The default value for the option --subnets is False, but it seems to be ignored when deciding whether the list of subnets should be retrieved from the Active Directory when creating a list of targets.
$ ./ApacheTomcatScanner.py -C --show-cves-descriptions --tomcat-usernames-file '***' --tomcat-passwords-file '***' -ad '***' -ai '***' -au '***' -ap '***' --debug
Apache Tomcat Scanner v3.5 - by @podalirius_
[debug] Loading CVEs from JSON database ...
[debug] Loaded 170 CVEs!
[debug] Loading targets from computers in the domain '***'
[>] Extracting all computers ...
[+] Found 1725 computers in the domain.
[debug] Loading targets from servers in the domain '***'
[>] Extracting all subnets ...
[+] Found 33 subnets in the domain.
[debug] Target '***' was not added.
[debug] Target '***' was not added.
[+] Targeting 7 ports on 665786 hosts.
[+] Searching for Apache Tomcats servers on specified targets ...
...
In the following code snippet, the script calls get_subnets() as long as domain credentials are provided, regardless of the value of --subnets.
p0dalirius
commented
1 year ago
Hi! :)
The default value for the option
--subnetsisFalse, but it seems to be ignored when deciding whether the list of subnets should be retrieved from the Active Directory when creating a list of targets.In the following code snippet, the script calls
get_subnets()as long as domain credentials are provided, regardless of the value of--subnets.https://github.com/p0dalirius/ApacheTomcatScanner/blob/384f64f3979ed795941f4f9473ea712e542a891d/apachetomcatscanner/__main__.py#L58-L70