New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

VirusShare downloader bash script bug #149

Closed
thebitbucket123 opened this Issue Nov 29, 2017 · 0 comments

Comments

Projects
None yet
2 participants
@thebitbucket123

thebitbucket123 commented Nov 29, 2017

Title

Bash script to download VirusShare hashes wgets strings unrelated to hash files

Request Type

Bug

Work Environment

|---------------------------|--------------------
| OS version (server) | Ubuntu
| OS version (client) | 16.04
| Cortex Analyzer Name | VirusShare getHashes.sh
| Cortex Analyzer Version | 0.1
| Cortex Version | 1.1.4
| Browser type & version | N/A

Description

When pulling down virusshare's hashes using the bash script, the script parses lines past the end of the list of hashfiles. Currently, "https://virusshare.com/hashes.4n6" has a line at the bottom containing a link to "https://twitter.com/CodexGigasSys", which is parsed and wgat. No harm done here, but in the unlikely event that virusshare is ever popped and the page is changed to include a less-than-savory URL, we'd end up downloading that.

Steps to Reproduce

  1. Use the gethashes.sh script to download the VS hashes
  2. Wait until the end

Possible Solutions

  • Use a more specific regex, like /VirusShare_[0-9]{5}.md5/, to parse or check to make sure we only get what we're looking for

Complementary information

Screenshot of the script attempting to wget the twitter URL
virusshare_gethashes_bug

3c7 added a commit to 3c7/Cortex-Analyzers that referenced this issue Dec 13, 2017

3c7 added a commit to 3c7/Cortex-Analyzers that referenced this issue Dec 13, 2017

3c7 added a commit to 3c7/Cortex-Analyzers that referenced this issue Dec 13, 2017

@3c7 3c7 self-assigned this Dec 27, 2017

@3c7 3c7 closed this Jan 11, 2018

3c7 added a commit that referenced this issue Jan 11, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment