During handling an RFI request the following exception pop up in the tanner error log and the request is not logged.
Can be reproduced by simply sending a GET request like this: http://127.0.0.1/test?v=http://test.localhost
What I noticed during debugging was that the loop running the handle() method is a different one from the self._loop set during initialization to asyncio.get_event_loop() .
Aside from this exception, it would probably be good to wrap the emulators handle() method into a try except block and return "unknown" as the detection in case of an exception.
2022-02-08 11:05:22 ERROR:aiohttp.server:log_exception: Error handling request
Traceback (most recent call last):
File "/usr/lib/python3.9/site-packages/aiohttp/web_protocol.py", line 435, in _handle_request
resp = await request_handler(request)
File "/usr/lib/python3.9/site-packages/aiohttp/web_app.py", line 504, in _handle
resp = await handler(request)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/server.py", line 58, in handle_event
detection = await self.base_handler.handle(data, session)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/base.py", line 190, in handle
detection = await self.emulate(data, session)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/base.py", line 172, in emulate
detection = await self.handle_get(session, data)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/base.py", line 148, in handle_get
possible_get_detection = await self.get_emulation_result(session, get_data, self.get_emulators)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/base.py", line 120, in get_emulation_result
emulation_result = await self.emulators[detection["name"]].handle(attack_params[detection["name"]], session)
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/rfi.py", line 99, in handle
result = await self.get_rfi_result(attack_params[0]["value"])
File "/usr/lib/python3.9/site-packages/Tanner-0.6.0-py3.9.egg/tanner/emulators/rfi.py", line 80, in get_rfi_result
await asyncio.sleep(1, loop=self._loop)
File "/usr/lib/python3.9/asyncio/tasks.py", line 655, in sleep
return await future
RuntimeError: Task <Task pending name='Task-4351832' coro=<RequestHandler._handle_request() running at /usr/lib/python3.9/site-packages/aiohttp/web_protocol.py:435> cb=[<TaskWakeupMethWrapper object at 0x7f3a74b13ca0>()]> got Future <Future pending> attached to a different loop
Python version: 3.9 tanner version: latest master
During handling an RFI request the following exception pop up in the tanner error log and the request is not logged.
Can be reproduced by simply sending a GET request like this:
http://127.0.0.1/test?v=http://test.localhostWhat I noticed during debugging was that the loop running the
handle()method is a different one from theself._loopset during initialization toasyncio.get_event_loop().Aside from this exception, it would probably be good to wrap the emulators handle() method into a try except block and return "unknown" as the detection in case of an exception.