Open leoalb opened 5 years ago
afeena
commented
5 years ago Hi @leoalb Tanner api doesn't update real-time. Session is analyzed after expiration, that is why probably you didn't see it in the api. Can you check please if you still have this problem?
leoalb
commented
5 years ago Hello @afeena . Yes, the problem persist, but I think it's only when the attack type is xss, because when the type is cmd_exec the attack_type is ok. could it be possible?.
the log: 2018-09-28 17:30:20 INFO:tanner.server:handle_event: TANNER response {'version': '0.6.0', 'response': {'message': {'detection': {'name': 'xss', 'order': 3, 'payload': {'value': '', 'page': '/index.html'}, 'type': 2, 'version': '0.6.0'}, 'sess_uuid': '5decfcd4-42f5-4b2b-91eb-9f27b4bde082'}}}
json: "...attack_types": []. And the attack_type field on the web for that sess_uuid is empty of course.
Thanks.
Parth1811
commented
4 years ago How can we replicate this, I'm unable to confirm this behavior
ba1ajinaidu
commented
3 years ago Is this issue still valid? It works fine for me
When I intend to recreate a xss attack, tanner.log recognize and tag the attack correctly but tanner api returns "attack_types": [].