search

sensepost / gowitness

🔍 gowitness - a golang, web screenshot utility using Chrome Headless
GNU General Public License v3.0
3.37k stars 357 forks source link

--fullpage / -F returns `panic: runtime error: invalid memory address or nil pointer dereference` #95

Closed Daviey closed 3 years ago

Daviey commented 3 years ago

Fullpage (via --fullpage or -F creates a panic:

$ gowitness single -F https://github.com                                                                                                                                                                   
20 Mar 2021 10:14:58 INF preflight result statuscode=200 title="GitHub: Where the world builds software · GitHub" url=https://github.com
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0xa4330b]

goroutine 1 [running]:
github.com/sensepost/gowitness/chrome.(*Chrome).Screenshot.func2(0xe22760, 0xc00048e2d0, 0x0, 0x0)
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/chrome/chrome.go:182 +0x8b
github.com/chromedp/chromedp.ActionFunc.Do(0xc0003249a0, 0xe22760, 0xc00048e2d0, 0x0, 0x0)
        /home/dave/go/pkg/mod/github.com/chromedp/chromedp@v0.6.8/chromedp.go:606 +0x3a
github.com/chromedp/chromedp.Tasks.Do(0xc000327bf0, 0x3, 0x3, 0xe22760, 0xc00048e2d0, 0x416a78, 0x30)
        /home/dave/go/pkg/mod/github.com/chromedp/chromedp@v0.6.8/chromedp.go:616 +0x72
github.com/chromedp/chromedp.Tasks.Do(0xc0004a9ba0, 0x1, 0x1, 0xe22760, 0xc00048e2d0, 0xc0000d0000, 0xe22760)
        /home/dave/go/pkg/mod/github.com/chromedp/chromedp@v0.6.8/chromedp.go:616 +0x72
github.com/chromedp/chromedp.Run(0xe22760, 0xc000327b90, 0xc000143ba0, 0x1, 0x1, 0xe22760, 0xc000327b90)
        /home/dave/go/pkg/mod/github.com/chromedp/chromedp@v0.6.8/chromedp.go:274 +0xdb
github.com/sensepost/gowitness/chrome.(*Chrome).Screenshot(0xc000242720, 0xc0001ee7e0, 0x0, 0x0, 0x0, 0x0, 0x0)
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/chrome/chrome.go:171 +0x5ac
github.com/sensepost/gowitness/lib.(*Processor).takeScreenshot(0xc0004a9ce0, 0x0, 0x0)
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/lib/processor.go:126 +0xdf
github.com/sensepost/gowitness/lib.(*Processor).Gowitness(0xc0004a9ce0, 0x0, 0x0)
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/lib/processor.go:60 +0x1b5
github.com/sensepost/gowitness/cmd.glob..func9(0x122c560, 0xc00026a5c0, 0x1, 0x2)
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/cmd/single.go:53 +0x198
github.com/spf13/cobra.(*Command).execute(0x122c560, 0xc00026a5a0, 0x2, 0x2, 0x122c560, 0xc00026a5a0)
        /home/dave/go/pkg/mod/github.com/spf13/cobra@v1.1.3/command.go:856 +0x2c2
github.com/spf13/cobra.(*Command).ExecuteC(0x122bde0, 0xc000000180, 0x200000003, 0xc000000180)
        /home/dave/go/pkg/mod/github.com/spf13/cobra@v1.1.3/command.go:960 +0x375
github.com/spf13/cobra.(*Command).Execute(...)
        /home/dave/go/pkg/mod/github.com/spf13/cobra@v1.1.3/command.go:897
github.com/sensepost/gowitness/cmd.Execute()
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/cmd/root.go:49 +0x31
main.main()
        /home/dave/go/pkg/mod/github.com/sensepost/gowitness@v0.0.0-20210317104528-28a8c776195a/main.go:6 +0x25

Version

Installed via go get

$ gowitness version                                                                                                                                                                                        
gowitness: 2.3.4

git hash: dev
go version: dev
leonjza commented 3 years ago

Does this crash always happen? I just tried the same command a few times (built off the same commit), each being successful.

Daviey commented 3 years ago

Yep, consistent. I've tried the same binary on two machines, same result.

This is the binary built with go get: http://daviey.com/tmp/gowitness

leonjza commented 3 years ago

I just did a go get install on a fresh Kali instance and still can't replicate this.

image

leonjza commented 3 years ago

Also, what version of go are you building with? (go version). I've built on 1.16.2 darwin/amd64 & 1.15.9 linux/amd64 and that seems ok.

Daviey commented 3 years ago

go version go1.16.2 linux/amd64

image

In your screenshot, you don't have the -F / --fullpage flag. The binary works fine for normal, but segfaults every time for fullscreen.

(Thanks for helping to investigate this :) )

leonjza commented 3 years ago

Does docker run --rm -it leonjza/gowitness:latest gowitness single -F https://github.com also crash for you?

image

Daviey commented 3 years ago

Confirmed your docker image worked, and copying the binary to my local system also worked.

I then realised that GOBIN isn't in my PATH on this system, so the previous rebuild after go clean was ineffective (was still using my previous build!).

I can confirm now that the binary built after go clean -modcache does work with -F option.

Apologies for that, and thanks muchly for helping!