Transaction Logger Bug #403

Closed
marioskourtesis opened this Issue Apr 5, 2015 · 3 comments

Comments

Projects
None yet
3 participants
@marioskourtesis
Contributor

marioskourtesis commented Apr 5, 2015

I used PlugnHack in OWTF and I navigated to a GWT based website. I got the following error in OWTF command line:

[!] unknown Cookie attribute: 'Expires=Tue'
[!] unknown Cookie attribute: 'Expires=Mon'
Process TransactionLogger-3:
Traceback (most recent call last):
File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/root/owtf/framework/lib/owtf_process.py", line 80, in run
self.pseudo_run()
File "/root/owtf/framework/http/proxy/transaction_logger.py", line 108, in pseudo_run
self.transaction.LogTransactionsFromLogger(transactions_dict)
File "/root/owtf/framework/db/transaction_manager.py", line 314, in LogTransactionsFromLogger
self.LogTransactions(transaction_list, target_id=target_id)
File "/root/owtf/framework/db/target_manager.py", line 57, in wrapped_function
return func(_args, *_kwargs)
File "/root/owtf/framework/db/transaction_manager.py", line 290, in LogTransactions
output=match).first()
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line 2341, in first
ret = list(self[0:1])
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line 2208, in getitem
return list(res)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line 2411, in iter
self.session._autoflush()
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1208, in _autoflush
util.raise_from_cause(e)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/util/compat.py", line 199, in raise_from_cause
reraise(type(exception), exception, tb=exc_tb)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1198, in _autoflush
self.flush()
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1919, in flush
self._flush(objects)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 2037, in _flush
transaction.rollback(_capture_exception=True)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/util/langhelpers.py", line 60, in exit
compat.reraise(exc_type, exc_value, exc_tb)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 2001, in _flush
flush_context.execute()
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 372, in execute
rec.execute(self)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 526, in execute
uow
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 65, in save_obj
mapper, table, insert)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 602, in _emit_insert_statements
execute(statement, params)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 729, in execute
return meth(self, multiparams, params)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/sql/elements.py", line 321, in _execute_on_connection
return connection._execute_clauseelement(self, multiparams, params)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 826, in _execute_clauseelement
compiled_sql, distilled_params
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 958, in _execute_context
context)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1160, in _handle_dbapi_exception
exc_info
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/util/compat.py", line 199, in raise_from_cause
reraise(type(exception), exception, tb=exc_tb)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 951, in _execute_context
context)
File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 436, in do_execute
cursor.execute(statement, parameters)
OperationalError: (raised as a result of Query-invoked autoflush; consider using a session.no_autoflush block if this flush is occurring prematurely) (OperationalError) index row size 6960 exceeds maximum 2712 for index "grep_outputs_name_output_target_id_key"
HINT: Values larger than 1/3 of a buffer page cannot be indexed.
Consider a function index of an MD5 hash of the value, or use full text indexing.
'INSERT INTO grep_outputs (target_id, name, output) VALUES (%(target_id)s, %(name)s, %(output)s) RETURNING grep_outputs.id' {'output': '"<!--\nfunction M(){}\nfunction Jc(){}\nfunction gd(){}\nfunction Fe(){}\nfunction Ie(){}\nfunction bf(){}\n
Here are following more GWT functions and etc...

@marioskourtesis marioskourtesis added the Bug label Apr 5, 2015

@tunnelshade

This comment has been minimized.

Show comment
Hide comment
@tunnelshade

tunnelshade Apr 5, 2015

Member

This is because of indexing but I cannot find any indexed column here. Which branch is this on btw?

Member

tunnelshade commented Apr 5, 2015

This is because of indexing but I cannot find any indexed column here. Which branch is this on btw?

@marioskourtesis

This comment has been minimized.

Show comment
Hide comment
@marioskourtesis

marioskourtesis Apr 5, 2015

Contributor

I am using the development branch.

On Sun, Apr 5, 2015 at 11:26 AM, Bharadwaj Machiraju <
notifications@github.com> wrote:

This is because of indexing but I cannot find any indexed column here
https://github.com/owtf/owtf/blob/develop/framework/db/models.py. Which
branch is this on btw?


Reply to this email directly or view it on GitHub
#403 (comment).

Contributor

marioskourtesis commented Apr 5, 2015

I am using the development branch.

On Sun, Apr 5, 2015 at 11:26 AM, Bharadwaj Machiraju <
notifications@github.com> wrote:

This is because of indexing but I cannot find any indexed column here
https://github.com/owtf/owtf/blob/develop/framework/db/models.py. Which
branch is this on btw?


Reply to this email directly or view it on GitHub
#403 (comment).

@viyatb

This comment has been minimized.

Show comment
Hide comment
@viyatb

viyatb Dec 12, 2015

Member

@marioskourtesis: The cookie parsing fix is in the develop branch and the indexing error is because the sometimes the response.body is too large to be stored in postgres. More relevant issue is here #476.

Member

viyatb commented Dec 12, 2015

@marioskourtesis: The cookie parsing fix is in the develop branch and the indexing error is because the sometimes the response.body is too large to be stored in postgres. More relevant issue is here #476.

@viyatb viyatb closed this Dec 12, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment