From 892e1e3c87bb4f004a3831db42df266c9f79d6f3 Mon Sep 17 00:00:00 2001 From: Nils Hanke Date: Wed, 23 Mar 2022 13:12:56 -0700 Subject: [PATCH 1/9] Use bodyTextLen instead of readLen for FailHTTPToHTTPS logic respContentLength can be -1 in certain cases, in which case readLen will be maxReadLen for the current scan. This will, however, then cause the FailHTTPToHTTPS if-condition to fail as the readLen is > 1024, even though the body content length can be in this range. So let us use the actual body length for the check to avoid this issue. --- modules/http/scanner.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/http/scanner.go b/modules/http/scanner.go index 6992b7ee..6e299de5 100644 --- a/modules/http/scanner.go +++ b/modules/http/scanner.go @@ -549,7 +549,8 @@ func (scan *scan) Grab() *zgrab2.ScanError { } // Application-specific logic for retrying HTTP as HTTPS; if condition matches, return protocol error - if scan.scanner.config.FailHTTPToHTTPS && scan.results.Response.StatusCode == 400 && readLen < 1024 && readLen > 24 { + bodyTextLen := int64(len(bodyText)) + if scan.scanner.config.FailHTTPToHTTPS && scan.results.Response.StatusCode == 400 && bodyTextLen < 1024 && bodyTextLen > 24 { // Apache: "You're speaking plain HTTP to an SSL-enabled server port" // NGINX: "The plain HTTP request was sent to HTTPS port" var sliceLen int64 = 128 @@ -557,7 +558,6 @@ func (scan *scan) Grab() *zgrab2.ScanError { sliceLen = readLen } - bodyTextLen := int64(len(bodyText)) if bodyTextLen < sliceLen { sliceLen = bodyTextLen } From c1942104c2c698da25715190d0bd9ba7f25f5472 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Fri, 27 Sep 2024 16:38:19 +0800 Subject: [PATCH 2/9] New Protocol: PPTP --- modules/mqtt.go | 7 - modules/mqtt/scanner.go | 321 ------------------------------ modules/pptp.go | 7 + modules/pptp/scanner.go | 179 +++++++++++++++++ zgrab2_schemas/zgrab2/__init__.py | 2 +- zgrab2_schemas/zgrab2/pptp.py | 20 ++ 6 files changed, 207 insertions(+), 329 deletions(-) delete mode 100644 modules/mqtt.go delete mode 100644 modules/mqtt/scanner.go create mode 100644 modules/pptp.go create mode 100644 modules/pptp/scanner.go create mode 100644 zgrab2_schemas/zgrab2/pptp.py diff --git a/modules/mqtt.go b/modules/mqtt.go deleted file mode 100644 index 4b009137..00000000 --- a/modules/mqtt.go +++ /dev/null @@ -1,7 +0,0 @@ -package modules - -import "github.com/zmap/zgrab2/modules/mqtt" - -func init() { - mqtt.RegisterModule() -} diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go deleted file mode 100644 index 1c23a962..00000000 --- a/modules/mqtt/scanner.go +++ /dev/null @@ -1,321 +0,0 @@ -package mqtt - -import ( - "encoding/binary" - "fmt" - "io" - "net" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - SessionPresent bool `json:"session_present,omitempty"` - ConnectReturnCode byte `json:"connect_return_code,omitempty"` - Response string `json:"response,omitempty"` - TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` -} - -// Flags are the MQTT-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - zgrab2.TLSFlags - - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` - V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` - UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// Connection holds the state for a single connection to the MQTT server. -type Connection struct { - conn net.Conn - config *Flags - results ScanResults -} - -// RegisterModule registers the MQTT zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Perform an MQTT scan" -} - -// Validate flags -func (f *Flags) Validate(args []string) error { - return nil -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "mqtt" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. -func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { - var packet []byte - if v5 { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x17, // Remaining Length (23 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x05, // Protocol Level (MQTT v5.0) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Properties - 0x00, // Properties Length (0) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } else { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x16, // Remaining Length (22 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x04, // Protocol Level (MQTT v3.1.1) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } - _, err := mqtt.conn.Write(packet) - return err -} - -// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. -func (mqtt *Connection) ReadMQTTv3Packet() error { - response := make([]byte, 4) - _, err := mqtt.conn.Read(response) - if err != nil { - return err - } - - mqtt.results.Response = fmt.Sprintf("%X", response) - - // DISCONNECT packet - if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { - return nil - } - - // Check if the response is a valid CONNACK packet - if response[0] != 0x20 || response[1] != 0x02 { - return fmt.Errorf("invalid CONNACK packet") - } - - mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = response[3] - - return nil -} - -// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. -func (mqtt *Connection) ReadMQTTv5Packet() error { - // Read the first byte to determine the packet type - firstByte := make([]byte, 1) - _, err := io.ReadFull(mqtt.conn, firstByte) - if err != nil { - return err - } - - packetType := firstByte[0] >> 4 - - // Read the remaining length - remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) - if err != nil { - return err - } - - // Convert remaining length bytes to integer - remainingLength, _ := binary.Uvarint(remainingLengthBytes) - - // Allocate the packet buffer with the correct size - packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) - packet[0] = firstByte[0] - copy(packet[1:], remainingLengthBytes) - - // Read the rest of the packet - _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) - if err != nil { - return err - } - - // Store the original response - mqtt.results.Response = fmt.Sprintf("%X", packet) - - // Process the packet based on its type - switch packetType { - case 2: // CONNACK - return mqtt.processConnAck(packet) - case 14: // DISCONNECT - return mqtt.processDisconnect(packet) - default: - return fmt.Errorf("unexpected packet type: %d", packetType) - } -} - -func (mqtt *Connection) processConnAck(packet []byte) error { - if len(packet) < 4 { - return fmt.Errorf("invalid CONNACK packet length") - } - - mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = packet[3] - - // Process properties if present - if len(packet) > 4 { - propertiesLength, n := binary.Uvarint(packet[4:]) - propertiesStart := 4 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in CONNACK") - } - } - - return nil -} - -func (mqtt *Connection) processDisconnect(packet []byte) error { - if len(packet) < 2 { - return fmt.Errorf("invalid DISCONNECT packet length") - } - - // Process properties if present - if len(packet) > 3 { - propertiesLength, n := binary.Uvarint(packet[3:]) - propertiesStart := 3 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in DISCONNECT") - } - } - - return nil -} - -func readVariableByteInteger(r io.Reader) ([]byte, error) { - var result []byte - for i := 0; i < 4; i++ { - b := make([]byte, 1) - _, err := r.Read(b) - if err != nil { - return nil, err - } - result = append(result, b[0]) - if b[0]&0x80 == 0 { - break - } - } - if len(result) == 4 && result[3]&0x80 != 0 { - return nil, fmt.Errorf("invalid variable byte integer") - } - return result, nil -} - -// Scan performs the configured scan on the MQTT server. -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - defer conn.Close() - - mqtt := Connection{conn: conn, config: s.config} - - if s.config.UseTLS { - tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) - } - mqtt.results.TLSLog = tlsConn.GetLog() - - if err := tlsConn.Handshake(); err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) - } - - mqtt.conn = tlsConn - } - - if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) - } - - if s.config.V5 { - err = mqtt.ReadMQTTv5Packet() - } else { - err = mqtt.ReadMQTTv3Packet() - } - - if err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) - } - - return zgrab2.SCAN_SUCCESS, &mqtt.results, nil -} diff --git a/modules/pptp.go b/modules/pptp.go new file mode 100644 index 00000000..305ce0ae --- /dev/null +++ b/modules/pptp.go @@ -0,0 +1,7 @@ +package modules + +import "github.com/zmap/zgrab2/modules/pptp" + +func init() { + pptp.RegisterModule() +} diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go new file mode 100644 index 00000000..ad2f27f1 --- /dev/null +++ b/modules/pptp/scanner.go @@ -0,0 +1,179 @@ +// Package pptp contains the zgrab2 Module implementation for PPTP. +package pptp + +import ( + "encoding/binary" + "fmt" + "net" + "time" + + log "github.com/sirupsen/logrus" + "github.com/zmap/zgrab2" +) + +// ScanResults is the output of the scan. +type ScanResults struct { + // Banner is the initial data banner sent by the server. + Banner string `json:"banner,omitempty"` + + // ControlMessage is the received PPTP control message. + ControlMessage string `json:"control_message,omitempty"` +} + +// Flags are the PPTP-specific command-line flags. +type Flags struct { + zgrab2.BaseFlags + Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` +} + +// Module implements the zgrab2.Module interface. +type Module struct { +} + +// Scanner implements the zgrab2.Scanner interface, and holds the state +// for a single scan. +type Scanner struct { + config *Flags +} + +// RegisterModule registers the pptp zgrab2 module. +func RegisterModule() { + var module Module + _, err := zgrab2.AddCommand("pptp", "PPTP", module.Description(), 1723, &module) + if err != nil { + log.Fatal(err) + } +} + +// NewFlags returns the default flags object to be filled in with the +// command-line arguments. +func (m *Module) NewFlags() interface{} { + return new(Flags) +} + +// NewScanner returns a new Scanner instance. +func (m *Module) NewScanner() zgrab2.Scanner { + return new(Scanner) +} + +// Description returns an overview of this module. +func (m *Module) Description() string { + return "Scan for PPTP" +} + +// Validate flags +func (f *Flags) Validate(args []string) (err error) { + return +} + +// Help returns this module's help string. +func (f *Flags) Help() string { + return "" +} + +// Protocol returns the protocol identifier for the scanner. +func (s *Scanner) Protocol() string { + return "pptp" +} + +// Init initializes the Scanner instance with the flags from the command line. +func (s *Scanner) Init(flags zgrab2.ScanFlags) error { + f, _ := flags.(*Flags) + s.config = f + return nil +} + +// InitPerSender does nothing in this module. +func (s *Scanner) InitPerSender(senderID int) error { + return nil +} + +// GetName returns the configured name for the Scanner. +func (s *Scanner) GetName() string { + return s.config.Name +} + +// GetTrigger returns the Trigger defined in the Flags. +func (scanner *Scanner) GetTrigger() string { + return scanner.config.Trigger +} + +// PPTP Start-Control-Connection-Request message constants +const ( + PPTP_MAGIC_COOKIE = 0x1A2B3C4D + PPTP_CONTROL_MESSAGE = 1 + PPTP_START_CONN_REQUEST = 1 + PPTP_PROTOCOL_VERSION = 0x0100 // Split into two 16-bit values for binary.BigEndian.PutUint16 +) + +// Connection holds the state for a single connection to the PPTP server. +type Connection struct { + config *Flags + results ScanResults + conn net.Conn +} + +// Create the Start-Control-Connection-Request message +func createSCCRMessage() []byte { + message := make([]byte, 156) + binary.BigEndian.PutUint16(message[0:2], 156) // Length + binary.BigEndian.PutUint16(message[2:4], PPTP_CONTROL_MESSAGE) // PPTP Message Type + binary.BigEndian.PutUint32(message[4:8], PPTP_MAGIC_COOKIE) // Magic Cookie + binary.BigEndian.PutUint16(message[8:10], PPTP_START_CONN_REQUEST) // Control Message Type + binary.BigEndian.PutUint16(message[10:12], uint16(PPTP_PROTOCOL_VERSION>>16)) // Protocol Version (high 16 bits) + binary.BigEndian.PutUint16(message[12:14], uint16(PPTP_PROTOCOL_VERSION&0xFFFF)) // Protocol Version (low 16 bits) + binary.BigEndian.PutUint32(message[14:18], 0) // Framing Capabilities + binary.BigEndian.PutUint32(message[18:22], 0) // Bearer Capabilities + binary.BigEndian.PutUint16(message[22:24], 0) // Maximum Channels + binary.BigEndian.PutUint16(message[24:26], 0) // Firmware Revision + copy(message[26:90], "ZGRAB2-SCANNER") // Host Name + copy(message[90:], "ZGRAB2") // Vendor Name + return message +} + +// Read response from the PPTP server +func (pptp *Connection) readResponse() (string, error) { + buffer := make([]byte, 1024) + pptp.conn.SetReadDeadline(time.Now().Add(5 * time.Second)) + n, err := pptp.conn.Read(buffer) + if err != nil { + return "", err + } + return string(buffer[:n]), nil +} + +// Scan performs the configured scan on the PPTP server +func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { + var err error + conn, err := t.Open(&s.config.BaseFlags) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) + } + cn := conn + defer func() { + cn.Close() + }() + + results := ScanResults{} + + pptp := Connection{conn: cn, config: s.config, results: results} + + // Send Start-Control-Connection-Request message + request := createSCCRMessage() + _, err = pptp.conn.Write(request) + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error sending PPTP SCCR message: %w", err) + } + + // Read the response + response, err := pptp.readResponse() + if err != nil { + return zgrab2.TryGetScanStatus(err), &pptp.results, fmt.Errorf("error reading PPTP response: %w", err) + } + + // Store the banner and control message + pptp.results.Banner = string(request) + pptp.results.ControlMessage = response + + return zgrab2.SCAN_SUCCESS, &pptp.results, nil +} \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/__init__.py b/zgrab2_schemas/zgrab2/__init__.py index c7a0e205..e0806003 100644 --- a/zgrab2_schemas/zgrab2/__init__.py +++ b/zgrab2_schemas/zgrab2/__init__.py @@ -22,4 +22,4 @@ from . import ipp from . import banner from . import amqp091 -from . import mqtt +from . import pptp diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py new file mode 100644 index 00000000..9273387a --- /dev/null +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -0,0 +1,20 @@ +# zschema sub-schema for zgrab2's MQTT module +# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +from zschema.leaves import * +from zschema.compounds import * +import zschema.registry + +from . import zgrab2 + +# Schema for ScanResults struct +pptp_scan_response = SubRecord({ + "banner": String(), + "control_message": String(), +}) + +pptp_scan = SubRecord({ + "result": pptp_scan_response, +}, extends=zgrab2.base_scan_response) + +zschema.registry.register_schema("zgrab2-pptp", pptp_scan) +zgrab2.register_scan_response_type("pptp", pptp_scan) \ No newline at end of file From 4966b2034437abaf761ad23cafdfa9252374f4b4 Mon Sep 17 00:00:00 2001 From: AlexAQ972 <182717094+AlexAQ972@users.noreply.github.com> Date: Fri, 27 Sep 2024 16:43:48 +0800 Subject: [PATCH 3/9] Delete modules/mqtt directory --- modules/mqtt/scanner.go | 321 ---------------------------------------- 1 file changed, 321 deletions(-) delete mode 100644 modules/mqtt/scanner.go diff --git a/modules/mqtt/scanner.go b/modules/mqtt/scanner.go deleted file mode 100644 index 1c23a962..00000000 --- a/modules/mqtt/scanner.go +++ /dev/null @@ -1,321 +0,0 @@ -package mqtt - -import ( - "encoding/binary" - "fmt" - "io" - "net" - - log "github.com/sirupsen/logrus" - "github.com/zmap/zgrab2" -) - -// ScanResults is the output of the scan. -type ScanResults struct { - SessionPresent bool `json:"session_present,omitempty"` - ConnectReturnCode byte `json:"connect_return_code,omitempty"` - Response string `json:"response,omitempty"` - TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` -} - -// Flags are the MQTT-specific command-line flags. -type Flags struct { - zgrab2.BaseFlags - zgrab2.TLSFlags - - Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` - V5 bool `long:"v5" description:"Scanning MQTT v5.0. Otherwise scanning MQTT v3.1.1"` - UseTLS bool `long:"tls" description:"Use TLS for the MQTT connection"` -} - -// Module implements the zgrab2.Module interface. -type Module struct { -} - -// Scanner implements the zgrab2.Scanner interface, and holds the state -// for a single scan. -type Scanner struct { - config *Flags -} - -// Connection holds the state for a single connection to the MQTT server. -type Connection struct { - conn net.Conn - config *Flags - results ScanResults -} - -// RegisterModule registers the MQTT zgrab2 module. -func RegisterModule() { - var module Module - _, err := zgrab2.AddCommand("mqtt", "MQTT", module.Description(), 1883, &module) - if err != nil { - log.Fatal(err) - } -} - -// NewFlags returns the default flags object to be filled in with the -// command-line arguments. -func (m *Module) NewFlags() interface{} { - return new(Flags) -} - -// NewScanner returns a new Scanner instance. -func (m *Module) NewScanner() zgrab2.Scanner { - return new(Scanner) -} - -// Description returns an overview of this module. -func (m *Module) Description() string { - return "Perform an MQTT scan" -} - -// Validate flags -func (f *Flags) Validate(args []string) error { - return nil -} - -// Help returns this module's help string. -func (f *Flags) Help() string { - return "" -} - -// Protocol returns the protocol identifier for the scanner. -func (s *Scanner) Protocol() string { - return "mqtt" -} - -// Init initializes the Scanner instance with the flags from the command line. -func (s *Scanner) Init(flags zgrab2.ScanFlags) error { - f, _ := flags.(*Flags) - s.config = f - return nil -} - -// InitPerSender does nothing in this module. -func (s *Scanner) InitPerSender(senderID int) error { - return nil -} - -// GetName returns the configured name for the Scanner. -func (s *Scanner) GetName() string { - return s.config.Name -} - -// GetTrigger returns the Trigger defined in the Flags. -func (scanner *Scanner) GetTrigger() string { - return scanner.config.Trigger -} - -// SendMQTTConnectPacket constructs and sends an MQTT CONNECT packet to the server. -func (mqtt *Connection) SendMQTTConnectPacket(v5 bool) error { - var packet []byte - if v5 { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x17, // Remaining Length (23 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x05, // Protocol Level (MQTT v5.0) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Properties - 0x00, // Properties Length (0) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } else { - packet = []byte{ - // Fixed Header - 0x10, // Control Packet Type (CONNECT) and flags - 0x16, // Remaining Length (22 bytes) - - // Variable Header - 0x00, 0x04, 'M', 'Q', 'T', 'T', // Protocol Name - 0x04, // Protocol Level (MQTT v3.1.1) - 0x02, // Connect Flags (Clean Start) - 0x00, 0x3C, // Keep Alive (60 seconds) - - // Payload - 0x00, 0x0A, 'M', 'Q', 'T', 'T', 'C', 'l', 'i', 'e', 'n', 't', // Client Identifier - } - } - _, err := mqtt.conn.Write(packet) - return err -} - -// ReadMQTTv3Packet reads and parses the CONNACK packet from the server. -func (mqtt *Connection) ReadMQTTv3Packet() error { - response := make([]byte, 4) - _, err := mqtt.conn.Read(response) - if err != nil { - return err - } - - mqtt.results.Response = fmt.Sprintf("%X", response) - - // DISCONNECT packet - if ((response[0] & 0xF0) == 0xE0) && (response[1] == 0x00) { - return nil - } - - // Check if the response is a valid CONNACK packet - if response[0] != 0x20 || response[1] != 0x02 { - return fmt.Errorf("invalid CONNACK packet") - } - - mqtt.results.SessionPresent = (response[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = response[3] - - return nil -} - -// ReadMQTTv5Packet reads and parses the CONNACK or DISCONNECT packet from the server for MQTT v5.0. -func (mqtt *Connection) ReadMQTTv5Packet() error { - // Read the first byte to determine the packet type - firstByte := make([]byte, 1) - _, err := io.ReadFull(mqtt.conn, firstByte) - if err != nil { - return err - } - - packetType := firstByte[0] >> 4 - - // Read the remaining length - remainingLengthBytes, err := readVariableByteInteger(mqtt.conn) - if err != nil { - return err - } - - // Convert remaining length bytes to integer - remainingLength, _ := binary.Uvarint(remainingLengthBytes) - - // Allocate the packet buffer with the correct size - packet := make([]byte, 1+len(remainingLengthBytes)+int(remainingLength)) - packet[0] = firstByte[0] - copy(packet[1:], remainingLengthBytes) - - // Read the rest of the packet - _, err = io.ReadFull(mqtt.conn, packet[1+len(remainingLengthBytes):]) - if err != nil { - return err - } - - // Store the original response - mqtt.results.Response = fmt.Sprintf("%X", packet) - - // Process the packet based on its type - switch packetType { - case 2: // CONNACK - return mqtt.processConnAck(packet) - case 14: // DISCONNECT - return mqtt.processDisconnect(packet) - default: - return fmt.Errorf("unexpected packet type: %d", packetType) - } -} - -func (mqtt *Connection) processConnAck(packet []byte) error { - if len(packet) < 4 { - return fmt.Errorf("invalid CONNACK packet length") - } - - mqtt.results.SessionPresent = (packet[2] & 0x01) == 0x01 - mqtt.results.ConnectReturnCode = packet[3] - - // Process properties if present - if len(packet) > 4 { - propertiesLength, n := binary.Uvarint(packet[4:]) - propertiesStart := 4 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in CONNACK") - } - } - - return nil -} - -func (mqtt *Connection) processDisconnect(packet []byte) error { - if len(packet) < 2 { - return fmt.Errorf("invalid DISCONNECT packet length") - } - - // Process properties if present - if len(packet) > 3 { - propertiesLength, n := binary.Uvarint(packet[3:]) - propertiesStart := 3 + n - propertiesEnd := propertiesStart + int(propertiesLength) - - if propertiesEnd > len(packet) { - return fmt.Errorf("invalid properties length in DISCONNECT") - } - } - - return nil -} - -func readVariableByteInteger(r io.Reader) ([]byte, error) { - var result []byte - for i := 0; i < 4; i++ { - b := make([]byte, 1) - _, err := r.Read(b) - if err != nil { - return nil, err - } - result = append(result, b[0]) - if b[0]&0x80 == 0 { - break - } - } - if len(result) == 4 && result[3]&0x80 != 0 { - return nil, fmt.Errorf("invalid variable byte integer") - } - return result, nil -} - -// Scan performs the configured scan on the MQTT server. -func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result interface{}, thrown error) { - conn, err := t.Open(&s.config.BaseFlags) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error opening connection: %w", err) - } - defer conn.Close() - - mqtt := Connection{conn: conn, config: s.config} - - if s.config.UseTLS { - tlsConn, err := s.config.TLSFlags.GetTLSConnection(conn) - if err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error getting TLS connection: %w", err) - } - mqtt.results.TLSLog = tlsConn.GetLog() - - if err := tlsConn.Handshake(); err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error during TLS handshake: %w", err) - } - - mqtt.conn = tlsConn - } - - if err := mqtt.SendMQTTConnectPacket(s.config.V5); err != nil { - return zgrab2.TryGetScanStatus(err), nil, fmt.Errorf("error sending CONNECT packet: %w", err) - } - - if s.config.V5 { - err = mqtt.ReadMQTTv5Packet() - } else { - err = mqtt.ReadMQTTv3Packet() - } - - if err != nil { - return zgrab2.TryGetScanStatus(err), &mqtt.results, fmt.Errorf("error reading CONNACK packet: %w", err) - } - - return zgrab2.SCAN_SUCCESS, &mqtt.results, nil -} From 70a20a4ec28a357a1287edfbe3aec9b6bc33418a Mon Sep 17 00:00:00 2001 From: AlexAQ972 <182717094+AlexAQ972@users.noreply.github.com> Date: Fri, 27 Sep 2024 16:44:04 +0800 Subject: [PATCH 4/9] Delete modules/mqtt.go --- modules/mqtt.go | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 modules/mqtt.go diff --git a/modules/mqtt.go b/modules/mqtt.go deleted file mode 100644 index 4b009137..00000000 --- a/modules/mqtt.go +++ /dev/null @@ -1,7 +0,0 @@ -package modules - -import "github.com/zmap/zgrab2/modules/mqtt" - -func init() { - mqtt.RegisterModule() -} From 1c7ec6720726f4b92a6790a5a06a49e5e4db335e Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sat, 28 Sep 2024 17:04:35 +0800 Subject: [PATCH 5/9] Add pptp integration_test --- integration_tests/pptp/chap-secrets | 3 +++ integration_tests/pptp/cleanup.sh | 9 +++++++++ integration_tests/pptp/setup.sh | 26 ++++++++++++++++++++++++++ integration_tests/pptp/test.sh | 23 +++++++++++++++++++++++ 4 files changed, 61 insertions(+) create mode 100644 integration_tests/pptp/chap-secrets create mode 100644 integration_tests/pptp/cleanup.sh create mode 100644 integration_tests/pptp/setup.sh create mode 100644 integration_tests/pptp/test.sh diff --git a/integration_tests/pptp/chap-secrets b/integration_tests/pptp/chap-secrets new file mode 100644 index 00000000..6bb970db --- /dev/null +++ b/integration_tests/pptp/chap-secrets @@ -0,0 +1,3 @@ +# Secrets for authentication using PAP +# client server secret acceptable local IP addresses +username * password * \ No newline at end of file diff --git a/integration_tests/pptp/cleanup.sh b/integration_tests/pptp/cleanup.sh new file mode 100644 index 00000000..23837101 --- /dev/null +++ b/integration_tests/pptp/cleanup.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set +e + +echo "pptp/cleanup: Tests cleanup for pptp" + +CONTAINER_NAME=zgrab_pptp + +docker stop $CONTAINER_NAME diff --git a/integration_tests/pptp/setup.sh b/integration_tests/pptp/setup.sh new file mode 100644 index 00000000..a587ee90 --- /dev/null +++ b/integration_tests/pptp/setup.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +echo "pptp/setup: Tests setup for pptp" + +CONTAINER_TAG="mobtitude/vpn-pptp" +CONTAINER_NAME="zgrab_pptp" + +# If the container is already running, use it. +if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then + echo "pptp/setup: Container $CONTAINER_NAME already running -- nothing to setup" + exit 0 +fi + +DOCKER_RUN_FLAGS="--rm --privileged --name $CONTAINER_NAME -td -v ./chap-secrets:/etc/ppp/chap-secrets" + +# If it is not running, try launching it -- on success, use that. +echo "pptp/setup: Trying to launch $CONTAINER_NAME..." +if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then + echo "failed" + # echo "pptp/setup: Building docker image $CONTAINER_TAG..." + # # If it fails, build it from ./container/Dockerfile + # docker build -t $CONTAINER_TAG ./container + # # Try again + # echo "pptp/setup: Launching $CONTAINER_NAME..." + # docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG +fi diff --git a/integration_tests/pptp/test.sh b/integration_tests/pptp/test.sh new file mode 100644 index 00000000..83b152f8 --- /dev/null +++ b/integration_tests/pptp/test.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +set -e +MODULE_DIR=$(dirname $0) +ZGRAB_ROOT=$(git rev-parse --show-toplevel) +ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output + +mkdir -p $ZGRAB_OUTPUT/pptp + +CONTAINER_NAME=zgrab_pptp + +OUTPUT_FILE=$ZGRAB_OUTPUT/pptp/pptp.json + +echo "pptp/test: Tests runner for pptp" +# TODO FIXME: Add any necessary flags or additional tests +CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh pptp > $OUTPUT_FILE + +# Dump the docker logs +echo "pptp/test: BEGIN docker logs from $CONTAINER_NAME [{(" +docker logs --tail all $CONTAINER_NAME +echo ")}] END docker logs from $CONTAINER_NAME" + +# TODO: If there are any other relevant log files, dump those to stdout here. From 1d8e41ccf5b41229d4e5ce57990ccbbe0f88e810 Mon Sep 17 00:00:00 2001 From: 1759537337 Date: Sun, 29 Sep 2024 17:10:09 +0800 Subject: [PATCH 6/9] delete mqtt --- integration_tests/mqtt/cleanup.sh | 9 ----- integration_tests/mqtt/mosquitto.conf | 6 ---- integration_tests/mqtt/multiple.ini | 23 ------------- integration_tests/mqtt/server.crt | 20 ----------- integration_tests/mqtt/server.csr | 16 --------- integration_tests/mqtt/server.key | 28 ---------------- integration_tests/mqtt/server.pem | 48 --------------------------- integration_tests/mqtt/setup.sh | 27 --------------- integration_tests/mqtt/test.sh | 27 --------------- zgrab2_schemas/zgrab2/mqtt.py | 22 ------------ zgrab2_schemas/zgrab2/pptp.py | 4 +-- 11 files changed, 2 insertions(+), 228 deletions(-) delete mode 100755 integration_tests/mqtt/cleanup.sh delete mode 100644 integration_tests/mqtt/mosquitto.conf delete mode 100644 integration_tests/mqtt/multiple.ini delete mode 100644 integration_tests/mqtt/server.crt delete mode 100644 integration_tests/mqtt/server.csr delete mode 100644 integration_tests/mqtt/server.key delete mode 100644 integration_tests/mqtt/server.pem delete mode 100755 integration_tests/mqtt/setup.sh delete mode 100755 integration_tests/mqtt/test.sh delete mode 100644 zgrab2_schemas/zgrab2/mqtt.py diff --git a/integration_tests/mqtt/cleanup.sh b/integration_tests/mqtt/cleanup.sh deleted file mode 100755 index b926199d..00000000 --- a/integration_tests/mqtt/cleanup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set +e - -echo "mqtt/cleanup: Tests cleanup for mqtt" - -CONTAINER_NAME=zgrab_mqtt - -docker stop $CONTAINER_NAME diff --git a/integration_tests/mqtt/mosquitto.conf b/integration_tests/mqtt/mosquitto.conf deleted file mode 100644 index c0efbf2f..00000000 --- a/integration_tests/mqtt/mosquitto.conf +++ /dev/null @@ -1,6 +0,0 @@ -listener 1883 0.0.0.0 - -listener 8883 0.0.0.0 -protocol mqtt -certfile /mosquitto/server.pem -keyfile /mosquitto/server.key \ No newline at end of file diff --git a/integration_tests/mqtt/multiple.ini b/integration_tests/mqtt/multiple.ini deleted file mode 100644 index 74f05023..00000000 --- a/integration_tests/mqtt/multiple.ini +++ /dev/null @@ -1,23 +0,0 @@ -[mqtt] -name="mqtt-tls" -trigger="mqtt-tls" -port=8883 -tls=true - -[mqtt] -name="mqtt-tls-v5" -trigger="mqtt-tls-v5" -port=8883 -tls=true -v5=true - -[mqtt] -name="mqtt" -trigger="mqtt" -port=1883 - -[mqtt] -name="mqtt-v5" -trigger="mqtt-v5" -port=1883 -v5=true \ No newline at end of file diff --git a/integration_tests/mqtt/server.crt b/integration_tests/mqtt/server.crt deleted file mode 100644 index 1a7c0ff2..00000000 --- a/integration_tests/mqtt/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/server.csr b/integration_tests/mqtt/server.csr deleted file mode 100644 index e1fb5146..00000000 --- a/integration_tests/mqtt/server.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCPropLZOaRaCD+iSGS304DRO6ysO8D2UW9T8CKqcbI6mOp -b8Wx2ENXXxuhSIpF3xe+yqpPOQmxph+lYnlewqVFWKRY91xIX07iMQ4bQHXKiWTs -IUQYRDbiLPq4sLgKdUdD41SoLhRBLGySX0/27hBlMQ0dZz92jTLOAYL06oqdtcJE -q/v3HVKlGiPkPiuFljbxBwI142ceFAWCctTb7N+6a0W/HioZPhKXLfGMcEHyNCQ7 -XwMQW5DSp4S7J4FseDkxLIxcbYYCxpi3jHFx+eYPerZ5TobE6QZHQeWLj8mcrNwu -mrL6CFlKde7F+xmb3e/tPfUTE+NxNdWzPGTjov2h ------END CERTIFICATE REQUEST----- diff --git a/integration_tests/mqtt/server.key b/integration_tests/mqtt/server.key deleted file mode 100644 index a82fc343..00000000 --- a/integration_tests/mqtt/server.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- diff --git a/integration_tests/mqtt/server.pem b/integration_tests/mqtt/server.pem deleted file mode 100644 index 97774dfb..00000000 --- a/integration_tests/mqtt/server.pem +++ /dev/null @@ -1,48 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjv7weJ2Y4W13E -jLiKZeuWgiusyOhLV9puQq5yYX0QoafTCVdznrD1fd63DNlXfoK3/Kk8O+0y3IJW -HErh7wR31Wx2gpwcdM+aIGKM0RIrjVf4cU4HyXYUFTeVsBr0SXtKW+0Wi7c+DxfK -xyZU4rUMN+7hpjrFuGwWVNRegTc/zrPQTywQQZ0Lx1EJpqf2hiQYGtJkUVt1RRTr -e14CyUdj0fYwk0GbLZXrnUnXY0kXplb35tM3LCDuCD7AinZFDIePnltx9HHNqBYI -CA8+9vrlGJ8sbTsdb7+0c1REyQcDBv1Q53zWeZaM0yoZSmYVclYo8tzmzGsfKS14 -sSXCq6nNAgMBAAECggEABtiZUNls2KZZQUJw5LhmJSDEGrE7pQrDQyDekkGpLOzV -S2l0kozr8ReWHCkZXSMY7ABQQwhuXlYBzP/Z0aBgm3H82ueTB02K8HKyLBkBnXiH -WQfDr2eo3CYW8NcwCU6ZLP6y5uJogtu2ru+slpfz4dLk1eJRSrrvKe/aASl92dkF -Y8UHh2Fw1Vctf/yND/hNiUefKhfwqVhbwOHZnDZ96ww878bHFumxrhBS6+DNFyIN -NrGsHWZ+NUS5/jpRu9kw/TRTtvXQzt18jIfHt9t1awyoxUX0fqtKlWKn2JvjZcP/ -5udjY5LT1Jyx80e1LFotCFNYo3SKLNS4ci7047S8gQKBgQDRJ6WSr9DrEjTkRvK4 -yUZj+0JEQbNCiZm7cOxNUMLw8OB2lMd5/qNYGKsa1kq0vCpkkLrLN8MVZOIanXIW -ENnZdtvb7/Io4MkS0yIkIIPfhP4YyQRGmkKVn/vBY9meqDj9KVtUiSHl0VebnR3N -4QKjvFK+sOIkOXwG/baKp7SCaQKBgQDIbKQPD6AjU6NZx16gpXXMq9+dTC830cmE -tvO8ye73wNmU6M8/ys7zedAVMtO5XK98/ASHJmhVjhtfSHA0RpxdhcOIizWBquGu -7jvZ9iocos5NZuR9++in9hRsFIiiII9u4PrwVznZJZIdP9mV9Pba7SaRbd0LWOLY -2TZ89XD3xQKBgHukKlb6pFAyZR4Favsd0QTNxbC//g55dW2/JZHXCkaQvsCa1wkh -JMKxYoTs5SDOk2j7vdDgV+zPxHHjXUv6Di5l+zabM9ZCe9srAOXGau65mdRhEKwE -CRSWjKcYNc96tqXBywHAR0+qX1XYnYPVXlAYxfmAa07qxI0FcuGonibxAoGBAILv -rtKEE8tgdcROYnyy+92Fn6YEwohGDtAcMenxRqQnIj6NRfBYD5Gy0AU5WmarrZ4K -iu68Ycca+rjp+xu70aWroM2QnJkkySHeU82Wa3afygV5JedEbn9kXX0qgQTiHrKC -Wo4vfgRl7iobr4uvKKJn8h1qV9F09WZTqaxDMNU9AoGACTw9ZiKtrW+5jS1ucLdl -49gE6QPH3+JnQPqazguLF9OoCOyw69lHdzu/S77Yag4W5M+N8dBCRNF/lOfCbtJc -eIeSFMdJOq97GlsK6QompySHlKlq13u17Jot0x82VPJt1vUuGTrS8qrM5QDKWxZw -skYVITHcfYVzVgxC9JIIKGg= ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDOzCCAiOgAwIBAgIUS+JTI5jiO1C0AgqSuFgB1P9wS8swDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwMzIwNTNaGA8yMDUy -MDIxMDAzMjA1M1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKO/vB4nZjhbXcSMuIpl65aCK6zI6EtX2m5CrnJh -fRChp9MJV3OesPV93rcM2Vd+grf8qTw77TLcglYcSuHvBHfVbHaCnBx0z5ogYozR -EiuNV/hxTgfJdhQVN5WwGvRJe0pb7RaLtz4PF8rHJlTitQw37uGmOsW4bBZU1F6B -Nz/Os9BPLBBBnQvHUQmmp/aGJBga0mRRW3VFFOt7XgLJR2PR9jCTQZstleudSddj -SRemVvfm0zcsIO4IPsCKdkUMh4+eW3H0cc2oFggIDz72+uUYnyxtOx1vv7RzVETJ -BwMG/VDnfNZ5lozTKhlKZhVyVijy3ObMax8pLXixJcKrqc0CAwEAAaMhMB8wHQYD -VR0OBBYEFP6DHoFBdNVmHwc6LZnLwcDcKnvzMA0GCSqGSIb3DQEBCwUAA4IBAQA9 -VRDbEAFWmqKq+LPRqGmjiqGE0rTOsoKSDWn0Zsre31H2vsXy8BUW69rjhwMXEONl -5ybZCHnU8GLawFzrVQJnuV77XhIDuJhIz81guy0K872YcrNuhlIS7ahxXJszwgPe -Tp313rJKUA44DIuF18WjWjwQL8bU80xiJJcyuR2mViOFgcfIABmSzvvMx8nHxp7W -C9woea6TMamq7GQmIky9ZVy7OcfOSCygK0TU6Y2qNcIuKl4xtvY07msGFLifXp6s -A9A4aS610tqPNInh5zokI2m/y7nvCq7BA9n+5HvMKJcxW2G+AU7R7IFJctsPL07g -1MDuvzVplpxKk3tkj8Ou ------END CERTIFICATE----- diff --git a/integration_tests/mqtt/setup.sh b/integration_tests/mqtt/setup.sh deleted file mode 100755 index 46284641..00000000 --- a/integration_tests/mqtt/setup.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -echo "mqtt/setup: Tests setup for mqtt" - -CONTAINER_TAG="eclipse-mosquitto" -CONTAINER_NAME="zgrab_mqtt" - -# If the container is already running, use it. -if docker ps --filter "name=$CONTAINER_NAME" | grep -q $CONTAINER_NAME; then - echo "mqtt/setup: Container $CONTAINER_NAME already running -- nothing to setup" - exit 0 -fi - -DOCKER_RUN_FLAGS="--rm --name $CONTAINER_NAME -td -v ./mosquitto.conf:/mosquitto/config/mosquitto.conf -v ./server.pem:/mosquitto/server.pem -v ./server.key:/mosquitto/server.key" - -# If it is not running, try launching it -- on success, use that. -echo "mqtt/setup: Trying to launch $CONTAINER_NAME..." -if ! docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG; then - echo "eclipse-mosquitto launch fail" - - #echo "mqtt/setup: Building docker image $CONTAINER_TAG..." - # If it fails, build it from ./container/Dockerfile - #docker build -t $CONTAINER_TAG ./container - # Try again - #echo "mqtt/setup: Launching $CONTAINER_NAME..." - #docker run $DOCKER_RUN_FLAGS $CONTAINER_TAG -fi diff --git a/integration_tests/mqtt/test.sh b/integration_tests/mqtt/test.sh deleted file mode 100755 index 8f2ae805..00000000 --- a/integration_tests/mqtt/test.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -set -e -MODULE_DIR=$(dirname $0) -ZGRAB_ROOT=$(git rev-parse --show-toplevel) -ZGRAB_OUTPUT=$ZGRAB_ROOT/zgrab-output - -mkdir -p $ZGRAB_OUTPUT/mqtt - -CONTAINER_NAME=zgrab_mqtt - -OUTPUT_FILE=$ZGRAB_OUTPUT/mqtt/mqtt.json - -echo "mqtt/test: Tests runner for mqtt" -# TODO FIXME: Add any necessary flags or additional tests -echo -e ",target,mqtt -,target,mqtt-tls -,target,mqtt-v5 -,target,mqtt-tls-v5" | docker run --rm -i -v ./multiple.ini:/multiple.ini --link $CONTAINER_NAME:target zgrab2_runner multiple -c /multiple.ini> $OUTPUT_FILE -#CONTAINER_NAME=$CONTAINER_NAME $ZGRAB_ROOT/docker-runner/docker-run.sh mqtt --v5 >> $OUTPUT_FILE - -# Dump the docker logs -echo "mqtt/test: BEGIN docker logs from $CONTAINER_NAME [{(" -docker logs --tail all $CONTAINER_NAME -echo ")}] END docker logs from $CONTAINER_NAME" - -# TODO: If there are any other relevant log files, dump those to stdout here. diff --git a/zgrab2_schemas/zgrab2/mqtt.py b/zgrab2_schemas/zgrab2/mqtt.py deleted file mode 100644 index 0c0be42b..00000000 --- a/zgrab2_schemas/zgrab2/mqtt.py +++ /dev/null @@ -1,22 +0,0 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. -from zschema.leaves import * -from zschema.compounds import * -import zschema.registry - -from . import zgrab2 - -# Schema for ScanResults struct -mqtt_scan_response = SubRecord({ - "session_present": Boolean(), - "connect_return_code": Byte(), - "response": String(), - "tls": zgrab2.tls_log, -}) - -mqtt_scan = SubRecord({ - "result": mqtt_scan_response, -}, extends=zgrab2.base_scan_response) - -zschema.registry.register_schema("zgrab2-mqtt", mqtt_scan) -zgrab2.register_scan_response_type("mqtt", mqtt_scan) \ No newline at end of file diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py index 9273387a..7526bb48 100644 --- a/zgrab2_schemas/zgrab2/pptp.py +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -1,5 +1,5 @@ -# zschema sub-schema for zgrab2's MQTT module -# Registers zgrab2-mqtt globally, and mqtt with the main zgrab2 schema. +# zschema sub-schema for zgrab2's PPTP module +# Registers zgrab2-pptp globally, and pptp with the main zgrab2 schema. from zschema.leaves import * from zschema.compounds import * import zschema.registry From 585b3f0b5d618b056cbaab98833410964d9fe41c Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:22:35 -0800 Subject: [PATCH 7/9] python lint --- zgrab2_schemas/zgrab2/pptp.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/zgrab2_schemas/zgrab2/pptp.py b/zgrab2_schemas/zgrab2/pptp.py index 7526bb48..f1aef60e 100644 --- a/zgrab2_schemas/zgrab2/pptp.py +++ b/zgrab2_schemas/zgrab2/pptp.py @@ -7,14 +7,19 @@ from . import zgrab2 # Schema for ScanResults struct -pptp_scan_response = SubRecord({ - "banner": String(), - "control_message": String(), -}) +pptp_scan_response = SubRecord( + { + "banner": String(), + "control_message": String(), + } +) -pptp_scan = SubRecord({ - "result": pptp_scan_response, -}, extends=zgrab2.base_scan_response) +pptp_scan = SubRecord( + { + "result": pptp_scan_response, + }, + extends=zgrab2.base_scan_response, +) zschema.registry.register_schema("zgrab2-pptp", pptp_scan) -zgrab2.register_scan_response_type("pptp", pptp_scan) \ No newline at end of file +zgrab2.register_scan_response_type("pptp", pptp_scan) From 3b73bb3aa60ea578f4ca00dc10e643cadd449450 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:22:53 -0800 Subject: [PATCH 8/9] go lint --- modules/pptp/scanner.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/pptp/scanner.go b/modules/pptp/scanner.go index ad2f27f1..d7bdc91b 100644 --- a/modules/pptp/scanner.go +++ b/modules/pptp/scanner.go @@ -176,4 +176,4 @@ func (s *Scanner) Scan(t zgrab2.ScanTarget) (status zgrab2.ScanStatus, result in pptp.results.ControlMessage = response return zgrab2.SCAN_SUCCESS, &pptp.results, nil -} \ No newline at end of file +} From 1bde83fd979eb334c9fe98e609ff2ea2c5a4e841 Mon Sep 17 00:00:00 2001 From: phillip-stephens Date: Sat, 25 Jan 2025 11:26:07 -0800 Subject: [PATCH 9/9] make test scripts executable --- integration_tests/pptp/cleanup.sh | 0 integration_tests/pptp/setup.sh | 0 integration_tests/pptp/test.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 integration_tests/pptp/cleanup.sh mode change 100644 => 100755 integration_tests/pptp/setup.sh mode change 100644 => 100755 integration_tests/pptp/test.sh diff --git a/integration_tests/pptp/cleanup.sh b/integration_tests/pptp/cleanup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/pptp/setup.sh b/integration_tests/pptp/setup.sh old mode 100644 new mode 100755 diff --git a/integration_tests/pptp/test.sh b/integration_tests/pptp/test.sh old mode 100644 new mode 100755