Dalfox cleanup fix, piggyback: more Nuclei translations (#1471)

artemis/cleanup.py

@@ -13,7 +13,8 @@
 logger = utils.build_logger(__name__)
 
 DONT_CLEANUP_TASKS_FRESHER_THAN__DAYS = 3
-DELAY_BETWEEN_CLEANUPS__SECONDS = 24 * 3600
+DELAY_BETWEEN_CLEANUPS__SECONDS = 4 * 3600
+OLD_MODULES = ["dalfox"]
 
 
 def _cleanup_tasks_not_in_queues() -> None:
@@ -43,18 +44,18 @@ def _cleanup_tasks_not_in_queues() -> None:
             continue
 
         task = json.loads(value)
-        if datetime.datetime.utcfromtimestamp(task["last_update"]) < datetime.datetime.now() - datetime.timedelta(
-            days=DONT_CLEANUP_TASKS_FRESHER_THAN__DAYS
+        if (
+            datetime.datetime.utcfromtimestamp(task["last_update"])
+            < datetime.datetime.now() - datetime.timedelta(days=DONT_CLEANUP_TASKS_FRESHER_THAN__DAYS)
+            or task.get("headers", {}).get("receiver", "") in OLD_MODULES
         ):
             num_tasks_cleaned_up += 1
             backend.redis.delete(key)
     logger.info("Tasks cleaned up: %d", num_tasks_cleaned_up)
 
 
 def _cleanup_queues() -> None:
-    old_modules = ["dalfox"]
-
-    for old_module in old_modules:
+    for old_module in OLD_MODULES:
 
         class KartonDummy(Consumer):
             identity = old_module
@@ -76,6 +77,7 @@ def loop(self) -> None:
 
                     self.log.info("Processed task: %s", task.uid)
                     self.internal_process(task)
+                self.backend.delete_consumer_queues(self.identity)
 
         karton = KartonDummy(config=KartonConfig())
         karton.loop()

artemis/config.py

@@ -708,6 +708,7 @@ class Nuclei:
                         "http/vulnerabilities/other/turbocrm-xss.yaml",
                         "http/vulnerabilities/other/wems-manager-xss.yaml",
                         "http/vulnerabilities/wordpress/wp-touch-redirect.yaml",
+                        "http/fuzzing/iis-shortname.yaml",
                     ]
                 ),
                 cast=decouple.Csv(str),

artemis/reporting/modules/nuclei/translations/nuclei_messages/pl_PL.py

@@ -998,6 +998,8 @@
     "Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.": "Redwood Report2Web 4.3.4.5 i 4.5.3 zawiera podatność "
     + REFLECTED_XSS_DESCRIPTION
     + UPDATE_HINT,
+    "Attempts to show all variables on a MySQL server.": "Wykryto, że serwer MySQL umożliwia logowanie prostym hasłem.",
+    "Enrollment System Project V1.0, developed by Sourcecodester, has been found to be vulnerable to SQL Injection (SQLI) attacks. This vulnerability allows an attacker to manipulate the SQL queries executed by the application. The system fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code. By exploiting this vulnerability, an attacker can bypass authentication and gain unauthorized access to the system.": "Enrollment System Project V1.0 zawiera podatność SQL Injection umożliwiającą atakującemu nieuprawniony dostęp do systemu.",
     "Checks for MySQL servers with an empty password for root or anonymous.": "Wykryto serwer MySQL do którego można zalogować się pustym hasłem.",
     "WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument.": "Wtyczka WordPress o nazwie WooCommerce w wersji poniżej 3.1.2 umożliwia atakującemu nieuprawnione uruchamianie niektórych funkcji w systemie."
     + WORDPRESS_UPDATE_HINT,