search

Fraunhofer-AISEC / gallia

Extendable Pentesting Framework
https://fraunhofer-aisec.github.io/gallia/
Apache License 2.0
126 stars 23 forks source link

Session check in scan_identifiers shows slight misbehaviour #49

Open rumpelsepp opened 2 years ago

rumpelsepp commented 2 years ago

Starting scan_identifiers.py with --check-session 3was intended to check the session after every 3rd request. For service 0x31 the current implementation checks for every third identifier, which results in the following:

Mar 16 22:45:22.066 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.076 {gallia  } [message ]: 0xfff9: requestOutOfRange
Mar 16 22:45:22.086 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.096 {gallia  } [message ]: 0xfff9: requestOutOfRange
Mar 16 22:45:22.106 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.116 {gallia  } [message ]: 0xfff9: requestOutOfRange
Mar 16 22:45:22.126 {gallia  } [message ]: 0xfffa: requestOutOfRange
Mar 16 22:45:22.137 {gallia  } [message ]: 0xfffa: requestOutOfRange
Mar 16 22:45:22.146 {gallia  } [message ]: 0xfffa: requestOutOfRange
Mar 16 22:45:22.157 {gallia  } [message ]: 0xfffb: requestOutOfRange
Mar 16 22:45:22.167 {gallia  } [message ]: 0xfffb: requestOutOfRange
Mar 16 22:45:22.176 {gallia  } [message ]: 0xfffb: requestOutOfRange
Mar 16 22:45:22.187 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.197 {gallia  } [message ]: 0xfffc: requestOutOfRange
Mar 16 22:45:22.207 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.217 {gallia  } [message ]: 0xfffc: requestOutOfRange
Mar 16 22:45:22.226 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.236 {gallia  } [message ]: 0xfffc: requestOutOfRange
Mar 16 22:45:22.246 {gallia  } [message ]: 0xfffd: requestOutOfRange
Mar 16 22:45:22.256 {gallia  } [message ]: 0xfffd: requestOutOfRange
Mar 16 22:45:22.266 {gallia  } [message ]: 0xfffd: requestOutOfRange
Mar 16 22:45:22.276 {gallia  } [message ]: 0xfffe: requestOutOfRange
Mar 16 22:45:22.286 {gallia  } [message ]: 0xfffe: requestOutOfRange
Mar 16 22:45:22.296 {gallia  } [message ]: 0xfffe: requestOutOfRange
Mar 16 22:45:22.306 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.316 {gallia  } [message ]: 0xffff: requestOutOfRange
Mar 16 22:45:22.326 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.336 {gallia  } [message ]: 0xffff: requestOutOfRange
Mar 16 22:45:22.346 {ecu     } [message ]: Read current session not supported: requestOutOfRange, skipping check_session
Mar 16 22:45:22.356 {gallia  } [message ]: 0xffff: requestOutOfRange

Maybe we want to change this to every identifier, but only one sub-function instead.

/cc @ferdinandjarisch

stale[bot] commented 3 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.