Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix uninitialized variables, proper exit if fail2van and friends

Browse Source 
This commit improves assessments of server which decides after
a few connects either to drop all tcp packets or send a tcp
reset, see #1005 . It adds another global MAX_SOCKET_FAIL
(preset to 2) representing a threshold how many bash socket
connections are needed to quite the whole scan. It dramatically
reduces scan time and makes sure that the user is clear that
the scan had a problem and the results at maximum partly useful
(CSV, HTML, JSON). It also writes a valid JSON file.
See also #769.

It also fixes non-initialized variables in ``fileout_json_finding()``
and ``fileout()``
This commit is contained in:
Dirk 2018-03-02 20:39:07 +01:00
parent b1b30b3fb8
commit 080840f655
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
testssl.sh
View File

@ -214,6 +214,7 @@ ALL_CLIENTS=${ALL_CLIENTS:-false} # do you want to run all client simulati
# tuning vars which cannot be set by a cmd line switch # tuning vars which cannot be set by a cmd line switch
EXPERIMENTAL=${EXPERIMENTAL:-false} EXPERIMENTAL=${EXPERIMENTAL:-false}
HEADER_MAXSLEEP=${HEADER_MAXSLEEP:-5} # we wait this long before killing the process to retrieve a service banner / http header HEADER_MAXSLEEP=${HEADER_MAXSLEEP:-5} # we wait this long before killing the process to retrieve a service banner / http header
MAX_SOCKET_FAIL=${MAX_SOCKET_FAIL:-2} # we allow this many failures for tcp sockets before we terminate
MAX_WAITSOCK=${MAX_WAITSOCK:-10} # waiting at max 10 seconds for socket reply. There shouldn't be any reason to change this. MAX_WAITSOCK=${MAX_WAITSOCK:-10} # waiting at max 10 seconds for socket reply. There shouldn't be any reason to change this.
CCS_MAX_WAITSOCK=${CCS_MAX_WAITSOCK:-5} # for the two CCS payload (each). There shouldn't be any reason to change this. CCS_MAX_WAITSOCK=${CCS_MAX_WAITSOCK:-5} # for the two CCS payload (each). There shouldn't be any reason to change this.
HEARTBLEED_MAX_WAITSOCK=${HEARTBLEED_MAX_WAITSOCK:-8} # for the heartbleed payload. There shouldn't be any reason to change this. HEARTBLEED_MAX_WAITSOCK=${HEARTBLEED_MAX_WAITSOCK:-8} # for the heartbleed payload. There shouldn't be any reason to change this.
@ -254,6 +255,7 @@ GIVE_HINTS=false # give an addtional info to findings
SERVER_SIZE_LIMIT_BUG=false # Some servers have either a ClientHello total size limit or a 128 cipher limit (e.g. old ASAs) SERVER_SIZE_LIMIT_BUG=false # Some servers have either a ClientHello total size limit or a 128 cipher limit (e.g. old ASAs)
CHILD_MASS_TESTING=${CHILD_MASS_TESTING:-false} CHILD_MASS_TESTING=${CHILD_MASS_TESTING:-false}
HAD_SLEPT=0 HAD_SLEPT=0
NR_SOCKET_FAIL=0
readonly NPN_PROTOs="spdy/4a2,spdy/3,spdy/3.1,spdy/2,spdy/1,http/1.1" readonly NPN_PROTOs="spdy/4a2,spdy/3,spdy/3.1,spdy/2,spdy/1,http/1.1"
# alpn_protos needs to be space-separated, not comma-seperated, including odd ones observerd @ facebook and others, old ones like h2-17 omitted as they could not be found # alpn_protos needs to be space-separated, not comma-seperated, including odd ones observerd @ facebook and others, old ones like h2-17 omitted as they could not be found
readonly ALPN_PROTOs="h2 spdy/3.1 http/1.1 h2-fb spdy/1 spdy/2 spdy/3 stun.turn stun.nat-discovery webrtc c-webrtc ftp" readonly ALPN_PROTOs="h2 spdy/3.1 http/1.1 h2-fb spdy/1 spdy/2 spdy/3 stun.turn stun.nat-discovery webrtc c-webrtc ftp"
@ -731,6 +733,9 @@ fileout_json_print_parameter() {
fileout_json_finding() { fileout_json_finding() {
local target local target
local finding="$3" # FIXME: dealing with locals and globals in fileout() local finding="$3" # FIXME: dealing with locals and globals in fileout()
local cve="$4"
local cwe="$5"
local hint="$6"
if "$do_json"; then if "$do_json"; then
"$FIRST_FINDING" || echo -n "," >> "$JSONFILE" "$FIRST_FINDING" || echo -n "," >> "$JSONFILE"
@ -838,6 +843,7 @@ fileout_insert_warning() {
# ID, SEVERITY, FINDING, CVE, CWE, HINT # ID, SEVERITY, FINDING, CVE, CWE, HINT
fileout() { fileout() {
local severity="$2" local severity="$2"
local cve="$4"
local cwe="$5" local cwe="$5"
local hint="$6" local hint="$6"
@ -8339,6 +8345,11 @@ fd_socket() {
fi fi
done done
elif ! exec 5<>/dev/tcp/$nodeip/$PORT; then # 2>/dev/null would remove an error message, but disables debugging elif ! exec 5<>/dev/tcp/$nodeip/$PORT; then # 2>/dev/null would remove an error message, but disables debugging
((NR_SOCKET_FAIL++))
if [[ $NR_SOCKET_FAIL -ge $MAX_SOCKET_FAIL ]]; then
[[ $MAX_SOCKET_FAIL -eq 1 ]] && fatal "TCP connect problem" -2
fatal "repeated TCP connect problems, doesn't make sense to continue" -2
fi
outln outln
pr_warning "Unable to open a socket to $NODEIP:$PORT. " pr_warning "Unable to open a socket to $NODEIP:$PORT. "
# It can last ~2 minutes but for for those rare occasions we don't do a timeout handler here, KISS # It can last ~2 minutes but for for those rare occasions we don't do a timeout handler here, KISS