Skip to content

Major vhost (virtualhost) rewrite #2672

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 15 commits into
base: asn-as-targets
Choose a base branch
from
Draft

Major vhost (virtualhost) rewrite #2672

wants to merge 15 commits into from

Conversation

@liquidsec
Copy link
Collaborator

No description provided.

@liquidsec liquidsec marked this pull request as draft September 3, 2025 17:05
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 4, 2025
View reviewed changes
bbot/test/test_step_2/module_tests/test_module_virtualhost.py
assert canary_subdomain.endswith(".example.com"), (
f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
)
assert "-test.example.com" in canary_mutation, (

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [-test.example.com](1) may be at an arbitrary position in the sanitized URL.

Copilot Autofix

AI 16 days ago

The fix is to replace the substring check " -test.example.com" in canary_mutation with a more precise hostname validation. Since canary_mutation is intended as a hostname or domain, and we want to ensure it correctly ends with -test.example.com rather than appearing at any arbitrary position, we should parse (or treat) it as a domain name and use the .endswith() method. This would check that canary_mutation is a domain with the required suffix, so only validly-structured canary hosts would pass the test.

The change should occur in bbot/test/test_step_2/module_tests/test_module_virtualhost.py, around line 470, inside the check method of TestVirtualhostHTTPSLogic. No additional imports are needed, as string logic is sufficient here.

Suggested changeset 1
bbot/test/test_step_2/module_tests/test_module_virtualhost.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/bbot/test/test_step_2/module_tests/test_module_virtualhost.py b/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
--- a/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
+++ b/bbot/test/test_step_2/module_tests/test_module_virtualhost.py
@@ -467,8 +467,8 @@
         assert canary_subdomain.endswith(".example.com"), (
             f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
         )
-        assert "-test.example.com" in canary_mutation, (
-            f"Mutation canary doesn't contain expected pattern: {canary_mutation}"
+        assert canary_mutation.endswith("-test.example.com"), (
+            f"Mutation canary doesn't end with expected pattern: {canary_mutation}"
         )
         assert canary_random.endswith(".com"), f"Random canary doesn't end with .com: {canary_random}"
 
EOF
@@ -467,8 +467,8 @@
assert canary_subdomain.endswith(".example.com"), (
f"Subdomain canary doesn't end with basehost: {canary_subdomain}"
)
assert "-test.example.com" in canary_mutation, (
f"Mutation canary doesn't contain expected pattern: {canary_mutation}"
assert canary_mutation.endswith("-test.example.com"), (
f"Mutation canary doesn't end with expected pattern: {canary_mutation}"
)
assert canary_random.endswith(".com"), f"Random canary doesn't end with .com: {canary_random}"

Copilot is powered by AI and may make mistakes. Always verify output.
@github-actions
Copy link
Contributor

github-actions bot commented Sep 4, 2025
edited
Loading

🚀 Performance Benchmark Report

⚠️ No current benchmark data available

This might be because:

  • Benchmarks failed to run
  • No benchmark tests found
  • Dependencies missing
@codecov
Copy link

codecov bot commented Sep 4, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 81.30016% with 233 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (asn-as-targets@1740a28). Learn more about missing BASE report.

Files with missing lines Patch % Lines
bbot/modules/virtualhost.py 69% 146 Missing ⚠️
bbot/modules/waf_bypass.py 72% 51 Missing ⚠️
bbot/core/helpers/web/web.py 72% 22 Missing ⚠️
...est_step_2/module_tests/test_module_virtualhost.py 98% 12 Missing ⚠️
...test_step_2/module_tests/test_module_waf_bypass.py 97% 2 Missing ⚠️
Additional details and impacted files 
@@               Coverage Diff                @@
##             asn-as-targets   #2672   +/-   ##
================================================
  Coverage                  ?     91%           
================================================
  Files                     ?     411           
  Lines                     ?   35381           
  Branches                  ?       0           
================================================
  Hits                      ?   32086           
  Misses                    ?    3295           
  Partials                  ?       0

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
@liquidsec liquidsec mentioned this pull request Sep 24, 2025
Closed
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 17, 2025
View reviewed changes
@liquidsec
Restore virtualhost and WAF bypass modules and tests
4da2319 
This restores the modules and tests that were temporarily removed in asn-as-targets branch:
- bbot/modules/virtualhost.py
- bbot/modules/waf_bypass.py
- bbot/test/test_step_2/module_tests/test_module_virtualhost.py
- bbot/test/test_step_2/module_tests/test_module_waf_bypass.py
- bbot/presets/waf-bypass.yml
- bbot/presets/web/virtualhost-heavy.yml
- bbot/presets/web/virtualhost-light.yml
@liquidsec liquidsec changed the base branch from dev to asn-as-targets October 17, 2025 18:46
@liquidsec
Restore virtualhost/WAF bypass modules and revert web helpers to pre-…
5f49ae3 
…removal state

This restores:
- New modules: virtualhost.py, waf_bypass.py and their tests
- New presets: waf-bypass.yml, virtualhost-heavy.yml, virtualhost-light.yml
- Modified files: web.py, shared_deps.py, generic_ssrf.py, host_header.py, web_report.py, test_module_generic_ssrf.py

All restored from commit before the temporary removal.
@liquidsec
Merge branch 'asn-as-targets' into virtualhost-upgrade
05f1cab
@liquidsec
just fixing stuff
a7ce13a
@liquidsec
more merge stuff
e8e50e0
@liquidsec
fix test again
04206e2
@liquidsec
oops
a94ca10
@liquidsec
fixing test
96658b6
@liquidsec
temp removal
6ce1295
@liquidsec
Restore virtualhost and WAF bypass modules and tests
9f0ab3d 
This restores the modules and tests that were temporarily removed in asn-as-targets branch:
- bbot/modules/virtualhost.py
- bbot/modules/waf_bypass.py
- bbot/test/test_step_2/module_tests/test_module_virtualhost.py
- bbot/test/test_step_2/module_tests/test_module_waf_bypass.py
- bbot/presets/waf-bypass.yml
- bbot/presets/web/virtualhost-heavy.yml
- bbot/presets/web/virtualhost-light.yml
@liquidsec
rebase
582f4de
@liquidsec
just fixing stuff
fb20516
@liquidsec
oops
d634166
@liquidsec
Merge remote-tracking branch 'refs/remotes/origin/virtualhost-upgrade…
80fa122 
…' into virtualhost-upgrade
@liquidsec
fixing
6a1698f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@liquidsec