Merge pull request #2086 from blacklanternsecurity/misc-bugfixes

Misc bugfixes

bbot/cli.py

@@ -260,9 +260,7 @@ async def akeyboard_listen():
     finally:
         # save word cloud
         with suppress(BaseException):
-            save_success, filename = scan.helpers.word_cloud.save()
-            if save_success:
-                log_to_stderr(f"Saved word cloud ({len(scan.helpers.word_cloud):,} words) to {filename}")
+            scan.helpers.word_cloud.save()
         # remove output directory if empty
         with suppress(BaseException):
             scan.home.rmdir()

bbot/modules/output/mysql.py

@@ -3,7 +3,11 @@
 
 class MySQL(SQLTemplate):
     watched_events = ["*"]
-    meta = {"description": "Output scan data to a MySQL database", "created_date": "2024-11-13", "author": "@TheTechromancer"}
+    meta = {
+        "description": "Output scan data to a MySQL database",
+        "created_date": "2024-11-13",
+        "author": "@TheTechromancer",
+    }
     options = {
         "username": "root",
         "password": "bbotislife",

bbot/scanner/scanner.py

@@ -124,6 +124,7 @@ def __init__(
         self.duration_seconds = None
 
         self._success = False
+        self._scan_finish_status_message = None
 
         if scan_id is not None:
             self.id = str(scan_id)
@@ -425,14 +426,19 @@ async def async_start(self):
 
             self._stop_log_handlers()
 
+            if self._scan_finish_status_message:
+                log_fn = self.hugesuccess
+                if self.status.startswith("ABORT"):
+                    log_fn = self.hugewarning
+                elif not self._success:
+                    log_fn = self.critical
+                log_fn(self._scan_finish_status_message)
+
     async def _mark_finished(self):
-        log_fn = self.hugesuccess
         if self.status == "ABORTING":
             status = "ABORTED"
-            log_fn = self.hugewarning
         elif not self._success:
             status = "FAILED"
-            log_fn = self.critical
         else:
             status = "FINISHED"
 
@@ -441,9 +447,9 @@ async def _mark_finished(self):
         self.duration_seconds = self.duration.total_seconds()
         self.duration_human = self.helpers.human_timedelta(self.duration)
 
-        status_message = f"Scan {self.name} completed in {self.duration_human} with status {status}"
+        self._scan_finish_status_message = f"Scan {self.name} completed in {self.duration_human} with status {status}"
 
-        scan_finish_event = self.finish_event(status_message, status)
+        scan_finish_event = self.finish_event(self._scan_finish_status_message, status)
 
         # queue final scan event with output modules
         output_modules = [m for m in self.modules.values() if m._type == "output" and m.name != "python"]
@@ -457,7 +463,6 @@ async def _mark_finished(self):
             await asyncio.sleep(0.05)
 
         self.status = status
-        log_fn(status_message)
         return scan_finish_event
 
     def _start_modules(self):

bbot/scanner/target.py

@@ -101,7 +101,7 @@ def add(self, targets):
                 events.add(event)
 
         # sort by host size to ensure consistency
-        events = sorted(events, key=lambda e: (0 if not e.host else host_size_key(e.host)))
+        events = sorted(events, key=lambda e: ((0, 0) if not e.host else host_size_key(e.host)))
         for event in events:
             self.events.add(event)
             self._add(event.host, data=event)

bbot/test/test_step_1/test_target.py

@@ -2,7 +2,7 @@
 
 
 @pytest.mark.asyncio
-async def test_target(bbot_scanner):
+async def test_target_basic(bbot_scanner):
     from radixtarget import RadixTarget
     from ipaddress import ip_address, ip_network
     from bbot.scanner.target import BBOTTarget, ScanSeeds
@@ -245,6 +245,17 @@ async def test_target(bbot_scanner):
         assert len(events) == 3
         assert {e.type for e in events} == {"SCAN", "USERNAME"}
 
+    # users + orgs + domains
+    scan = bbot_scanner("USER:evilcorp", "ORG:evilcorp", "evilcorp.com")
+    await scan.helpers.dns._mock_dns(
+        {
+            "evilcorp.com": {"A": ["1.2.3.4"]},
+        },
+    )
+    events = [e async for e in scan.async_start()]
+    assert len(events) == 5
+    assert {e.type for e in events} == {"SCAN", "USERNAME", "ORG_STUB", "DNS_NAME"}
+
     # verify hash values
     bbottarget = BBOTTarget(
         "1.2.3.0/24",

docs/release_history.md

@@ -1,47 +1,51 @@
+### 2.2.0 - Nov 18, 2024
+- [https://github.com/blacklanternsecurity/bbot/pull/1919](https://github.com/blacklanternsecurity/bbot/pull/1919)
+
 ### 2.1.2 - Nov 1, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1909
+- [https://github.com/blacklanternsecurity/bbot/pull/1909](https://github.com/blacklanternsecurity/bbot/pull/1909)
 
 ### 2.1.1 - Oct 31, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1885
+- [https://github.com/blacklanternsecurity/bbot/pull/1885](https://github.com/blacklanternsecurity/bbot/pull/1885)
 
 ### 2.1.0 - Oct 18, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1724
+- [https://github.com/blacklanternsecurity/bbot/pull/1724](https://github.com/blacklanternsecurity/bbot/pull/1724)
 
 ### 2.0.1 - Aug 29, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1650
+- [https://github.com/blacklanternsecurity/bbot/pull/1650](https://github.com/blacklanternsecurity/bbot/pull/1650)
 
 ### 2.0.0 - Aug 9, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1424
+- [https://github.com/blacklanternsecurity/bbot/pull/1424](https://github.com/blacklanternsecurity/bbot/pull/1424)
+- [https://github.com/blacklanternsecurity/bbot/pull/1235](https://github.com/blacklanternsecurity/bbot/pull/1235)
 
 ### 1.1.8 - May 29, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1382
+- [https://github.com/blacklanternsecurity/bbot/pull/1382](https://github.com/blacklanternsecurity/bbot/pull/1382)
 
 ### 1.1.7 - May 15, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1119
+- [https://github.com/blacklanternsecurity/bbot/pull/1119](https://github.com/blacklanternsecurity/bbot/pull/1119)
 
 ### 1.1.6 - Feb 21, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/1002
+- [https://github.com/blacklanternsecurity/bbot/pull/1002](https://github.com/blacklanternsecurity/bbot/pull/1002)
 
 ### 1.1.5 - Jan 15, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/996
+- [https://github.com/blacklanternsecurity/bbot/pull/996](https://github.com/blacklanternsecurity/bbot/pull/996)
 
 ### 1.1.4 - Jan 11, 2024
-- https://github.com/blacklanternsecurity/bbot/pull/837
+- [https://github.com/blacklanternsecurity/bbot/pull/837](https://github.com/blacklanternsecurity/bbot/pull/837)
 
 ### 1.1.3 - Nov 4, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/823
+- [https://github.com/blacklanternsecurity/bbot/pull/823](https://github.com/blacklanternsecurity/bbot/pull/823)
 
 ### 1.1.2 - Nov 3, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/777
+- [https://github.com/blacklanternsecurity/bbot/pull/777](https://github.com/blacklanternsecurity/bbot/pull/777)
 
 ### 1.1.1 - Oct 11, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/668
+- [https://github.com/blacklanternsecurity/bbot/pull/668](https://github.com/blacklanternsecurity/bbot/pull/668)
 
 ### 1.1.0 - Aug 4, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/598
+- [https://github.com/blacklanternsecurity/bbot/pull/598](https://github.com/blacklanternsecurity/bbot/pull/598)
 
 ### 1.0.5 - Mar 10, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/352
+- [https://github.com/blacklanternsecurity/bbot/pull/352](https://github.com/blacklanternsecurity/bbot/pull/352)
 
 ### 1.0.5 - Mar 10, 2023
-- https://github.com/blacklanternsecurity/bbot/pull/352
+- [https://github.com/blacklanternsecurity/bbot/pull/352](https://github.com/blacklanternsecurity/bbot/pull/352)