Open ghost opened 6 years ago
Three tasks here:
SCAN_PROTOCOL_ERROR
)INFO
, not DEBU
(and possibly lower the "Failed to detect error" messages' log level further, since this would only be used for internal debugging)@etmatrix I can reproduce the error, except for the part about the output file being empty (see bottom), but since in your case I don't see the scan summary (e.g. [INFO] finished grab at 2018-04-04T10:06:12-04:00
), I'm wondering if it isn't perhaps hung waiting on another host? (Currently zgrab2 has no timeout if one is not specified).
If you add --timeout=1
to your command, does that allow it to finish and populate xxxxx.json
?
For what it's worth, we're adding a default timeout of 10s to zgrab2 (to match the existing behavior), but if that doesn't fix your problem, then we need to investigate that further.
Repro:
bash-3.1$ echo "HTTP/1.0 404 Not Found" | nc -l -p 443 > /dev/null &
[1] 6444
bash-3.1$ echo "127.0.0.1" | cmd/zgrab2/zgrab2 tls --heartbleed --port 443 --output-file=out.json
[INFO] started grab at 2018-04-04T10:06:12-04:00
[DEBU] Failed to detect error from tls: oversized record received with length 20527 at goroutine 28 [running]:
runtime/debug.Stack(0xda67a0, 0xc042cae000, 0xc042030040)
/go/src/runtime/debug/stack.go:24 +0xae
github.com/zmap/zgrab2.TryGetScanStatus(0xda67a0, 0xc042cae000, 0xc042cae000, 0xc0423b2700)
/go/src/github.com/zmap/zgrab2/status.go:92 +0x2c7
github.com/zmap/zgrab2/modules.(*TLSScanner).Scan(0xc0421023e0, 0xc042c96030, 0x10, 0x10, 0x0, 0x0, 0xc0423aa8c0, 0xc04203dca8, 0xc04242bbe0, 0x411b6d, ...)
/go/src/github.com/zmap/zgrab2/modules/tls.go:72 +0xf3
github.com/zmap/zgrab2.RunScanner(0xdb10c0, 0xc0421023e0, 0xc0423ae780, 0xc042c96030, 0x10, 0x10, 0x0, 0x0, 0xa59911, 0x3, ...)
/go/src/github.com/zmap/zgrab2/scanner.go:32 +0xd3
github.com/zmap/zgrab2.grabTarget(0xc042c96030, 0x10, 0x10, 0x0, 0x0, 0xc0423ae780, 0x0, 0x0, 0x0)
/go/src/github.com/zmap/zgrab2/processing.go:92 +0x24c
github.com/zmap/zgrab2.Process.func2(0xc0421532c0, 0xc0423ae780, 0xc042153320, 0xc0422e3b20, 0x9)
/go/src/github.com/zmap/zgrab2/processing.go:159 +0x14a
created by github.com/zmap/zgrab2.Process
/go/src/github.com/zmap/zgrab2/processing.go:152 +0x198
[INFO] finished grab at 2018-04-04T10:06:12-04:00
{"statuses":{"tls":{"successes":0,"failures":1}},"start":"2018-04-04T10:06:12-04:00","end":"2018-04-04T10:06:12-04:00","duration":"14.9922ms"}
bash-3.1$ cat out.json
{"ip":"127.0.0.1","data":{"tls":{"status":"unknown-error","protocol":"tls","result":{"handshake_log":{},"heartbleed_log":{"heartbeat_enabled":false,"heartbleed_vulnerable":false}},"timestamp":"2018-04-04T10:06:12-04:00","error":"tls: oversized record received with length 20527"}}}
[1]+ Done echo "HTTP/1.0 404 Not Found" | nc -l -p 443 >/dev/null
bash-3.1$
I have done a large scan on my network for port 443, not all host which have open port 443 has a web server HTTPS, so zgrab2 give me an error with stack trace but don't log the event in output file. zgrab instead report all errors in output file, very useful for post-processing.
output file xxxx.json is empty with zgrab instead
output file xxxxx.json
I have used golang 1.10 for tests.