Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-02-27 18:11:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2657 from dcooper16/fix_pattern_match

Browse Source 
Fix pattern matches
This commit is contained in:
Dirk Wetter 2025-02-15 14:14:38 +01:00 committed by GitHub
commit 2baaf61cc5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -3370,7 +3370,7 @@ run_cookie_flags() { # ARG1: Path
fi fi
if [[ ! "$HTTP_STATUS_CODE" =~ 20 ]]; then if [[ ! "$HTTP_STATUS_CODE" =~ 20 ]]; then
if [[ "$HTTP_STATUS_CODE" =~ [301|302] ]]; then if [[ "$HTTP_STATUS_CODE" =~ 301|302 ]]; then
msg302=" -- maybe better try target URL of 30x" msg302=" -- maybe better try target URL of 30x"
msg302_=" (30x detected, better try target URL of 30x)" msg302_=" (30x detected, better try target URL of 30x)"
else else
@ -11323,7 +11323,7 @@ run_npn() {
fileout "$jsonID" "INFO" "not offered" fileout "$jsonID" "INFO" "not offered"
else else
# now comes a strange thing: "Protocols advertised by server:" is empty but connection succeeded # now comes a strange thing: "Protocols advertised by server:" is empty but connection succeeded
if [[ "$tmpstr" =~ [h2|spdy|http] ]]; then if [[ "$tmpstr" =~ h2|spdy|http ]]; then
out "$tmpstr" out "$tmpstr"
outln " (advertised)" outln " (advertised)"
fileout "$jsonID" "INFO" "offered with $tmpstr (advertised)" fileout "$jsonID" "INFO" "offered with $tmpstr (advertised)"
@ -16865,7 +16865,7 @@ run_ccs_injection(){
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
fi fi
elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then
if [[ ! "${tls_hello_ascii:5:2}" =~ [03|02|01|00] ]]; then if [[ ! "${tls_hello_ascii:5:2}" =~ 03|02|01|00 ]]; then
pr_warning "test failed " pr_warning "test failed "
out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}" out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint" fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint"