New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Snare tanner communication #184
Conversation
b2d0f92
to
25b7abb
Compare
tanner/emulators/base.py
Outdated
if 'payload' not in detection: | ||
detection['type'] = 1 | ||
elif 'payload' in detection: | ||
if 'status_code' not in detection: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As I understood from code, status_code
in detection['payload']
, am I right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, you're right.
injectable_page = '/index.html' | ||
detection['payload']['page'] = injectable_page | ||
else: | ||
detection['type'] = 3 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we return any status info about error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need that because usually that will be present in logs where it was present? And even if get it then how will we use it, as suppose we return 500
error to the client then sending any other data won't be needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In case of tanner error, snare should works normally (e.g. return index page). Imagine the situation, when we use snare with default tanner and we don't have access to tanner's log. Something happens, but we don't know what.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, but this thing is when you want to give a particular status_code intentionally to give positive results for the attack, though I'll add that too for normal tanner error.
* Make different type of detection * Make emulator compatible with the new structure * fix tests * fix typo
* Make different type of detection * Make emulator compatible with the new structure * fix tests * fix typo
fix #100
This is how return value from tanner look like :
To make communication more systematic, return value type from each emulator is fixed i.e
dict(value='', page=True/False)
(if page=False then payload won't be injected on any page but on a new page)