search

sensepost / gowitness

🔍 gowitness - a golang, web screenshot utility using Chrome Headless
GNU General Public License v3.0
2.87k stars 329 forks source link

invalid memory address or nil pointer dereference #24

Closed 0xibram closed 4 years ago

0xibram commented 4 years ago

gowitness constantly gives the following error after updating to 1.1.0

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x38 pc=0x14093c6]

goroutine 5183 [running]:
github.com/sensepost/gowitness/utils.getPageTitle(0xc0001bee70, 0xc000ae4d98, 0x100e448)
    /Users/leonjza/Documents/git/gowitness/utils/processor.go:124 +0xa6
github.com/sensepost/gowitness/utils.getPageTitle(0xc0001bee00, 0xc000ae4de0, 0x138c945)
    /Users/leonjza/Documents/git/gowitness/utils/processor.go:128 +0x7a
github.com/sensepost/gowitness/utils.getPageTitle(0xc0001bed90, 0x0, 0x0)
    /Users/leonjza/Documents/git/gowitness/utils/processor.go:128 +0x7a
github.com/sensepost/gowitness/utils.getPageTitle(0xc0001becb0, 0xc000c0d0a0, 0xc0001becb0)
    /Users/leonjza/Documents/git/gowitness/utils/processor.go:128 +0x7a
github.com/sensepost/gowitness/utils.ProcessURL(0xc000121480, 0x1b62de0, 0x1b60bb0, 0x9)
    /Users/leonjza/Documents/git/gowitness/utils/processor.go:47 +0x51c
github.com/sensepost/gowitness/cmd.glob..func1.1(0xc00021e500, 0xc000241ac0, 0xc0002446c0, 0xc000121480)
    /Users/leonjza/Documents/git/gowitness/cmd/file.go:94 +0x8a
created by github.com/sensepost/gowitness/cmd.glob..func1
    /Users/leonjza/Documents/git/gowitness/cmd/file.go:90 +0x5ec
leonjza commented 4 years ago

I am having trouble replicating this. It looks like the page title grabber is failing, but I am not sure why yet. I tested with malformed HTML, empty HTML and HTML without a <title> tag but could not replicate the crash.

Since the stack trace hints towards you using the file command, any chance you could share contents of your source file? Otherwise, if you could generate an endpoint on https://httpbin.org/ that replicates this that would be awesome too.

leonjza commented 4 years ago

Nvm, just managed to replicate it. Fix incoming.

BBerastegui commented 4 years ago

Latest version with the same problem when hitting pages that are returning just a JSON string (for example).

(...)
ERRO[2020-01-25 12:57:55] Screenshot failed                             destination=https-REDACTED.com.png err="exit status 1" url="https://REDACTED/"
panic: runtime error: invalid memory address or nil pointer dereference
(...)

The page returned this when using curl:

> GET / HTTP/1.1
> Host: REDACTED.com
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: application/json
< Client-IP: REDACTED
< GatewayMessage: error
< WWW-Authenticate: Bearer
< X-Backside-Transport: FAIL FAIL
< Connection: close
<
* TLSv1.2 (IN), TLS alert, close notify (256):
* Closing connection 1
* TLSv1.2 (OUT), TLS alert, close notify (256):
{ "ServiceStatus":{ "StatusType":"Error", "ServiceCode":"", "ServiceName":"
(REDACTED)
 "InnerException":"", "ServerName":"" }
BBerastegui commented 4 years ago

Same crash with pages with this kind of response:

> GET / HTTP/1.1
> Host: REDACTED.com
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Vary: Accept-Encoding
< P3P: CP="CAO PSA OUR"
< Content-Type: text/html;charset=ISO-8859-1
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Length: 0
< Set-Cookie: sess=!p7(REDACTED)gnk=; path=/
<
leonjza commented 4 years ago

Any stack trace when it crashes?

BBerastegui commented 4 years ago 
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x7fe555]

goroutine 12 [running]:
github.com/tidwall/buntdb.(*Tx).lock(0xc00028aec0)
        /go/pkg/mod/github.com/tidwall/buntdb@v0.0.0-20170824144000-b67b1b8c1658/buntdb.go:1068 +0x65
github.com/tidwall/buntdb.(*DB).Begin(0x0, 0xc000102501, 0x1, 0xc000300b50, 0x5cbc67)
        /go/pkg/mod/github.com/tidwall/buntdb@v0.0.0-20170824144000-b67b1b8c1658/buntdb.go:1047 +0x61
github.com/tidwall/buntdb.(*DB).managed(0x0, 0xc000300c01, 0xc000300c70, 0x0, 0x0)
        /go/pkg/mod/github.com/tidwall/buntdb@v0.0.0-20170824144000-b67b1b8c1658/buntdb.go:919 +0x57
github.com/tidwall/buntdb.(*DB).Update(...)
        /go/pkg/mod/github.com/tidwall/buntdb@v0.0.0-20170824144000-b67b1b8c1658/buntdb.go:964
github.com/sensepost/gowitness/storage.(*Storage).SetHTTPData(0xf5af30, 0xc0001ae500)
        /src/storage/storage.go:64 +0x506
github.com/sensepost/gowitness/utils.ProcessURL(0xc000022f80, 0xf5d0e0, 0xf5af30, 0x3)
        /src/utils/processor.go:115 +0x20b4
github.com/sensepost/gowitness/cmd.glob..func1.1(0xc00000f7e0, 0xc000027980, 0xc0001b03c0, 0xc000022f80)
        /src/cmd/file.go:96 +0x8a
created by github.com/sensepost/gowitness/cmd.glob..func1
        /src/cmd/file.go:92 +0x5fe
leonjza commented 4 years ago

Thanks. This does not look like the same crash as OP though. Will create a new ticket for it.