Saving reports - Open ports

[stephanie0x00]

Seems to be fixed when running a new make reset. Maybe a race condition?

Normal report:

• Open Ports for mispo.es show incorrect ports. Only 53 is shown, while 22, 23, 80, 443 and 3306 should also be shown. The normalizer output shows that these objects are found.

Output RAW files:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Tue Jun 25 06:31:36 2024 as: nmap -&#45;open -T4 -Pn -r -v10 -sV -sS -&#45;top-ports 250 -oX - 134.209.85.72 -->
<nmaprun scanner="nmap" args="nmap -&#45;open -T4 -Pn -r -v10 -sV -sS -&#45;top-ports 250 -oX - 134.209.85.72" start="1719297096" startstr="Tue Jun 25 06:31:36 2024" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="250" services="1,3,7,9,13,17,19-26,33,37,42,53,79-82,88,100,106,110-111,113,119,135,139,143-144,161,179,199,222,254-255,264,280,311,389,407,427,443-445,464-465,497,500,512-515,543-544,548,554,563,587,593,625,631,636,646,787,808,873,888,902,990,992-993,995,999-1000,1022-1044,1048-1050,1053-1054,1056,1058-1059,1064-1066,1068-1069,1071,1074,1080,1110-1111,1218,1234,1352,1433,1494,1521,1700,1717,1720,1723,1755,1761,1801,1900,1935,1998,2000-2010,2049,2065,2103,2105,2107,2121,2161,2301,2383,2401,2601-2602,2701,2717,2869,2967,3000-3001,3052,3128,3260,3268-3269,3306,3389,3689-3690,3703,3986,4000-4001,4045,4444,4662,4899,5000-5001,5003,5009,5050-5051,5060,5101,5120,5190,5357,5432,5550,5555,5631,5666,5800-5801,5900-5901,6000-6002,6004,6112,6543,6646,6666,7000-7001,7019,7070,7100,7937-7938,8000,8002,8008-8010,8031,8080-8082,8443,8888,9000-9001,9090,9100,9102,9999-10001,10010,15000,32768,32770-32772,42510,49152-49157,50000-50001"/>
<verbose level="10"/>
<debugging level="0"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1719297097"/>
<taskend task="Parallel DNS resolution of 1 host." time="1719297097"/>
<taskbegin task="SYN Stealth Scan" time="1719297097"/>
<taskend task="SYN Stealth Scan" time="1719297099" extrainfo="250 total ports"/>
<taskbegin task="Service scan" time="1719297099"/>
<taskend task="Service scan" time="1719297111" extrainfo="5 services on 1 host"/>
<taskbegin task="NSE" time="1719297111"/>
<taskend task="NSE" time="1719297111"/>
<taskbegin task="NSE" time="1719297111"/>
<taskend task="NSE" time="1719297111"/>
<host starttime="1719297097" endtime="1719297111"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="134.209.85.72" addrtype="ipv4"/>
<hostnames>
</hostnames>
<ports><extraports state="filtered" count="242">
<extrareasons reason="no-response" count="242" proto="tcp" ports="1,3,7,9,13,17,19-21,24-26,33,37,42,79,81-82,88,100,106,111,113,119,135,139,144,161,179,199,222,254-255,264,280,311,389,407,427,444-445,464-465,497,500,512-515,543-544,548,554,563,587,593,625,631,636,646,787,808,873,888,902,990,992-993,995,999-1000,1022-1044,1048-1050,1053-1054,1056,1058-1059,1064-1066,1068-1069,1071,1074,1080,1110-1111,1218,1234,1352,1433,1494,1521,1700,1717,1720,1723,1755,1761,1801,1900,1935,1998,2000-2010,2049,2065,2103,2105,2107,2121,2161,2301,2383,2401,2601-2602,2701,2717,2869,2967,3000-3001,3052,3128,3260,3268-3269,3389,3689-3690,3703,3986,4000-4001,4045,4444,4662,4899,5000-5001,5003,5009,5050-5051,5060,5101,5120,5190,5357,5432,5550,5555,5631,5666,5800-5801,5900-5901,6000-6002,6004,6112,6543,6646,6666,7000-7001,7019,7070,7100,7937-7938,8000,8002,8008-8010,8031,8080-8082,8443,8888,9000-9001,9090,9100,9102,9999-10001,10010,15000,32768,32770-32772,42510,49152-49157,50000-50001"/>
</extraports>
<extraports state="closed" count="3">
<extrareasons reason="reset" count="3" proto="tcp" ports="23,110,143"/>
</extraports>
<port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="55"/><service name="ssh" product="OpenSSH" version="8.4p1 Debian 5+deb11u3" extrainfo="protocol 2.0" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:8.4p1</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service></port>
<port protocol="tcp" portid="53"><state state="open" reason="syn-ack" reason_ttl="55"/><service name="domain" product="ISC BIND" version="9.16.48" extrainfo="Debian Linux" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:isc:bind:9.16.48</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service></port>
<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="55"/><service name="http" product="nginx" version="1.18.0" method="probed" conf="10"><cpe>cpe:/a:igor_sysoev:nginx:1.18.0</cpe></service></port>
<port protocol="tcp" portid="443"><state state="open" reason="syn-ack" reason_ttl="55"/><service name="http" product="nginx" version="1.18.0" tunnel="ssl" method="probed" conf="10"><cpe>cpe:/a:igor_sysoev:nginx:1.18.0</cpe></service></port>
<port protocol="tcp" portid="3306"><state state="open" reason="syn-ack" reason_ttl="55"/><service name="mysql" product="MySQL" extrainfo="unauthorized" method="probed" conf="10"><cpe>cpe:/a:mysql:mysql</cpe></service></port>
</ports>
<times srtt="14085" rttvar="5091" to="100000"/>
</host>
<runstats><finished time="1719297111" timestr="Tue Jun 25 06:31:51 2024" summary="Nmap done at Tue Jun 25 06:31:51 2024; 1 IP address (1 host up) scanned in 14.93 seconds" elapsed="14.93" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

{"id": "7c52b2e4-ee86-4c64-9747-4cd999e91d93", "boefje_meta": {"id": "e591587d-0886-4068-9958-f40e8c437eff", "started_at": "2024-06-25T06:31:24.442167Z", "ended_at": "2024-06-25T06:31:52.046634Z", "boefje": {"id": "nmap", "version": null}, "input_ooi": "IPAddressV4|internet|134.209.85.72", "arguments": {"oci_arguments": ["--open", "-T4", "-Pn", "-r", "-v10", "-sV", "-sS"], "input": {"object_type": "IPAddressV4", "scan_profile": "scan_profile_type='inherited' reference=Reference('IPAddressV4|internet|134.209.85.72') level=<ScanLevel.L3: 3>", "primary_key": "IPAddressV4|internet|134.209.85.72", "address": "134.209.85.72", "network": {"name": "internet"}, "netblock": "None"}}, "organization": "aa", "runnable_hash": null, "environment": {}}, "mime_types": [{"value": "boefje/nmap"}], "secure_hash": "sha512:03126cc7110e1200fd654c17847241c438c70a4d0b4334ddcb1a84c6ec88e46cdc3ceb180f60aaf5191aa0442932c86c100aff5b26cf2d821c03992ad434bea1", "signing_provider_url": null, "hash_retrieval_link": "851440a4-096c-47d4-96f3-dda52b483496"}

Observing all IP port objects on the Object page shows that only port 53 is created.

[stephanie0x00]

Duplicate of #2875