error

[R0ckNRolla]

INFO[0000] Starting webserver on port 132 to catch vulnerable hosts INFO[0000] Worker 1 started
INFO[0000] Sending payload to http://192.168.1.70:7001/wls-wsat/CoordinatorPortType in worker 1 ERRO[0010] Error occurred while performing POST request error="Post http://192.168.1.70:7001/wls-wsat/CoordinatorPortType: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x688b16]

goroutine 6 [running]: github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271.SendRequest(0xc4200164a0, 0x1a, 0xc4200fc000, 0x23e, 0x79f76e, 0x1d, 0x1, 0xc420018580) /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271/request.go:54 +0x4e6 github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271.Worker(0x1, 0xc420018580, 0xc42001e1e0) /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/libcve201710271/workers.go:15 +0x173 created by github.com/kkirsche/CVE-2017-10271/scanners/cmd.glob..func1 /usr/lib/go-1.9/src/github.com/kkirsche/CVE-2017-10271/scanners/cmd/root.go:102 +0x241

[kkirsche]

Can you provide more information about what version you are using?

[R0ckNRolla]

i'm use last version from git. compile with golang and from you bin folders not work.

[kkirsche]

Ah, ok. I see one issue:

res, err := client.Do(req)
if err != nil {
    m.Lock()
    logrus.WithError(err).Errorln("Error occurred while performing POST request")
    m.Unlock()
    return // this was not here
}

When that wasn't there, we then tried to access the response object which wasn't valid. Will push out a fix shortly. Thanks for reporting that!

[kkirsche]

This should be fixed — if you could give it a try and let me know if you encounter any issues, that would be appreciated