You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When an asset is selected to view the findings, only a few or no results are shown for a scan done using the SSLLabs scanner. The reason is that in SeccubusFindings.pm (calll made by the browser to getFindings.pl) uses = to compare the IP or host values. SSLLabs returns these in two forms:
If the query gives anything it will be those matching form 1, an IP = "wwww.yoursite.com/127.0.0.1" won't ever give any result. Reversing the check and using LIKE solves this for me:
:/opt/seccubus/SeccubusV2# diff SeccubusFindings.pm SeccubusFindings.pm_org
133c133
< asset_hosts.asset_id = assets.id and (findings.`host` like CONCAT('%',asset_hosts.ip,'%') or asset_hosts.`host` = findings.`host`)
---
> asset_hosts.asset_id = assets.id and (asset_hosts.ip = findings.`host` or asset_hosts.`host` = findings.`host`)
The text was updated successfully, but these errors were encountered:
When an asset is selected to view the findings, only a few or no results are shown for a scan done using the SSLLabs scanner. The reason is that in SeccubusFindings.pm (calll made by the browser to getFindings.pl) uses = to compare the IP or host values. SSLLabs returns these in two forms:
1: www.yoursite.com
2: www.yoursite.com/127.0.0.1
If the query gives anything it will be those matching form 1, an IP = "wwww.yoursite.com/127.0.0.1" won't ever give any result. Reversing the check and using LIKE solves this for me:
The text was updated successfully, but these errors were encountered: