From c9698c9a6890523390aabdc99b03526036dacc6e Mon Sep 17 00:00:00 2001 From: Sean Smith Date: Thu, 21 Sep 2023 21:37:37 -0500 Subject: [PATCH 1/2] Add TLS support for fox module --- modules/fox/log.go | 6 ++++++ modules/fox/scanner.go | 29 ++++++++++++++++++++++++++++- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/modules/fox/log.go b/modules/fox/log.go index 3b8c860c..d715d0ba 100644 --- a/modules/fox/log.go +++ b/modules/fox/log.go @@ -1,5 +1,9 @@ package fox +import ( + "github.com/zmap/zgrab2" +) + // FoxLog is the struct returned to the caller. type FoxLog struct { // IsFox should always be true (otherwise, the result should have been nil). @@ -58,4 +62,6 @@ type FoxLog struct { // AuthAgentType corresponds to the "authAgentTypeSpecs" field. AuthAgentType string `json:"auth_agent_type,omitempty"` + + TLSLog *zgrab2.TLSLog `json:"tls,omitempty"` } diff --git a/modules/fox/scanner.go b/modules/fox/scanner.go index a2ac69cb..a2abf241 100644 --- a/modules/fox/scanner.go +++ b/modules/fox/scanner.go @@ -9,6 +9,7 @@ import ( "errors" log "github.com/sirupsen/logrus" "github.com/zmap/zgrab2" + "net" ) // Flags holds the command-line configuration for the fox scan module. @@ -17,6 +18,8 @@ type Flags struct { zgrab2.BaseFlags Verbose bool `long:"verbose" description:"More verbose logging, include debug fields in the scan results"` + UseTLS bool `long:"use-tls" description:"Sends probe with a TLS connection. Loads TLS module command options."` + zgrab2.TLSFlags } // Module implements the zgrab2.Module interface. @@ -98,12 +101,36 @@ func (scanner *Scanner) Protocol() string { // 4. If the response has the Fox response prefix, mark the scan as having detected the service. // 5. Attempt to read any / all of the data fields from the Log struct func (scanner *Scanner) Scan(target zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error) { - conn, err := target.Open(&scanner.config.BaseFlags) + + var ( + conn net.Conn + tlsConn *zgrab2.TLSConnection + err error + ) + + conn, err = target.Open(&scanner.config.BaseFlags) + if scanner.config.UseTLS { + tlsConn, err = scanner.config.TLSFlags.GetTLSConnection(conn) + if err != nil { + return zgrab2.TryGetScanStatus(err), nil, err + } + if err := tlsConn.Handshake(); err != nil { + return zgrab2.TryGetScanStatus(err), nil, err + } + conn = tlsConn + } else { + conn, err = target.Open(&scanner.config.BaseFlags) + } + if err != nil { return zgrab2.TryGetScanStatus(err), nil, err } + defer conn.Close() result := new(FoxLog) + if tlsConn != nil { + result.TLSLog = tlsConn.GetLog() + } err = GetFoxBanner(result, conn) if !result.IsFox { From a735ae8ec9b0773a23d69bbaa18675d5159127ca Mon Sep 17 00:00:00 2001 From: Sean Smith Date: Thu, 21 Sep 2023 21:41:27 -0500 Subject: [PATCH 2/2] Add TLS to the schema --- zgrab2_schemas/zgrab2/fox.py | 1 + 1 file changed, 1 insertion(+) diff --git a/zgrab2_schemas/zgrab2/fox.py b/zgrab2_schemas/zgrab2/fox.py index 7370f5ae..0b567788 100644 --- a/zgrab2_schemas/zgrab2/fox.py +++ b/zgrab2_schemas/zgrab2/fox.py @@ -28,6 +28,7 @@ 'brand_id': String(), 'sys_info': String(), 'agent_auth_type': String(), + "tls": zgrab2.tls_log, }) }, extends=zgrab2.base_scan_response)