diff --git a/bbot/core/helpers/misc.py b/bbot/core/helpers/misc.py index f128cf004..92c9e523f 100644 --- a/bbot/core/helpers/misc.py +++ b/bbot/core/helpers/misc.py @@ -559,13 +559,12 @@ def is_port(p): return p and p.isdigit() and 0 <= int(p) <= 65535 -def is_dns_name(d, include_local=True): +def is_dns_name(d): """ Determines if the given string is a valid DNS name. Args: d (str): The string to be checked. - include_local (bool): Consider local hostnames to be valid (hostnames without periods) Returns: bool: True if the string is a valid DNS name, False otherwise. @@ -575,17 +574,12 @@ def is_dns_name(d, include_local=True): True >>> is_dns_name('localhost') True - >>> is_dns_name('localhost', include_local=False) - False >>> is_dns_name('192.168.1.1') False """ if is_ip(d): return False d = smart_decode(d) - if include_local: - if bbot_regexes.hostname_regex.match(d): - return True if bbot_regexes.dns_name_validation_regex.match(d): return True return False diff --git a/bbot/core/helpers/regexes.py b/bbot/core/helpers/regexes.py index ee488ed7b..adf8abb65 100644 --- a/bbot/core/helpers/regexes.py +++ b/bbot/core/helpers/regexes.py @@ -43,10 +43,6 @@ dns_name_extraction_regex = re.compile(_dns_name_regex, re.I) dns_name_validation_regex = re.compile(r"^" + _dns_name_regex + r"$", re.I) -# dns names without periods -_hostname_regex = r"(?!\w*\.\w+)\w(?:[\w-]{0,100}\w)?" -hostname_regex = re.compile(r"^" + _hostname_regex + r"$", re.I) - _email_regex = r"(?:[^\W_][\w\-\.\+']{,100})@" + _dns_name_regex email_regex = re.compile(_email_regex, re.I) @@ -61,14 +57,12 @@ _open_port_regexes = ( _dns_name_regex + r":[0-9]{1,5}", - _hostname_regex + r":[0-9]{1,5}", r"\[" + _ipv6_regex + r"\]:[0-9]{1,5}", ) open_port_regexes = [re.compile(r, re.I) for r in _open_port_regexes] _url_regexes = ( r"https?://" + _dns_name_regex + r"(?::[0-9]{1,5})?(?:(?:/|\?).*)?", - r"https?://" + _hostname_regex + r"(?::[0-9]{1,5})?(?:(?:/|\?).*)?", r"https?://\[" + _ipv6_regex + r"\](?::[0-9]{1,5})?(?:(?:/|\?).*)?", ) url_regexes = [re.compile(r, re.I) for r in _url_regexes] @@ -83,10 +77,7 @@ for k, regexes in ( ( "DNS_NAME", - ( - r"^" + _dns_name_regex + r"$", - r"^" + _hostname_regex + r"$", - ), + (r"^" + _dns_name_regex + r"$",), ), ( "EMAIL_ADDRESS", diff --git a/bbot/modules/github_org.py b/bbot/modules/github_org.py index 5b8571874..5417a4e2d 100644 --- a/bbot/modules/github_org.py +++ b/bbot/modules/github_org.py @@ -206,11 +206,7 @@ async def validate_org(self, org): for k, v in json.items(): if ( isinstance(v, str) - and ( - self.helpers.is_dns_name(v, include_local=False) - or self.helpers.is_url(v) - or self.helpers.is_email(v) - ) + and (self.helpers.is_dns_name(v) and "." in v or self.helpers.is_url(v) or self.helpers.is_email(v)) and self.scan.in_scope(v) ): self.verbose(f'Found in-scope key "{k}": "{v}" for {org}, it appears to be in-scope') diff --git a/bbot/test/test_step_1/test_helpers.py b/bbot/test/test_step_1/test_helpers.py index 2eb67cd13..9cec29194 100644 --- a/bbot/test/test_step_1/test_helpers.py +++ b/bbot/test/test_step_1/test_helpers.py @@ -122,7 +122,7 @@ async def test_helpers_misc(helpers, scan, bbot_scanner, bbot_httpserver): assert not helpers.is_dns_name("evilcorp.com:80") assert not helpers.is_dns_name("http://evilcorp.com:80") assert helpers.is_dns_name("evilcorp") - assert not helpers.is_dns_name("evilcorp", include_local=False) + assert helpers.is_dns_name("evilcorp.") assert helpers.is_dns_name("ドメイン.テスト") assert not helpers.is_dns_name("127.0.0.1") assert not helpers.is_dns_name("dead::beef")