search

urbanadventurer / WhatWeb

Next generation web scanner
https://www.morningstarsecurity.com/research/whatweb
GNU General Public License v2.0
5.5k stars 904 forks source link

ASP.NET plugin causes error when logging to Mongo #62

Closed coffeetocode closed 12 years ago

coffeetocode commented 12 years ago

Hitting a site that triggers the ASP.NET plugin causes an error when logging to mongo, due to the "." in the plugin name. Changing it to ASPDOTNET fixes that. I'm staging a pull request that impliments that.

(for the run below I've added code to print the error and backtrace to whatweb.rb)

$ whatweb --aggression 1 --log-mongo-database test --log-mongo-collection whatwebtest --log-mongo-host localhost http://msn.com http://msn.com [301] Charset[ASCII], HTTPServer[Microsoft-IIS/6.0], ASP.NET, RedirectLocation[http://www.msn.com/], UncommonHeaders[s], IP[65.55.206.203], X-Powered-By[ASP.NET], Microsoft-IIS[6.0], Title[Document Moved], Country[UNITED STATES][US] Error: Logging failed for http://msn.com ASP.NET - key must not contain '.'

["/var/lib/gems/1.8/gems/bson-1.5.2/lib/bson/bson_c.rb:24:in serialize'", "/var/lib/gems/1.8/gems/bson-1.5.2/lib/bson/bson_c.rb:24:inserialize'", "/var/lib/gems/1.8/gems/mongo-1.5.2/lib/mongo/collection.rb:940:in insert_documents'", "/var/lib/gems/1.8/gems/mongo-1.5.2/lib/mongo/collection.rb:939:ineach'", "/var/lib/gems/1.8/gems/mongo-1.5.2/lib/mongo/collection.rb:939:in insert_documents'", "/var/lib/gems/1.8/gems/mongo-1.5.2/lib/mongo/collection.rb:343:ininsert'", "/home/ubuntu/malware_factors/tools/whatweb/whatweb-0.4.7/lib/output.rb:669:in out'", "whatweb/whatweb-0.4.7/whatweb:1306", "whatweb/whatweb-0.4.7/whatweb:1304:ineach'", "whatweb/whatweb-0.4.7/whatweb:1304", "whatweb/whatweb-0.4.7/whatweb:1213:in initialize'", "whatweb/whatweb-0.4.7/whatweb:1213:innew'", "whatweb/whatweb-0.4.7/whatweb:1213"]

bcoles commented 12 years ago

Thanks coffeetocode. If a dot in the plugin name is the cause then it looks like we might have to change a few.

$ ls plugins  | grep -i "\..*\.rb"
ABO.CMS.rb
Acme.Serve.rb
AllNewsManager.NET.rb
ASP.NET.rb
ASPThai.Net-Webboard.rb
AxCMS.net.rb
BAB.Stats.rb
BlogEngine.NET.rb
crossdomain.xml.rb
Cyn.in.rb
FreeJoomlas.com.rb
i.LON-SmartServer.rb
Quick.Cms.rb
robots.txt.rb
sabros.us.rb
Tine-2.0.rb
UrlRewriter.NET.rb
coffeetocode commented 12 years ago

Agreed. Might be worth putting a quick check of registered_plugins at the bottom of PluginSupport.load_plugins so that new plugin writers don't stub their toe on it in the future:

Something like this acceptable? (I've tried to keep to existing style)

    mongo_incompatible_plugins  = Plugin.registered_plugins.find_all {|n,p| n =~ /.*[.].*/ }
    unless mongo_incompatible_plugins.empty?
        puts "Error: The following plugins contain a \".\" in their name and will cause problems logging to Mongo DB: " + mongo_incompatible_plugins.map {|n,p| n}.join(", ")
    end

Currently produces: $ ruby whatweb example.com Error: The following plugins contain a "." in their name and will cause problems logging to Mongo DB: ABO.CMS, Acme.Serve, AllNewsManager.NET, ASPThai.Net-Webboard, Avaya-IP-Office.rb, AxCMS.net, BAB.Stats, BlogEngine.NET, Cisco-IP-Phone.rb, crossdomain.xml, Cyn.in, FreeJoomlas.com, i.LON-SmartServer, Quick.Cms, robots.txt, sabros.us, Tine-2.0, UrlRewriter.NET [...]

bcoles commented 12 years ago

Good idea. I'll implement something similair soon (unless you beat me to it).

In regards to the plugin names, I'd prefer replacing . with a - or _ rather than DOT for the sake of readability.