Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication is not send #109

Open
DeliciousBounty opened this issue Jan 31, 2023 · 0 comments
Open

Authentication is not send #109

DeliciousBounty opened this issue Jan 31, 2023 · 0 comments

Comments

@DeliciousBounty
Copy link
Collaborator

DeliciousBounty commented Jan 31, 2023
edited

The active checks send requests without authentication.
So several actives checks fails.
In order to check:
Insert the macro dbg!(&auth) in any active request and you can notice that the auth is "None".

Steps to locate the error:

  1. go to cherrrybomb engine -> lib.rs -> run_active_profile()

  2. scoll down to line 111.

  3. see authorization is None

  4. I replace with the following code and the auth is send through all requests.

    let auth = config.security.get(0).unwrap().auth_value.to_string(); let a = Authorization::from_parts("1", auth); active_scan .run(active_scanner::ActiveScanType::Full, &a) .await;

!!!
My code is not for production but just to understand where the bug occurs.
I fixed the from_parts() function in the branch reformat_test.
We can discuss about it

Additional context
The function from_parts() in "auth.rs" seems to used the old model of authentication and should be modify apart if there is a dedicate function.

@RazMag
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DeliciousBounty