.sh b/integration_tests/socks5/cleanup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/socks5/setup.sh b/integration_tests/socks5/setup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/socks5/test.sh b/integration_tests/socks5/test.sh old mode 100644 new mode 100755 From 0286323eab7a5cae2b1162ab6fdda5131f29ad8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Jan 2025 15:25:40 -0800 Subject: [PATCH 30/38] build(deps): bump docker/build-push-action from 5 to 6 (#453) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Zakir Durumeric --- .github/workflows/docker-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index de5278e44..4f7dc6a09 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -60,7 +60,7 @@ jobs: - uses: docker/setup-buildx-action@v3 - name: Build and push by digest id: build - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . cache-from: type=gha From 22e39fd3fd66097e97913835442d64f2ced0e9f0 Mon Sep 17 00:00:00 2001 From: Phillip Stephens Date: Sat, 25 Jan 2025 09:33:14 -0800 Subject: [PATCH 31/38] Update zgrab's python2 dependency to python3 (#485) * python2 -> python3 * bump integration test action version 22.04->24.04 and install jp normally * correct README * fix bug in installing pip hopefully * bump mssql version and specify the platform so mac arm chips don't complain * virtual env fix * venv fix pt. 2 * venv fix pt. 3 * venv fix pt. 4 --- .github/workflows/integration-test.yml | 17 ++++++++--------- integration_tests/mssql/cleanup.sh | 2 +- integration_tests/mssql/setup.sh | 6 +++--- integration_tests/mssql/test.sh | 4 ++-- integration_tests/test.sh | 2 +- zgrab2_schemas/README.md | 2 +- 6 files changed, 16 insertions(+), 17 deletions(-) diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 8c136508e..3ac6269bb 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -37,7 +37,7 @@ jobs: integration-test: name: Integration Test - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Check out source uses: actions/checkout@v4 @@ -58,17 +58,16 @@ jobs: - name: Install dependencies run: | set -e - sudo wget https://github.com/jmespath/jp/releases/download/0.2.1/jp-linux-amd64 -O /usr/local/bin/jp - sudo chmod +x /usr/local/bin/jp - # Install Python 2.7 sudo apt update - sudo apt install -y python2 - curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py - sudo python2 get-pip.py + # Install latest Python + sudo apt install -y python3 jp python3-pip + python3 -m venv venv + source venv/bin/activate # Install Python dependencies - pip2 install --user zschema - pip2 install --user -r requirements.txt + pip install zschema + pip install -r requirements.txt - name: Run tests run: | + source venv/bin/activate make integration-test diff --git a/integration_tests/mssql/cleanup.sh b/integration_tests/mssql/cleanup.sh index 95071ea2a..68a65244a 100755 --- a/integration_tests/mssql/cleanup.sh +++ b/integration_tests/mssql/cleanup.sh @@ -2,7 +2,7 @@ set +e -CONTAINER_NAME="zgrab_mssql-2017-linux" +CONTAINER_NAME="zgrab_mssql-2022-linux" echo "mssql/cleanup: Tests cleanup for mssql" diff --git a/integration_tests/mssql/setup.sh b/integration_tests/mssql/setup.sh index a4b7a0c82..754ad3971 100755 --- a/integration_tests/mssql/setup.sh +++ b/integration_tests/mssql/setup.sh @@ -3,8 +3,8 @@ echo "mssql/setup: Tests setup for mssql" CONTAINER_IMAGE="mcr.microsoft.com/mssql/server" -CONTAINER_VERSION="2017-latest" -CONTAINER_NAME="zgrab_mssql-2017-linux" +CONTAINER_VERSION="2022-latest" +CONTAINER_NAME="zgrab_mssql-2022-linux" # Supported MSSQL_PRODUCT_ID values are Developer, Express, Standard, Enterprise, EnterpriseCore MSSQL_PRODUCT_ID="Enterprise" @@ -14,7 +14,7 @@ if docker ps --filter "name=$CONTAINER_NAME" | grep $CONTAINER_NAME; then exit 0 fi -docker run -td --rm -e "MSSQL_PID=$MSSQL_PRODUCT_ID" -e "ACCEPT_EULA=Y" -e "SA_PASSWORD=$(openssl rand -base64 12)" --name $CONTAINER_NAME $CONTAINER_IMAGE:$CONTAINER_VERSION +docker run -td --rm -e "MSSQL_PID=$MSSQL_PRODUCT_ID" -e "ACCEPT_EULA=Y" -e "SA_PASSWORD=$(openssl rand -base64 12)" --platform "linux/amd64" --name $CONTAINER_NAME $CONTAINER_IMAGE:$CONTAINER_VERSION echo -n "mssql/setup: Waiting on $CONTAINER_NAME..." diff --git a/integration_tests/mssql/test.sh b/integration_tests/mssql/test.sh index 8571dfaf4..005607017 100755 --- a/integration_tests/mssql/test.sh +++ b/integration_tests/mssql/test.sh @@ -6,11 +6,11 @@ TEST_ROOT=$MODULE_DIR/.. ZGRAB_ROOT=$(git rev-parse --show-toplevel) ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output -CONTAINER_NAME="zgrab_mssql-2017-linux" +CONTAINER_NAME="zgrab_mssql-2022-linux" mkdir -p $ZGRAB_OUTPUT/mssql -OUTPUT_FILE="$ZGRAB_OUTPUT/mssql/2017-linux.json" +OUTPUT_FILE="$ZGRAB_OUTPUT/mssql/2022-linux.json" echo "mssql/test: Tests runner for mssql" CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mssql > $OUTPUT_FILE diff --git a/integration_tests/test.sh b/integration_tests/test.sh index 855910233..3f9ff2c04 100755 --- a/integration_tests/test.sh +++ b/integration_tests/test.sh @@ -78,7 +78,7 @@ for protocol in $(ls $ZGRAB_OUTPUT); do echo "Validating $target [{(" cat $target echo ")}]:" - if ! python2 -m zschema validate zgrab2 $target --path . --module zgrab2_schemas.zgrab2 ; then + if ! python3 -m zschema validate zgrab2 $target --path . --module zgrab2_schemas.zgrab2 ; then echo "Schema validation failed for $protocol/$outfile" err="schema failure@$protocol/$outfile" if [[ $status -eq 0 ]]; then diff --git a/zgrab2_schemas/README.md b/zgrab2_schemas/README.md index e047b2fa1..e3e803d94 100644 --- a/zgrab2_schemas/README.md +++ b/zgrab2_schemas/README.md @@ -15,7 +15,7 @@ you can follow these steps: 4. Pass in the zgrab2 JSON file to validate * ``` echo 127.0.0.1 | ./cmd/zgrab2/zgrab2 mysql > output.json - PYTHONPATH=/path/to/zschema python2 -m zschema validate zgrab2 output.json --path . --module zgrab2_schemas.zgrab2 + PYTHONPATH=/path/to/zschema python3 -m zschema validate zgrab2 output.json --path . --module zgrab2_schemas.zgrab2 ``` ## Adding new module schemas From d3913e142afa7996e65fcbbbdbbf667b445feaf1 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:20:25 -0800 Subject: [PATCH 32/38] python lint --- zgrab2_schemas/zgrab2/mqtt.py | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py index 007d5062d..5f96a07b1 100644 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ b/zgrab2_schemas/zgrab2/mqtt.py @@ -7,16 +7,21 @@ from . import zgrab2 # Schema for ScanResults struct -mqtt_scan_response = SubRecord({ - "session_present": Boolean(), - "connect_return_code": Binary(), - "response": String(), - "tls": zgrab2.tls_log, -}) +mqtt_scan_response = SubRecord( + { + "session_present": Boolean(), + "connect_return_code": Binary(), + "response": String(), + "tls": zgrab2.tls_log, + } +) -mqtt_scan = SubRecord({ - "result": mqtt_scan_response, -}, extends=zgrab2.base_scan_response) +mqtt_scan = SubRecord( + { + "result": mqtt_scan_response, + }, + extends=zgrab2.base_scan_response, +) zschema.registry.register_schema("zgrab2-mqtt", mqtt_scan) -zgrab2.register_scan_response_type("mqtt", mqtt_scan) \ No newline at end of file +zgrab2.register_scan_response_type("mqtt", mqtt_scan) From 585b3f0b5d618b056cbaab98833410964d9fe41c Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:22:35 -0800 Subject: [PATCH 33/38] python lint --- zgrab2_schemas/zgrab2/pptp.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py index 7526bb48d..f1aef60e9 100644 --- a/zgrab2_schemas/zgrab2/pptp.py +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -7,14 +7,19 @@ from . import zgrab2 # Schema for ScanResults struct -pptp_scan_response = SubRecord({ - "banner": String(), - "control_message": String(), -}) +pptp_scan_response = SubRecord( + { + "banner": String(), + "control_message": String(), + } +) -pptp_scan = SubRecord({ - "result": pptp_scan_response, -}, extends=zgrab2.base_scan_response) +pptp_scan = SubRecord( + { + "result": pptp_scan_response, + }, + extends=zgrab2.base_scan_response, +) zschema.registry.register_schema("zgrab2-pptp", pptp_scan) -zgrab2.register_scan_response_type("pptp", pptp_scan) \ No newline at end of file +zgrab2.register_scan_response_type("pptp", pptp_scan) From 3b73bb3aa60ea578f4ca00dc10e643cadd449450 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:22:53 -0800 Subject: [PATCH 34/38] go lint --- modules/pptp/scanner.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go index ad2f27f1b..d7bdc91b1 100644 --- a/modules/pptp/scanner.go +++ b/modules/pptp/scanner.go @@ -176,4 +176,4 @@ func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result in pptp.results.ControlMessage = response return zgrab2.SCAN_SUCCESS, &pptp.results, nil -} \ No newline at end of file +} From 1bde83fd979eb334c9fe98e609ff2ea2c5a4e841 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:26:07 -0800 Subject: [PATCH 35/38] make test scripts executable --- integration_tests/pptp/cleanup.sh | 0 integration_tests/pptp/setup.sh | 0 integration_tests/pptp/test.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 integration_tests/pptp/cleanup.sh mode change 100644 => 100755 integration_tests/pptp/setup.sh mode change 100644 => 100755 integration_tests/pptp/test.sh diff --git a/integration_tests/pptp/cleanup.sh b/integration_tests/pptp/cleanup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/pptp/setup.sh b/integration_tests/pptp/setup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/pptp/test.sh b/integration_tests/pptp/test.sh old mode 100644 new mode 100755 From 0f52ac4df27f75e6c4746224031b181e5ef96a11 Mon Sep 17 00:00:00 2001 From: 1759537337 <128583732+xiangguisss@users.noreply.github.com> Date: Mon, 27 Jan 2025 19:21:57 +0800 Subject: [PATCH 36/38] Update socks5 --- modules/socks5/scanner.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/socks5/scanner.go b/modules/socks5/scanner.go index 0cdef7a3b..885fa3a64 100644 --- a/modules/socks5/scanner.go +++ b/modules/socks5/scanner.go @@ -214,7 +214,7 @@ func (conn *Connection) PerformConnectionRequest() error { conn.results.ConnectionResponse = fmt.Sprintf("%x", resp) conn.results.ConnectionResponseExplanation = explainResponse(resp) - if resp[1] != 0x00 { + if resp[1] > 0x80 { return fmt.Errorf("connection request failed with response: %x", resp) } From e70804ebfba1784f67875e9dd2acde3dcc05a1d9 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Mon, 27 Jan 2025 21:11:03 +0800 Subject: [PATCH 37/38] Update mqtt --- integration_tests/mqtt/test.sh | 12 ++++++++---- zgrab2_schemas/zgrab2/mqtt.py | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh index 8f2ae805b..1fa88d35d 100755 --- a/integration_tests/mqtt/test.sh +++ b/integration_tests/mqtt/test.sh @@ -13,11 +13,15 @@ OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json echo "mqtt/test: Tests runner for mqtt" # TODO FIXME: Add any necessary flags or additional tests -echo -e ",target,mqtt -,target,mqtt-tls -,target,mqtt-v5 -,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE +# echo -e ",target,mqtt +# ,target,mqtt-tls +# ,target,mqtt-v5 +# ,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE #CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt > $ZGRAB_OUTPUT/mqtt/default.json +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 > $ZGRAB_OUTPUT/mqtt/mqtt_v5.json +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --tls -p 8883 > $ZGRAB_OUTPUT/mqtt/mqtt_tls.json +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --tls --v5 -p 8883 > $ZGRAB_OUTPUT/mqtt/mqtt_tls_v5.json # Dump the docker logs echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py index 5f96a07b1..100da0972 100644 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ b/zgrab2_schemas/zgrab2/mqtt.py @@ -10,7 +10,7 @@ mqtt_scan_response = SubRecord( { "session_present": Boolean(), - "connect_return_code": Binary(), + "connect_return_code": Unsigned32BitInteger(), "response": String(), "tls": zgrab2.tls_log, } From a94f4d73d6097040cb8da1ad8fd0f27f976a5e3d Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Mon, 27 Jan 2025 10:00:30 -0800 Subject: [PATCH 38/38] go lint --- modules/banner/scanner.go | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/modules/banner/scanner.go b/modules/banner/scanner.go index a70755b03..5689d7edb 100644 --- a/modules/banner/scanner.go +++ b/modules/banner/scanner.go @@ -30,16 +30,16 @@ type Flags struct { ReadTimeout int `long:"read-timeout" default:"10" description:"Read timeout in milliseconds"` BufferSize int `long:"buffer-size" default:"8209" description:"Read buffer size in bytes"` MaxReadSize int `long:"max-read-size" default:"512" description:"Maximum amount of data to read in KiB (1024 bytes)"` - Probe string `long:"probe" default:"\\n" description:"Probe to send to the server. Use triple slashes to escape, for example \\\\\\n is literal \\n. Mutually exclusive with --probe-file."` - ProbeFile string `long:"probe-file" description:"Read probe from file as byte array (hex). Mutually exclusive with --probe."` - Pattern string `long:"pattern" description:"Pattern to match, must be valid regexp."` - UseTLS bool `long:"tls" description:"Sends probe with TLS connection. Loads TLS module command options."` - MaxTries int `long:"max-tries" default:"1" description:"Number of tries for timeouts and connection errors before giving up. Includes making TLS connection if enabled."` - Hex bool `long:"hex" description:"Store banner value in hex. Mutually exclusive with --base64."` - Base64 bool `long:"base64" description:"Store banner value in base64. Mutually exclusive with --hex."` - MD5 bool `long:"md5" description:"Calculate MD5 hash of banner value."` - SHA1 bool `long:"sha1" description:"Calculate SHA1 hash of banner value."` - SHA256 bool `long:"sha256" description:"Calculate SHA256 hash of banner value."` + Probe string `long:"probe" default:"\\n" description:"Probe to send to the server. Use triple slashes to escape, for example \\\\\\n is literal \\n. Mutually exclusive with --probe-file."` + ProbeFile string `long:"probe-file" description:"Read probe from file as byte array (hex). Mutually exclusive with --probe."` + Pattern string `long:"pattern" description:"Pattern to match, must be valid regexp."` + UseTLS bool `long:"tls" description:"Sends probe with TLS connection. Loads TLS module command options."` + MaxTries int `long:"max-tries" default:"1" description:"Number of tries for timeouts and connection errors before giving up. Includes making TLS connection if enabled."` + Hex bool `long:"hex" description:"Store banner value in hex. Mutually exclusive with --base64."` + Base64 bool `long:"base64" description:"Store banner value in base64. Mutually exclusive with --hex."` + MD5 bool `long:"md5" description:"Calculate MD5 hash of banner value."` + SHA1 bool `long:"sha1" description:"Calculate SHA1 hash of banner value."` + SHA256 bool `long:"sha256" description:"Calculate SHA256 hash of banner value."` } // Module is the implementation of the zgrab2.Module interface.