[bug] The option '--subnets' is ignored

[itm4n]

Hi! :)

The default value for the option --subnets is False, but it seems to be ignored when deciding whether the list of subnets should be retrieved from the Active Directory when creating a list of targets.

$ ./ApacheTomcatScanner.py -C --show-cves-descriptions --tomcat-usernames-file '***' --tomcat-passwords-file '***' -ad '***' -ai '***' -au '***' -ap '***' --debug
Apache Tomcat Scanner v3.5 - by @podalirius_

[debug] Loading CVEs from JSON database ...
[debug] Loaded 170 CVEs!
[debug] Loading targets from computers in the domain '***'
[>] Extracting all computers ...
[+] Found 1725 computers in the domain.
[debug] Loading targets from servers in the domain '***'
[>] Extracting all subnets ...
[+] Found 33 subnets in the domain.
[debug] Target '***' was not added.
[debug] Target '***' was not added.
[+] Targeting 7 ports on 665786 hosts.
[+] Searching for Apache Tomcats servers on specified targets ...
...

In the following code snippet, the script calls get_subnets() as long as domain credentials are provided, regardless of the value of --subnets.

ApacheTomcatScanner/apachetomcatscanner/__main__.py

Lines 58 to 70 in 384f64f

	# Loading targets from subnetworks of the domain
	if options.auth_dc_ip is not None and options.auth_user is not None and (options.auth_password is not None or options.auth_hashes is not None):
	if options.debug:
	print("[debug] Loading targets from servers in the domain '%s'" % options.auth_domain)
	targets += get_subnets(
	auth_domain=options.auth_domain,
	auth_dc_ip=options.auth_dc_ip,
	auth_username=options.auth_user,
	auth_password=options.auth_password,
	auth_hashes=options.auth_hashes,
	use_ldaps=options.ldaps,
	__print=True
	)

[p0dalirius]

Thank you I will fix this!