From 4c3cdb17fdaa7794dc6aa34363c24d8b9908590e Mon Sep 17 00:00:00 2001 From: d4rckh <35298550+d4rckh@users.noreply.github.com> Date: Thu, 21 Apr 2022 13:03:57 +0300 Subject: [PATCH 1/2] handle ssl verification errors properly --- src/utils/VafHttpClient.nim | 18 ++++-------------- src/vaf.nim | 27 ++++++++++++++++++++------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/src/utils/VafHttpClient.nim b/src/utils/VafHttpClient.nim index cb7e1e5..83be5b3 100644 --- a/src/utils/VafHttpClient.nim +++ b/src/utils/VafHttpClient.nim @@ -10,19 +10,10 @@ import VafLogger proc makeRequest*(url: string, requestType: string, postData: string, headers: HttpHeaders, client: HttpClient): FuzzResponse = var response: Response = nil let time1 = now() - try: - if requestType == "GET": - response = client.request(url, httpMethod = HttpGet, headers = headers) - if requestType == "POST": - response = client.request(url, httpMethod = HttpPost, headers = headers, body = postData) - except SslError: - echo "" - let msg = getCurrentExceptionMsg() - if "certificate verify failed" in msg: - log("error", "SSL Verification failed, you might need to specify a CA root certificate file using '-ca' or ignore SSL verification with '-i'") - else: - log("error", fmt"SSL Error: {msg}") - quit(1) + if requestType == "GET": + response = client.request(url, httpMethod = HttpGet, headers = headers) + if requestType == "POST": + response = client.request(url, httpMethod = HttpPost, headers = headers, body = postData) let time2 = now() return FuzzResponse( content: response.body, @@ -32,4 +23,3 @@ proc makeRequest*(url: string, requestType: string, postData: string, headers: H responseTime: (time2 - time1).inMilliseconds, headers: response.headers ) - \ No newline at end of file diff --git a/src/vaf.nim b/src/vaf.nim index 7d20148..48d1fd5 100644 --- a/src/vaf.nim +++ b/src/vaf.nim @@ -19,7 +19,12 @@ import utils/VafUtils printBanner() +type + VafError = enum + VafSSLVerificationError, VafNoError + var forceExit = false +var lastError: VafError = VafNoError proc handler() {.noconv.} = # this will cause every thread to close its file stream, vaf will close on it's own afterwards @@ -34,7 +39,7 @@ let p = newParser("vaf"): option("-pf", "--prefix", default=some(""), help="The prefixes to append to the word") option("-sf", "--suffix", default=some(""), help="The suffixes to append to the word") option("-t", "--threads", default=some("5"), help="Number of threads") - option("-sc", "--status", default=some("200"), help="The status to filter; to 'any' to print on any status") + option("-sc", "--status", default=some("200, 204, 302, 301, 307, 401"), help="The status to filter; to 'any' to print on any status") option("-g", "--grep", default=some(""), help="Only log if the response body contains the string") option("-ng", "--notgrep", default=some(""), help="Only log if the response body does no contain a string") option("-pd", "--postdata", default=some("{}"), help="Specify POST data; used only if '-m post' is set") @@ -208,7 +213,16 @@ try: while strm.readLine(line) and not forceExit: if threadData.fuzzData.debug: log("debug", "ThreadID: " & $data.threadId & " | " & " fuzzing w/ " & line) - fuzz(line, client, threadData.fuzzData, data.threadId) + try: + fuzz(line, client, threadData.fuzzData, data.threadId) + except SslError: + let msg = getCurrentExceptionMsg() + if "certificate verify failed" in msg: + lastError = VafSSLVerificationError + else: + log("error", fmt"Uncaught SSL Error: {msg}") + forceExit = true + strm.close() var i = 0 @@ -270,9 +284,11 @@ try: cursorUp 1 eraseLine() - if forceExit: log("warn", "Force exit, shutting down all threads...") + if not ( lastError == VafNoError ): + if lastError == VafSSLVerificationError: + log("error", "SSL Verification failed, you might need to specify a CA root certificate file using '-ca' or ignore SSL verification with '-i'") # Wait for all threads to finish joinThreads(threads) @@ -288,14 +304,11 @@ except ShortCircuit as e: echo """Examples: Fuzz URL path, show only responses which returned 200 OK vaf -u https://example.org/ -w path/to/wordlist.txt -sc OK - Fuzz 'User-Agent' header, show only responses which returned 200 OK vaf -u https://example.org/ -w path/to/wordlist.txt -sc OK -H "User-Agent: " - Fuzz POST data, show only responses which returned 200 OK vaf -u https://example.org/ -w path/to/wordlist.txt -sc OK -m POST -H "Content-Type: application/json" -pd '{"username": ""}' - Report bugs: https://github.com/d4rckh/vaf/issues/new/choose """ - quit(0) + quit(0) \ No newline at end of file From dbc1f811824a99a180ff59c05385204c0299f013 Mon Sep 17 00:00:00 2001 From: d4rckh <35298550+d4rckh@users.noreply.github.com> Date: Fri, 22 Apr 2022 12:45:03 +0300 Subject: [PATCH 2/2] Delete nimlint.yml --- .github/workflows/nimlint.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/nimlint.yml diff --git a/.github/workflows/nimlint.yml b/.github/workflows/nimlint.yml deleted file mode 100644 index 51cb116..0000000 --- a/.github/workflows/nimlint.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: nimlint - -on: [pull_request] - -jobs: - nimlint: - name: runner / nimlint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Setup nim - uses: iffy/install-nim@v4.1.1 - - name: Installing packages - run: nimble install -y - - name: Run nim check with reviewdog - uses: reviewdog/action-nimlint@v1.5.1 - with: - github_token: ${{ secrets.github_token }} - reporter: github-pr-review # Change reporter. - src: 'src/*.nim'