Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/CVE 2024 50623 #159

Merged
merged 5 commits into from
Dec 16, 2024
Merged

Feature/CVE 2024 50623 #159

merged 5 commits into from
Dec 16, 2024

Conversation

PiranhaSa
Copy link
Contributor

The provided regular expression is used to extract version information for specific software products (VLTrader, Harmony, LexiCom) from a given text or response. Here's a detailed breakdown of the pattern:

Explanation of the Regex

(?:VLTrader|Harmony|LexiCom)/
(
  (?:[0-4](?:\.\d+){0,3}) 
  | 
  5(?:\.[0-7](?:\.\d{1,2}){0,2})? 
  | 
  5\.8(?:\.0(?:\.(?:0|[1-9]|1[0-9]|2[0-1]))?)?
)
\s*\(

1 -Non-capturing group: (?:VLTrader|Harmony|LexiCom)

  • The (?:...) syntax is a non-capturing group used here to match one of the product names (VLTrader, Harmony, LexiCom) without including the match in the captured output. This ensures we are only interested in capturing the version number, not the product name.

2 - Product delimiter: /

  • Ensures that the version number follows the product name with a /.

3- Main capturing group:

  • The (...) is a capturing group that isolates and retrieves the version number. The version format can be:

    • Versions starting with 0–4: (?:0-4{0,3})
      - Matches version numbers like 1, 3.2, 4.1.2.3.
    • Versions starting with 5 up to 5.7: 5(?:.0-7{0,2})?
      - Matches versions like 5, 5.3, 5.7.2.12.
    • Version 5.8 with finer granularity: 5.8(?:.0(?:.(?:0|[1-9]|1[0-9]|2[0-1]))?)?
      - Matches 5.8, 5.8.0, 5.8.0.21.

  • The | operator ensures all these subformats are considered.
    4 - Optional whitespace and parentheses: \s*(

  • Matches any optional whitespace (\s*) and ensures the version number is followed by an opening parenthesis (().

Purpose of ?:

The ?: inside the groups (e.g., (?:VLTrader|Harmony|LexiCom) and (?:0-4{0,3})) creates non-capturing groups. This allows matching specific patterns without including them in the result. In this regex, ?: ensures that only the version number is captured and returned, avoiding unwanted matches for the product name or separators.

Added Checks for Response Headers

In addition to checking the body of the HTTP response, checks were added to analyze the headers as well.

@PiranhaSa PiranhaSa changed the base branch from main to feature/cve-2024-11205 December 13, 2024 16:21
Base automatically changed from feature/cve-2024-11205 to main December 13, 2024 17:35
mohsinenar
mohsinenar previously requested changes Dec 13, 2024
View reviewed changes
agent/exploits/webexploit.py Outdated Show resolved Hide resolved
@codecov Codecov
Copy link

codecov bot commented Dec 16, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.82%. Comparing base (48ad0d0) to head (6f45a08).
Report is 15 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #159      +/-   ##
==========================================
+ Coverage   96.79%   96.82%   +0.02%     
==========================================
  Files         204      206       +2     
  Lines        7310     7362      +52     
==========================================
+ Hits         7076     7128      +52     
  Misses        234      234

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@PiranhaSa PiranhaSa marked this pull request as ready for review December 16, 2024 13:18
@PiranhaSa PiranhaSa requested a review from a team as a code owner December 16, 2024 13:18
ostorlab-ai-pr-review[bot]
ostorlab-ai-pr-review bot reviewed Dec 16, 2024
View reviewed changes
Copy link

@ostorlab-ai-pr-review ostorlab-ai-pr-review bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI Bot Review comment

tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
tests/exploits/cve_2024_50623_test.py Show resolved Hide resolved
@3asm 3asm dismissed mohsinenar’s stale review December 16, 2024 16:21

Comments fixed.

@3asm 3asm merged commit 9dbc508 into main Dec 16, 2024
5 checks passed
@3asm 3asm deleted the feature/cve-2024-50623 branch December 16, 2024 16:22
@PiranhaSa PiranhaSa mentioned this pull request Dec 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ostorlab-ai-pr-review ostorlab-ai-pr-review[bot] ostorlab-ai-pr-review[bot] left review comments

@elyousfi5 elyousfi5 elyousfi5 left review comments

@oussamaessaji oussamaessaji oussamaessaji left review comments

@nmasdoufi-ol nmasdoufi-ol nmasdoufi-ol approved these changes

@3asm 3asm 3asm approved these changes

@mohsinenar mohsinenar mohsinenar left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@PiranhaSa @3asm @mohsinenar @oussamaessaji @elyousfi5 @nmasdoufi-ol