Skip to content

Major vhost (virtualhost) rewrite#2672

Draft
liquidsec wants to merge 172 commits intoasn-as-targetsfrom
virtualhost-upgrade
Draft

Major vhost (virtualhost) rewrite#2672
liquidsec wants to merge 172 commits intoasn-as-targetsfrom
virtualhost-upgrade

Conversation

@liquidsec
Copy link
Collaborator

@liquidsec liquidsec commented Sep 3, 2025

No description provided.

liquidsec added 24 commits August 1, 2025 15:41
@liquidsec
waf_bypass initial
fefc52a
@liquidsec
fixing source event bug
466a2ad
@liquidsec
continued development
7049bff
@liquidsec
Merge branch 'dev' into waf-bypass
2041483
@liquidsec
adding asn helper test, fixing report
f68de32
@liquidsec
normalizing nomenclature, adding tests
b1e175a
@liquidsec
add meta
3cd55a6
@liquidsec
Merge branch 'dev' into waf-bypass
c228095
@liquidsec
output modifications
163ea09
@liquidsec
fix debug messages and add ip filter to ip check
dee9079
@liquidsec
add preset
9626f28
@liquidsec
fix bug when no subnets in asn
cae129d
@liquidsec
virtualhost overhaul initial
53ea0b3
@liquidsec
tweak
3bf032a
@liquidsec
virtualhost update major refactor
38d4d2e
@liquidsec
virtual host another major refactor
454d7d1
@liquidsec
changes to as_completed
f04c486
@liquidsec
pinned curl
1d16b49
@liquidsec
fix missing arg
7c32cb1
@liquidsec
finish rename
3447866
@liquidsec
small refactor
0d98531
@liquidsec
fix async handling
eb93201
@liquidsec
presets and other adjustments
84c0f8e
@liquidsec
change as_completed to only accept coros
ef1674f
@liquidsec liquidsec marked this pull request as draft September 3, 2025 17:05
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 4, 2025
View reviewed changes
bbot/test/test_step_2/module_tests/test_module_virtualhost.py
assert canary_subdomain.endswith(".example.com"), (
f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
)
assert "-test.example.com" in canary_mutation, (

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [-test.example.com](1) may be at an arbitrary position in the sanitized URL.

Copilot Autofix

AI 5 months ago

The fix is to replace the substring check " -test.example.com" in canary_mutation with a more precise hostname validation. Since canary_mutation is intended as a hostname or domain, and we want to ensure it correctly ends with -test.example.com rather than appearing at any arbitrary position, we should parse (or treat) it as a domain name and use the .endswith() method. This would check that canary_mutation is a domain with the required suffix, so only validly-structured canary hosts would pass the test.

The change should occur in bbot/test/test_step_2/module_tests/test_module_virtualhost.py, around line 470, inside the check method of TestVirtualhostHTTPSLogic. No additional imports are needed, as string logic is sufficient here.

Suggested changeset 1
bbot/test/test_step_2/module_tests/test_module_virtualhost.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/bbot/test/test_step_2/module_tests/test_module_virtualhost.py b/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
--- a/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
+++ b/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
@@ -467,8 +467,8 @@
         assert canary_subdomain.endswith(".example.com"), (
             f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
         )
-        assert "-test.example.com" in canary_mutation, (
-            f"Mutation canary doesn't contain expected pattern: {canary_mutation}"
+        assert canary_mutation.endswith("-test.example.com"), (
+            f"Mutation canary doesn't end with expected pattern: {canary_mutation}"
         )
         assert canary_random.endswith(".com"), f"Random canary doesn't end with .com: {canary_random}"
 
EOF
@@ -467,8 +467,8 @@
assert canary_subdomain.endswith(".example.com"), (
f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
)
assert "-test.example.com" in canary_mutation, (
f"Mutation canary doesn't contain expected pattern: {canary_mutation}"
assert canary_mutation.endswith("-test.example.com"), (
f"Mutation canary doesn't end with expected pattern: {canary_mutation}"
)
assert canary_random.endswith(".com"), f"Random canary doesn't end with .com: {canary_random}"

Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
7e7f76f
@liquidsec
fix test
e8f01da
@liquidsec
add pyopenssl dep
2954d4e
@liquidsec
fixing next() bug
d06a385
@liquidsec
untangle cli arg issues
7c4a91d
@liquidsec
ensure a description exists
2720cae
@liquidsec
more adjustments to scan initialization
6554bd9
@liquidsec
lint
48f76ba
@liquidsec
more early preset handling changes
c2052a4
@liquidsec
Merge branch 'dev' into asn-as-targets
6b9af37
@liquidsec
Merge pull request #2810 from blacklanternsecurity/untangle-cli-args
b749538 
untangle cli arg issues
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
61fc201
@liquidsec
fixing dev sync merge
703d9cb
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
e8a8bc4
@liquidsec
Merge remote-tracking branch 'origin/dev' into asn-as-targets
e974572 
# Conflicts:
#	bbot/test/test_step_1/test_presets.py
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
d01079d
@liquidsec
fix tests
509da46
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
8a1823c
@liquidsec
Merge branch 'dev' into asn-as-targets
a75d639
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
741ff20
@liquidsec
Merge branch 'dev' into asn-as-targets
4dcc8ba
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
536831c
@liquidsec liquidsec force-pushed the asn-as-targets branch 2 times, most recently from a65a347 to 344130e Compare February 28, 2026 01:00
@liquidsec
Merge asn-as-targets into virtualhost-upgrade
c66d86c 
Resolve conflicts taking asn-as-targets as source of truth.
Move bake()+init into Scanner.__init__ (sync bake).
Convert generic_ssrf from VULNERABILITY to FINDING event type.
Fix virtualhost test to check FINDING instead of VULNERABILITY.
Keep generic_ssrf module (deleted on asn-as-targets, restored here).
@liquidsec
Merge latest asn-as-targets with community.general fix
879eb51
@liquidsec
Remove stale test_event_confidence (numeric confidence was removed in…
55850c5 
… 3.0)
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
820b94c
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
f6a8d43
@liquidsec
Merge asn-as-targets, fix waf_bypass for radixtarget 4.x and asndb
fd39c2f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@liquidsec @TheTechromancer