ztgrace
commented
6 years ago Are you able to share --debug output? Otherwise using --dryrun might help show differences in the fingerprint targets that get created.
Closed anshumanbh closed 6 years ago
ztgrace
commented
6 years ago Are you able to share --debug output? Otherwise using --dryrun might help show differences in the fingerprint targets that get created.
ztgrace
commented
6 years ago Since you never responded with further details, I'm closing. If it's still an issue, please post the cred files and scanner output to help me debug.
Cheers
Hello,
I noticed there is a bug in the way the resource names are being read to load the YML files.
So, for instance, lets suppose we have 2 YML files - exactly same but the only difference being that the
sslvalue istruein one andfalsein the other.Let's say the names of these YML files are "xyz SSL" and "xyz noSSL".
Let's say we have a target with SSL enabled and invalid cert.
If we run changeme with just the noSSL YML file by specifying the
-nflag as-n "xyz noSSL", fingerprinting is not successful. This is as expected.If we run changeme with just the SSL YML file by specifying the
-nflag as-n "xyz SSL", fingerprinting is successful. This is as expected.Now, if we run changeme with both the YML files by specifying the
-nflag as-n "xyz", it appears as if its loading both YML files and fingerprinting is coming out to be successful with both the ssl and noSSL YML files. The fingerprinting against thenoSSLfile should have failed but its succeeding.So, as per above, there is some discrepancy where specifying an incomplete name like
-n "xyz"is not producing the expected output.Cheers!