Skip to content

Commit

Permalink
test troubleshooting
Browse files Browse the repository at this point in the history
  • Loading branch information
TheTechromancer committed Nov 16, 2023
1 parent 1af9c00 commit dcf6ef5
Showing 1 changed file with 28 additions and 0 deletions.
28 changes: 28 additions & 0 deletions bbot/scanner/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,8 @@ async def _emit_event(self, event, **kwargs):
on_success_callback = kwargs.pop("on_success_callback", None)
abort_if = kwargs.pop("abort_if", None)

log.debug(f"EMIT {event} 1")

# skip DNS resolution if it's disabled in the config and the event is a target and we don't have a blacklist
skip_dns_resolution = (not self.dns_resolution) and "target" in event.tags and not self.scan.blacklist
if skip_dns_resolution:
Expand All @@ -198,6 +200,8 @@ async def _emit_event(self, event, **kwargs):
for ip in ips:
resolved_hosts.add(ip)

log.debug(f"EMIT {event} 2")

# kill runaway DNS chains
dns_resolve_distance = getattr(event, "dns_resolve_distance", 0)
if dns_resolve_distance >= self.scan.helpers.dns.max_dns_resolve_distance:
Expand All @@ -206,6 +210,8 @@ async def _emit_event(self, event, **kwargs):
)
dns_children = {}

log.debug(f"EMIT {event} 3")

if event.type in ("DNS_NAME", "IP_ADDRESS"):
for tag in dns_tags:
event.add_tag(tag)
Expand All @@ -222,13 +228,17 @@ async def _emit_event(self, event, **kwargs):
log.debug(f"Omitting due to blacklisted {reason}: {event}")
return

log.debug(f"EMIT {event} 4")

# DNS_NAME --> DNS_NAME_UNRESOLVED
if event.type == "DNS_NAME" and "unresolved" in event.tags and not "target" in event.tags:
event.type = "DNS_NAME_UNRESOLVED"

# Cloud tagging
await self.scan.helpers.cloud.tag_event(event)

log.debug(f"EMIT {event} 5")

# Scope shepherding
# here is where we make sure in-scope events are set to their proper scope distance
if event.host and event_whitelisted:
Expand All @@ -243,18 +253,24 @@ async def _emit_event(self, event, **kwargs):
)
event.internal = True

log.debug(f"EMIT {event} 6")

# check for wildcards
if event.scope_distance <= self.scan.scope_search_distance:
if not "unresolved" in event.tags:
if not self.scan.helpers.is_ip_type(event.host):
await self.scan.helpers.dns.handle_wildcard_event(event, dns_children)

log.debug(f"EMIT {event} 7")

# For DNS_NAMEs, we've waited to do this until now, in case event.data changed during handle_wildcard_event()
if event.type == "DNS_NAME":
acceptable = self._event_precheck(event)
if not acceptable:
return

log.debug(f"EMIT {event} 8")

# if we discovered something interesting from an internal event,
# make sure we preserve its chain of parents
source = event.source
Expand All @@ -267,6 +283,8 @@ async def _emit_event(self, event, **kwargs):
log.debug(f"Re-queuing internal event {source} with parent {event}")
self.queue_event(source)

log.debug(f"EMIT {event} 9")

# now that the event is properly tagged, we can finally make decisions about it
abort_result = False
if callable(abort_if):
Expand All @@ -280,14 +298,20 @@ async def _emit_event(self, event, **kwargs):
log.debug(msg)
return

log.debug(f"EMIT {event} 10")

# run success callback before distributing event (so it can add tags, etc.)
if callable(on_success_callback):
async with self.scan._acatch(context=on_success_callback):
await self.scan.helpers.execute_sync_or_async(on_success_callback, event)

log.debug(f"EMIT {event} 11")

await self.distribute_event(event)
event_distributed = True

log.debug(f"EMIT {event} 12")

# speculate DNS_NAMES and IP_ADDRESSes from other event types
source_event = event
if (
Expand All @@ -305,6 +329,8 @@ async def _emit_event(self, event, **kwargs):
source_event.add_tag("target")
self.queue_event(source_event)

log.debug(f"EMIT {event} 13")

### Emit DNS children ###
if self.dns_resolution:
emit_children = True
Expand Down Expand Up @@ -336,6 +362,8 @@ async def _emit_event(self, event, **kwargs):
for child_event in dns_child_events:
self.queue_event(child_event)

log.debug(f"EMIT {event} 14")

except ValidationError as e:
log.warning(f"Event validation failed with kwargs={kwargs}: {e}")
log.trace(traceback.format_exc())
Expand Down

0 comments on commit dcf6ef5

Please sign in to comment.