Skip to content

Commit aeb3e3c

Browse files
p4trickweissp4trickweiss
committed
Refactor extractDomainFromArgs
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
1 parent e90b39f commit aeb3e3c

3 files changed

Lines changed: 375 additions & 6 deletions

File tree

scanners/subfinder/parser/__snapshots__/parser.test.js.snap

Lines changed: 299 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,305 @@ exports[`should properly parse subfinder json file with ip output 1`] = `
158158

159159
exports[`should properly parse empty json file 1`] = `[]`;
160160

161-
exports[`should properly parse subfinder json file and add target domain to findings 1`] = `
161+
exports[`should properly parse subfinder json file and add target domain to findings with param -d 1`] = `
162+
[
163+
{
164+
"attributes": {
165+
"domain": "example.com",
166+
"hostname": "releases.example.com",
167+
"ip_address": null,
168+
"ip_addresses": [],
169+
"source": "alienvault",
170+
},
171+
"category": "Subdomain",
172+
"description": "Found subdomain releases.example.com",
173+
"identified_at": null,
174+
"location": "releases.example.com",
175+
"name": "releases.example.com",
176+
"osi_layer": "NETWORK",
177+
"severity": "INFORMATIONAL",
178+
},
179+
{
180+
"attributes": {
181+
"domain": "example.com",
182+
"hostname": "myap.example.com",
183+
"ip_address": null,
184+
"ip_addresses": [],
185+
"source": "alienvault",
186+
},
187+
"category": "Subdomain",
188+
"description": "Found subdomain myap.example.com",
189+
"identified_at": null,
190+
"location": "myap.example.com",
191+
"name": "myap.example.com",
192+
"osi_layer": "NETWORK",
193+
"severity": "INFORMATIONAL",
194+
},
195+
{
196+
"attributes": {
197+
"domain": "example.com",
198+
"hostname": "not-exist.example.com",
199+
"ip_address": null,
200+
"ip_addresses": [],
201+
"source": "alienvault",
202+
},
203+
"category": "Subdomain",
204+
"description": "Found subdomain not-exist.example.com",
205+
"identified_at": null,
206+
"location": "not-exist.example.com",
207+
"name": "not-exist.example.com",
208+
"osi_layer": "NETWORK",
209+
"severity": "INFORMATIONAL",
210+
},
211+
{
212+
"attributes": {
213+
"domain": "example.com",
214+
"hostname": "new-client.example.com",
215+
"ip_address": null,
216+
"ip_addresses": [],
217+
"source": "alienvault",
218+
},
219+
"category": "Subdomain",
220+
"description": "Found subdomain new-client.example.com",
221+
"identified_at": null,
222+
"location": "new-client.example.com",
223+
"name": "new-client.example.com",
224+
"osi_layer": "NETWORK",
225+
"severity": "INFORMATIONAL",
226+
},
227+
{
228+
"attributes": {
229+
"domain": "example.com",
230+
"hostname": "op.example.com",
231+
"ip_address": null,
232+
"ip_addresses": [],
233+
"source": "alienvault",
234+
},
235+
"category": "Subdomain",
236+
"description": "Found subdomain op.example.com",
237+
"identified_at": null,
238+
"location": "op.example.com",
239+
"name": "op.example.com",
240+
"osi_layer": "NETWORK",
241+
"severity": "INFORMATIONAL",
242+
},
243+
{
244+
"attributes": {
245+
"domain": "example.com",
246+
"hostname": "mall.example.com",
247+
"ip_address": null,
248+
"ip_addresses": [],
249+
"source": "alienvault",
250+
},
251+
"category": "Subdomain",
252+
"description": "Found subdomain mall.example.com",
253+
"identified_at": null,
254+
"location": "mall.example.com",
255+
"name": "mall.example.com",
256+
"osi_layer": "NETWORK",
257+
"severity": "INFORMATIONAL",
258+
},
259+
{
260+
"attributes": {
261+
"domain": "example.com",
262+
"hostname": "cdn1.example.com",
263+
"ip_address": null,
264+
"ip_addresses": [],
265+
"source": "alienvault",
266+
},
267+
"category": "Subdomain",
268+
"description": "Found subdomain cdn1.example.com",
269+
"identified_at": null,
270+
"location": "cdn1.example.com",
271+
"name": "cdn1.example.com",
272+
"osi_layer": "NETWORK",
273+
"severity": "INFORMATIONAL",
274+
},
275+
{
276+
"attributes": {
277+
"domain": "example.com",
278+
"hostname": "xn--rksmrgs-5wao1o.example.com",
279+
"ip_address": null,
280+
"ip_addresses": [],
281+
"source": "alienvault",
282+
},
283+
"category": "Subdomain",
284+
"description": "Found subdomain xn--rksmrgs-5wao1o.example.com",
285+
"identified_at": null,
286+
"location": "xn--rksmrgs-5wao1o.example.com",
287+
"name": "xn--rksmrgs-5wao1o.example.com",
288+
"osi_layer": "NETWORK",
289+
"severity": "INFORMATIONAL",
290+
},
291+
{
292+
"attributes": {
293+
"domain": "example.com",
294+
"hostname": "example.com",
295+
"ip_address": null,
296+
"ip_addresses": [],
297+
"source": "parser",
298+
},
299+
"category": "Subdomain",
300+
"description": "Found subdomain example.com",
301+
"identified_at": null,
302+
"location": "example.com",
303+
"name": "example.com",
304+
"osi_layer": "NETWORK",
305+
"severity": "INFORMATIONAL",
306+
},
307+
]
308+
`;
309+
310+
exports[`should properly parse subfinder json file and add target domain to findings with param -domain 1`] = `
311+
[
312+
{
313+
"attributes": {
314+
"domain": "example.com",
315+
"hostname": "releases.example.com",
316+
"ip_address": null,
317+
"ip_addresses": [],
318+
"source": "alienvault",
319+
},
320+
"category": "Subdomain",
321+
"description": "Found subdomain releases.example.com",
322+
"identified_at": null,
323+
"location": "releases.example.com",
324+
"name": "releases.example.com",
325+
"osi_layer": "NETWORK",
326+
"severity": "INFORMATIONAL",
327+
},
328+
{
329+
"attributes": {
330+
"domain": "example.com",
331+
"hostname": "myap.example.com",
332+
"ip_address": null,
333+
"ip_addresses": [],
334+
"source": "alienvault",
335+
},
336+
"category": "Subdomain",
337+
"description": "Found subdomain myap.example.com",
338+
"identified_at": null,
339+
"location": "myap.example.com",
340+
"name": "myap.example.com",
341+
"osi_layer": "NETWORK",
342+
"severity": "INFORMATIONAL",
343+
},
344+
{
345+
"attributes": {
346+
"domain": "example.com",
347+
"hostname": "not-exist.example.com",
348+
"ip_address": null,
349+
"ip_addresses": [],
350+
"source": "alienvault",
351+
},
352+
"category": "Subdomain",
353+
"description": "Found subdomain not-exist.example.com",
354+
"identified_at": null,
355+
"location": "not-exist.example.com",
356+
"name": "not-exist.example.com",
357+
"osi_layer": "NETWORK",
358+
"severity": "INFORMATIONAL",
359+
},
360+
{
361+
"attributes": {
362+
"domain": "example.com",
363+
"hostname": "new-client.example.com",
364+
"ip_address": null,
365+
"ip_addresses": [],
366+
"source": "alienvault",
367+
},
368+
"category": "Subdomain",
369+
"description": "Found subdomain new-client.example.com",
370+
"identified_at": null,
371+
"location": "new-client.example.com",
372+
"name": "new-client.example.com",
373+
"osi_layer": "NETWORK",
374+
"severity": "INFORMATIONAL",
375+
},
376+
{
377+
"attributes": {
378+
"domain": "example.com",
379+
"hostname": "op.example.com",
380+
"ip_address": null,
381+
"ip_addresses": [],
382+
"source": "alienvault",
383+
},
384+
"category": "Subdomain",
385+
"description": "Found subdomain op.example.com",
386+
"identified_at": null,
387+
"location": "op.example.com",
388+
"name": "op.example.com",
389+
"osi_layer": "NETWORK",
390+
"severity": "INFORMATIONAL",
391+
},
392+
{
393+
"attributes": {
394+
"domain": "example.com",
395+
"hostname": "mall.example.com",
396+
"ip_address": null,
397+
"ip_addresses": [],
398+
"source": "alienvault",
399+
},
400+
"category": "Subdomain",
401+
"description": "Found subdomain mall.example.com",
402+
"identified_at": null,
403+
"location": "mall.example.com",
404+
"name": "mall.example.com",
405+
"osi_layer": "NETWORK",
406+
"severity": "INFORMATIONAL",
407+
},
408+
{
409+
"attributes": {
410+
"domain": "example.com",
411+
"hostname": "cdn1.example.com",
412+
"ip_address": null,
413+
"ip_addresses": [],
414+
"source": "alienvault",
415+
},
416+
"category": "Subdomain",
417+
"description": "Found subdomain cdn1.example.com",
418+
"identified_at": null,
419+
"location": "cdn1.example.com",
420+
"name": "cdn1.example.com",
421+
"osi_layer": "NETWORK",
422+
"severity": "INFORMATIONAL",
423+
},
424+
{
425+
"attributes": {
426+
"domain": "example.com",
427+
"hostname": "xn--rksmrgs-5wao1o.example.com",
428+
"ip_address": null,
429+
"ip_addresses": [],
430+
"source": "alienvault",
431+
},
432+
"category": "Subdomain",
433+
"description": "Found subdomain xn--rksmrgs-5wao1o.example.com",
434+
"identified_at": null,
435+
"location": "xn--rksmrgs-5wao1o.example.com",
436+
"name": "xn--rksmrgs-5wao1o.example.com",
437+
"osi_layer": "NETWORK",
438+
"severity": "INFORMATIONAL",
439+
},
440+
{
441+
"attributes": {
442+
"domain": "example.com",
443+
"hostname": "example.com",
444+
"ip_address": null,
445+
"ip_addresses": [],
446+
"source": "parser",
447+
},
448+
"category": "Subdomain",
449+
"description": "Found subdomain example.com",
450+
"identified_at": null,
451+
"location": "example.com",
452+
"name": "example.com",
453+
"osi_layer": "NETWORK",
454+
"severity": "INFORMATIONAL",
455+
},
456+
]
457+
`;
458+
459+
exports[`should properly parse subfinder json file and add target domain to findings with param --domain= 1`] = `
162460
[
163461
{
164462
"attributes": {

scanners/subfinder/parser/parser.js

Lines changed: 23 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22
//
33
// SPDX-License-Identifier: Apache-2.0
44

5+
const DOMAIN_FLAGS = ["-d", "-domain", "--domain"];
6+
57
export async function parse(
68
fileContent,
79
scan,
@@ -14,7 +16,7 @@ export async function parse(
1416
const findings = transformToFindings(targets);
1517

1618
const domain = includeTargetDomain
17-
? getArgValue(scan.spec.parameters, "-d", "-domain")
19+
? extractDomainFromArgs(scan.spec.parameters)
1820
: null;
1921
if (domain) {
2022
findings.push(getTargetDomainFinding(domain));
@@ -23,9 +25,26 @@ export async function parse(
2325
return findings;
2426
}
2527

26-
function getArgValue(args, ...flags) {
27-
const index = args.findIndex((arg) => flags.includes(arg));
28-
return index !== -1 && index + 1 < args.length ? args[index + 1] : null;
28+
function extractDomainFromArgs(args) {
29+
for (let i = 0; i < args.length; i++) {
30+
const arg = args[i];
31+
32+
// Check for --domain=value or --domain="value" format
33+
for (const flag of DOMAIN_FLAGS) {
34+
if (arg.startsWith(`${flag}=`)) {
35+
const value = arg.slice(flag.length + 1);
36+
// Remove surrounding quotes if present
37+
return value.replace(/^["']|["']$/g, "");
38+
}
39+
}
40+
41+
// Check for -d value, -domain value, --domain value format
42+
if (DOMAIN_FLAGS.includes(arg) && i + 1 < args.length) {
43+
return args[i + 1];
44+
}
45+
}
46+
47+
return null;
2948
}
3049

3150
function getTargetDomainFinding(domain) {

0 commit comments

Comments
 (0)