From dcf6ef5333be0fa404a4c1fb414b574d071e8e6b Mon Sep 17 00:00:00 2001 From: TheTechromancer Date: Thu, 16 Nov 2023 15:34:13 -0500 Subject: [PATCH] test troubleshooting --- bbot/scanner/manager.py | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/bbot/scanner/manager.py b/bbot/scanner/manager.py index 13d46669d0..02c78a7e91 100644 --- a/bbot/scanner/manager.py +++ b/bbot/scanner/manager.py @@ -175,6 +175,8 @@ async def _emit_event(self, event, **kwargs): on_success_callback = kwargs.pop("on_success_callback", None) abort_if = kwargs.pop("abort_if", None) + log.debug(f"EMIT {event} 1") + # skip DNS resolution if it's disabled in the config and the event is a target and we don't have a blacklist skip_dns_resolution = (not self.dns_resolution) and "target" in event.tags and not self.scan.blacklist if skip_dns_resolution: @@ -198,6 +200,8 @@ async def _emit_event(self, event, **kwargs): for ip in ips: resolved_hosts.add(ip) + log.debug(f"EMIT {event} 2") + # kill runaway DNS chains dns_resolve_distance = getattr(event, "dns_resolve_distance", 0) if dns_resolve_distance >= self.scan.helpers.dns.max_dns_resolve_distance: @@ -206,6 +210,8 @@ async def _emit_event(self, event, **kwargs): ) dns_children = {} + log.debug(f"EMIT {event} 3") + if event.type in ("DNS_NAME", "IP_ADDRESS"): for tag in dns_tags: event.add_tag(tag) @@ -222,6 +228,8 @@ async def _emit_event(self, event, **kwargs): log.debug(f"Omitting due to blacklisted {reason}: {event}") return + log.debug(f"EMIT {event} 4") + # DNS_NAME --> DNS_NAME_UNRESOLVED if event.type == "DNS_NAME" and "unresolved" in event.tags and not "target" in event.tags: event.type = "DNS_NAME_UNRESOLVED" @@ -229,6 +237,8 @@ async def _emit_event(self, event, **kwargs): # Cloud tagging await self.scan.helpers.cloud.tag_event(event) + log.debug(f"EMIT {event} 5") + # Scope shepherding # here is where we make sure in-scope events are set to their proper scope distance if event.host and event_whitelisted: @@ -243,18 +253,24 @@ async def _emit_event(self, event, **kwargs): ) event.internal = True + log.debug(f"EMIT {event} 6") + # check for wildcards if event.scope_distance <= self.scan.scope_search_distance: if not "unresolved" in event.tags: if not self.scan.helpers.is_ip_type(event.host): await self.scan.helpers.dns.handle_wildcard_event(event, dns_children) + log.debug(f"EMIT {event} 7") + # For DNS_NAMEs, we've waited to do this until now, in case event.data changed during handle_wildcard_event() if event.type == "DNS_NAME": acceptable = self._event_precheck(event) if not acceptable: return + log.debug(f"EMIT {event} 8") + # if we discovered something interesting from an internal event, # make sure we preserve its chain of parents source = event.source @@ -267,6 +283,8 @@ async def _emit_event(self, event, **kwargs): log.debug(f"Re-queuing internal event {source} with parent {event}") self.queue_event(source) + log.debug(f"EMIT {event} 9") + # now that the event is properly tagged, we can finally make decisions about it abort_result = False if callable(abort_if): @@ -280,14 +298,20 @@ async def _emit_event(self, event, **kwargs): log.debug(msg) return + log.debug(f"EMIT {event} 10") + # run success callback before distributing event (so it can add tags, etc.) if callable(on_success_callback): async with self.scan._acatch(context=on_success_callback): await self.scan.helpers.execute_sync_or_async(on_success_callback, event) + log.debug(f"EMIT {event} 11") + await self.distribute_event(event) event_distributed = True + log.debug(f"EMIT {event} 12") + # speculate DNS_NAMES and IP_ADDRESSes from other event types source_event = event if ( @@ -305,6 +329,8 @@ async def _emit_event(self, event, **kwargs): source_event.add_tag("target") self.queue_event(source_event) + log.debug(f"EMIT {event} 13") + ### Emit DNS children ### if self.dns_resolution: emit_children = True @@ -336,6 +362,8 @@ async def _emit_event(self, event, **kwargs): for child_event in dns_child_events: self.queue_event(child_event) + log.debug(f"EMIT {event} 14") + except ValidationError as e: log.warning(f"Event validation failed with kwargs={kwargs}: {e}") log.trace(traceback.format_exc())