mirror of
https://github.com/ivre/masscanned.git
synced 2025-10-02 06:38:21 +00:00
Add test to highlight bug - protocol parsing state not kept
This commit is contained in:
_Frky
parent
e28ea53b5d
commit
f1368df0de
2 changed files with 85 additions and 8 deletions
|
|
@ -74,6 +74,74 @@ def test_ipv4_tcp_http():
|
||||||
assert tcp.payload.load.startswith(b"HTTP/1.1 401 Unauthorized\n")
|
assert tcp.payload.load.startswith(b"HTTP/1.1 401 Unauthorized\n")
|
||||||
|
|
||||||
|
|
||||||
|
@test
|
||||||
|
def test_ipv4_tcp_http_segmented():
|
||||||
|
sport = 24592
|
||||||
|
dports = [80, 443, 5000, 53228]
|
||||||
|
for dport in dports:
|
||||||
|
seq_init = int(RandInt())
|
||||||
|
syn = (
|
||||||
|
Ether(dst=MAC_ADDR)
|
||||||
|
/ IP(dst=IPV4_ADDR)
|
||||||
|
/ TCP(flags="S", sport=sport, dport=dport, seq=seq_init)
|
||||||
|
)
|
||||||
|
syn_ack = srp1(syn, timeout=1)
|
||||||
|
assert syn_ack is not None, "expecting answer, got nothing"
|
||||||
|
check_ip_checksum(syn_ack)
|
||||||
|
assert TCP in syn_ack, "expecting TCP, got %r" % syn_ack.summary()
|
||||||
|
syn_ack = syn_ack[TCP]
|
||||||
|
assert syn_ack.flags == "SA", "expecting TCP SA, got %r" % syn_ack.flags
|
||||||
|
ack = (
|
||||||
|
Ether(dst=MAC_ADDR)
|
||||||
|
/ IP(dst=IPV4_ADDR)
|
||||||
|
/ TCP(
|
||||||
|
flags="A",
|
||||||
|
sport=sport,
|
||||||
|
dport=dport,
|
||||||
|
seq=seq_init + 1,
|
||||||
|
ack=syn_ack.seq + 1,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
_ = srp1(ack, timeout=1)
|
||||||
|
# request is not complete yet
|
||||||
|
req = (
|
||||||
|
Ether(dst=MAC_ADDR)
|
||||||
|
/ IP(dst=IPV4_ADDR)
|
||||||
|
/ TCP(
|
||||||
|
flags="PA",
|
||||||
|
sport=sport,
|
||||||
|
dport=dport,
|
||||||
|
seq=seq_init + 1,
|
||||||
|
ack=syn_ack.seq + 1,
|
||||||
|
)
|
||||||
|
/ Raw("GET / HTTP/1.1\r\n")
|
||||||
|
)
|
||||||
|
resp = srp1(req, timeout=1)
|
||||||
|
assert resp is not None, "expecting answer, got nothing"
|
||||||
|
check_ip_checksum(resp)
|
||||||
|
assert TCP in resp, "expecting TCP, got %r" % resp.summary()
|
||||||
|
assert resp[TCP].flags == "A"
|
||||||
|
req = (
|
||||||
|
Ether(dst=MAC_ADDR)
|
||||||
|
/ IP(dst=IPV4_ADDR)
|
||||||
|
/ TCP(
|
||||||
|
flags="PA",
|
||||||
|
sport=sport,
|
||||||
|
dport=dport,
|
||||||
|
seq=seq_init + len(req) + 1,
|
||||||
|
ack=syn_ack.seq + 1,
|
||||||
|
)
|
||||||
|
/ Raw("\r\n")
|
||||||
|
)
|
||||||
|
resp = srp1(req, timeout=1)
|
||||||
|
assert resp is not None, "expecting answer, got nothing"
|
||||||
|
check_ip_checksum(resp)
|
||||||
|
assert TCP in resp, "expecting TCP, got %r" % resp.summary()
|
||||||
|
tcp = resp[TCP]
|
||||||
|
assert tcp.flags == "PA"
|
||||||
|
assert tcp.payload.load.startswith(b"HTTP/1.1 401 Unauthorized\n")
|
||||||
|
|
||||||
|
|
||||||
@test
|
@test
|
||||||
def test_ipv4_tcp_http_incomplete():
|
def test_ipv4_tcp_http_incomplete():
|
||||||
sport = 24595
|
sport = 24595
|
||||||
|
|
@ -126,7 +194,7 @@ def test_ipv4_tcp_http_incomplete():
|
||||||
|
|
||||||
@test
|
@test
|
||||||
def test_ipv6_tcp_http():
|
def test_ipv6_tcp_http():
|
||||||
sport = 24592
|
sport = 24594
|
||||||
dports = [80, 443, 5000, 53228]
|
dports = [80, 443, 5000, 53228]
|
||||||
for dport in dports:
|
for dport in dports:
|
||||||
seq_init = int(RandInt())
|
seq_init = int(RandInt())
|
||||||
|
|
@ -213,7 +281,7 @@ def test_ipv6_udp_http():
|
||||||
|
|
||||||
@test
|
@test
|
||||||
def test_ipv4_tcp_http_ko():
|
def test_ipv4_tcp_http_ko():
|
||||||
sport = 24592
|
sport = 24596
|
||||||
dports = [80, 443, 5000, 53228]
|
dports = [80, 443, 5000, 53228]
|
||||||
for dport in dports:
|
for dport in dports:
|
||||||
seq_init = int(RandInt())
|
seq_init = int(RandInt())
|
||||||
|
|
@ -277,7 +345,7 @@ def test_ipv4_udp_http_ko():
|
||||||
|
|
||||||
@test
|
@test
|
||||||
def test_ipv6_tcp_http_ko():
|
def test_ipv6_tcp_http_ko():
|
||||||
sport = 24592
|
sport = 24597
|
||||||
dports = [80, 443, 5000, 53228]
|
dports = [80, 443, 5000, 53228]
|
||||||
for dport in dports:
|
for dport in dports:
|
||||||
seq_init = int(RandInt())
|
seq_init = int(RandInt())
|
||||||
|
|
|
||||||
|
|
@ -56,17 +56,26 @@ def test_rpc_nmap():
|
||||||
result = results[0]
|
result = results[0]
|
||||||
assert len(result["ports"]) == 1, f"Expected 1 port, got {len(result['ports'])}"
|
assert len(result["ports"]) == 1, f"Expected 1 port, got {len(result['ports'])}"
|
||||||
port = result["ports"][0]
|
port = result["ports"][0]
|
||||||
assert port["port"] == 111 and port["protocol"] == (
|
assert port["port"] == 111, f"Expected port 111, got {port['port']}"
|
||||||
|
assert port["protocol"] == (
|
||||||
"tcp" if scan == "S" else "udp"
|
"tcp" if scan == "S" else "udp"
|
||||||
)
|
), f"Unexpected proto {port['protocol']} for scan {scan}"
|
||||||
assert port["service_name"] in {"rpcbind", "nfs"}
|
assert port["service_name"] in {
|
||||||
assert port["service_extrainfo"] in {"RPC #100000", "RPC #100003"}
|
"rpcbind",
|
||||||
|
"nfs",
|
||||||
|
}, f"Unexpected service_name: {port['service_name']}"
|
||||||
|
assert port["service_extrainfo"] in {
|
||||||
|
"RPC #100000",
|
||||||
|
"RPC #100003",
|
||||||
|
}, f"Unexpected service_extrainfo: {port['service_extrainfo']}"
|
||||||
assert (
|
assert (
|
||||||
len(port["scripts"]) == 1
|
len(port["scripts"]) == 1
|
||||||
), f"Expected 1 script, got {len(port['scripts'])}"
|
), f"Expected 1 script, got {len(port['scripts'])}"
|
||||||
script = port["scripts"][0]
|
script = port["scripts"][0]
|
||||||
assert script["id"] == "rpcinfo", "Expected rpcinfo script, not found"
|
assert script["id"] == "rpcinfo", "Expected rpcinfo script, not found"
|
||||||
assert len(script["rpcinfo"]) == 1
|
assert (
|
||||||
|
len(script["rpcinfo"]) == 1
|
||||||
|
), f"Expected 1 rpcinfo, got {len(script['rpcinfo'])}"
|
||||||
|
|
||||||
|
|
||||||
@test
|
@test
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue