Closed yoursecurity closed 9 years ago
I think the token handling accidentally gets the raw
, and then the token is never actually set. Thereafter, the requests fail because of that. Shouldn't be too hard to fix actually (assuming I am correct).
I think this will also only occur if the first call after a new instantiation is called with the raw flag to true
. The reason it works fine with say a report export is because the first few calls (that triggered the need for a new token) was called without it, and that original token is reused later.
Hi Leon, I was just going to add comment that I fixed it replacing line 168 of file Call.php from
if ($scope->raw)
to
if (!empty($cookie_header) && $scope->raw)
to avoid the first call that generate the token inherits the raw flag.
Thanks! Marco
On 25-11-2014 15:47, Leon Jacobs wrote:
I think this will also only occur if the first call after a new instantiation is called with the raw flag to true. The reason it works fine with say a report export is because the first few calls (that triggered the need for a new token) was called without it, and that original token is reused later.
Reply to this email directly or view it on GitHub [1].
*
Links:
[1] https://github.com/leonjza/PHPNessusNG/issues/10#issuecomment-64409543
Great! I'll do a fix for this after I have had a bit of a think about how the token is handled in general. :)
v1.0.3 Should have this fixed :)
works fine thanks ;-)!
On 26-11-2014 06:16, Leon Jacobs wrote:
v1.0.3 Should have this fixed :)
Reply to this email directly or view it on GitHub [1].
*
Links:
[1] https://github.com/leonjza/PHPNessusNG/issues/10#issuecomment-64516247
during my test i am experiencing a weird behavior; if I use the "standard" api
$nessus = new Nessus\Client($nessus_user, $nessus_pass, $nessus_host); $scans = $nessus->scans()->via('get'); var_dump($scans);
it works fine but instead if I ask for the raw contents in the "via" function
$nessus = new Nessus\Client($nessus_user, $nessus_pass, $nessus_host); $scans = $nessus->scans()->via('get', true); var_dump($scans);
I get an authentication (403) error:
PHP Notice: Trying to get property of non-object in /XXXXXXX/vendor/leonjza/php-nessus-ng/src/Nessus/Nessus/Call.php on line 65 Client error response [status code] 403 [reason phrase] Unauthorized [url] https://localhost:8834/scans/