mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-01 06:19:44 +01:00
BigIP F5: routed domains
Set routed domains to 3 digits, see also https://github.com/drwetter/F5-BIGIP-Decoder/issues/1
This commit is contained in:
parent
61508b1443
commit
9a3b6e334b
@ -1206,13 +1206,13 @@ strip_trailing_space() {
|
|||||||
|
|
||||||
# retrieve cipher from ServerHello (via openssl)
|
# retrieve cipher from ServerHello (via openssl)
|
||||||
get_cipher() {
|
get_cipher() {
|
||||||
awk '/Cipher *:/ { print $3 }' "$1"
|
awk '/Cipher *:/ { a=$3 } END { print a }' "$1"
|
||||||
#awk '/\<Cipher\>/ && !/Cipher is/ && !/^New/ { print $3 }' "$1"
|
#awk '/\<Cipher\>/ && !/Cipher is/ && !/^New/ { print $3 }' "$1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# retrieve protocol from ServerHello (via openssl)
|
# retrieve protocol from ServerHello (via openssl)
|
||||||
get_protocol() {
|
get_protocol() {
|
||||||
awk '/Protocol *:/ { print $3 }' "$1"
|
awk '/Protocol *:/ { a=$3 } END { print a }' "$1"
|
||||||
}
|
}
|
||||||
|
|
||||||
is_number() {
|
is_number() {
|
||||||
@ -2671,7 +2671,7 @@ sub_f5_bigip_check() {
|
|||||||
port="$(f5_port_decode $cookievalue)"
|
port="$(f5_port_decode $cookievalue)"
|
||||||
out "${spaces}F5 cookie (default IPv4 pool member): "; pr_italic "$cookiename "; prln_svrty_medium "${ip}:${port}"
|
out "${spaces}F5 cookie (default IPv4 pool member): "; pr_italic "$cookiename "; prln_svrty_medium "${ip}:${port}"
|
||||||
fileout "cookie_bigip_f5" "MEDIUM" "Information leakage: F5 cookie $cookiename $cookievalue is default IPv4 pool member ${ip}:${port}" "$cve" "$cwe"
|
fileout "cookie_bigip_f5" "MEDIUM" "Information leakage: F5 cookie $cookiename $cookievalue is default IPv4 pool member ${ip}:${port}" "$cve" "$cwe"
|
||||||
elif grep -Eq '^rd[0-9]{1,2}o0{20}f{4}[a-f0-9]{8}o[0-9]{1,5}' <<< "$cookievalue"; then
|
elif grep -Eq '^rd[0-9]{1,3}o0{20}f{4}[a-f0-9]{8}o[0-9]{1,5}' <<< "$cookievalue"; then
|
||||||
routed_domain="$(f5_determine_routeddomain "$cookievalue")"
|
routed_domain="$(f5_determine_routeddomain "$cookievalue")"
|
||||||
offset=$(( 2 + ${#routed_domain} + 1 + 24))
|
offset=$(( 2 + ${#routed_domain} + 1 + 24))
|
||||||
port="${cookievalue##*o}"
|
port="${cookievalue##*o}"
|
||||||
@ -2684,7 +2684,7 @@ sub_f5_bigip_check() {
|
|||||||
port=$(f5_port_decode "$port")
|
port=$(f5_port_decode "$port")
|
||||||
out "${spaces}F5 cookie (default IPv6 pool member): "; pr_italic "$cookiename "; prln_svrty_medium "${ip}:${port}"
|
out "${spaces}F5 cookie (default IPv6 pool member): "; pr_italic "$cookiename "; prln_svrty_medium "${ip}:${port}"
|
||||||
fileout "cookie_bigip_f5" "MEDIUM" "Information leakage: F5 cookie $cookiename $cookievalue is default IPv6 pool member ${ip}:${port}" "$cve" "$cwe"
|
fileout "cookie_bigip_f5" "MEDIUM" "Information leakage: F5 cookie $cookiename $cookievalue is default IPv6 pool member ${ip}:${port}" "$cve" "$cwe"
|
||||||
elif grep -Eq '^rd[0-9]{1,2}o[a-f0-9]{32}o[0-9]{1,5}' <<< "$cookievalue"; then
|
elif grep -Eq '^rd[0-9]{1,3}o[a-f0-9]{32}o[0-9]{1,5}' <<< "$cookievalue"; then
|
||||||
routed_domain="$(f5_determine_routeddomain "$cookievalue")"
|
routed_domain="$(f5_determine_routeddomain "$cookievalue")"
|
||||||
offset=$(( 2 + ${#routed_domain} + 1 ))
|
offset=$(( 2 + ${#routed_domain} + 1 ))
|
||||||
port="${cookievalue##*o}"
|
port="${cookievalue##*o}"
|
||||||
|
Loading…
Reference in New Issue
Block a user