Closed R0ckNRolla closed 6 years ago
Can you provide more information about what version you are using?
i'm use last version from git. compile with golang and from you bin folders not work.
Ah, ok. I see one issue:
res, err := client.Do(req)
if err != nil {
m.Lock()
logrus.WithError(err).Errorln("Error occurred while performing POST request")
m.Unlock()
return // this was not here
}
When that wasn't there, we then tried to access the response object which wasn't valid. Will push out a fix shortly. Thanks for reporting that!
This should be fixed — if you could give it a try and let me know if you encounter any issues, that would be appreciated
INFO[0000] Starting webserver on port 132 to catch vulnerable hosts INFO[0000] Worker 1 started
INFO[0000] Sending payload to http://192.168.1.70:7001/wls-wsat/CoordinatorPortType in worker 1 ERRO[0010] Error occurred while performing POST request error="Post http://192.168.1.70:7001/wls-wsat/CoordinatorPortType: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x688b16]
goroutine 6 [running]: github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271.SendRequest(0xc4200164a0, 0x1a, 0xc4200fc000, 0x23e, 0x79f76e, 0x1d, 0x1, 0xc420018580) /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271/request.go:54 +0x4e6 github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271.Worker(0x1, 0xc420018580, 0xc42001e1e0) /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271/workers.go:15 +0x173 created by github.com/kkirsche/CVE-2017-10271/scanners/cmd.glob..func1 /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/cmd/root.go:102 +0x241