search

honoki / bbrf-client

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
MIT License
613 stars 90 forks source link

bbrf listen doesn't handle large number of changes well #88

Closed 0xJeti closed 2 years ago

0xJeti commented 2 years ago

Hi @honoki,

Quite often I'm getting following error when bbrf listen is running and there is some bigger change performed (multiple domains involved etc.):

{"seq":"279880-g1AAAACheJzLYWBgYMpgTmEQTM4vTc5ISXIwNDLXMwBCwxyQVCJDUv3___-zMpiTGJgUl-YCxdiTjVOMjRJNsenBY1IeC5BkaABS_-EGKi8GG2iQaGaQapGMTWsWAB8vKgQ","id":"69.167.164.199",
"changes":[{"rev":"3-84cb819703e4875faa84579fbcbbd510"}],"doc":{"_id":"69.167.164.199","_rev":"3-84cb819703e4875faa84579fbcbbd510","domains":
["xx1.test.com","test.test.com","xx1000.test.com","xx1031.test.com","xx1029.test.com","xx1034.test.com","xx1035.test.com",
"xx1082.test.com","xx1063.test.com","xx110.test.com","xx1207.test.com","xx1057.test.com","xx1220.test.com","xx1101.test.com",
"xx1218.test.com","xx1104.test.com","xx1204.test.com","xx1105.test.com","xx1118.test.com","xx1213.test.com","xx1186.test.com",
"xx1215.test.com","xx1020.test.com","xx1114.test.com","xx1183.test.com","xx1077.test.co
[ERROR] Unterminated string starting at: line 1 column 4082 (char 4081)

I guess the reason is how response from /_changes?feed=continuous;include_docs=true;since= is handled with iter_content(). resp.iter_content() has default limit of 1024 characters so JSON response is cut in the middle. data = json.loads(change) then throws an exception.

                  for chunk in resp.iter_content(None):
                        if chunk:  # filter out keep-alive new chunks
                            chunk = chunk.decode("utf-8")
                            changes = chunk.split('\n')  # make sure we handle individual changes
                            for change in changes:
                                print(change)
                                if(change.startswith('{')):
                                    data = json.loads(change)
0xJeti commented 2 years ago

Changing iter_content() into iter_lines() fixed the issue.

honoki commented 2 years ago

Thanks @0xJeti - I'm running some basic tests and was able to reproduce what you're describing. It seems like your suggestion solves the issue without breaking anything, so I will include this fix in the next release!