drupwn icon indicating copy to clipboard operation
drupwn copied to clipboard
verified publisher icon immunIT

🐞 False positive detection due to incorrect error handling

Open urbanadventurer opened this issue 4 years ago • 0 comments

Problem

When HTTP connections fail droopescan reports the test as a positive result, e.g. it found a module.

5 GET requests to detect modules, such as the following, timed out without a response. These are displayed in the output as found.

GET /sites/default/modules/content_glider/content_glider.module HTTP/1.1

Recommendation

If the connection fails it should retry for a set number of times.

Environment

I'm using Kali with the latest version of droopescan that is current with master branch.

Usage

I used the following command. This connected to the Burp proxy.

python3 ./drupwn --target https://xxx --bauth asdfsadfsadfsadf== --version 8 --mode enum --proxy 127.0.0.1:8080 --log

# Logs

The log is as follows. All Modules found were false positives.

============ Themes ============

[+] seven
[+] stark
[+] bartik
[+] classy

============ Custom Themes ============


============ Default files ============

[+] /web.config (403)
[+] /robots.txt (200)
[+] /update.php (403)
[+] /install.php (200)

============ Modules ============

[+] HWCTravel
[+] popups_reference
[+] imageslider
[+] content_glider
[+] active_tags


============ Custom Modules ============


============ Nodes ============

https://xxx/node/491
https://xxx/node/675

============ Users ============

urbanadventurer avatar Apr 30 '21 06:04 urbanadventurer