is_http_accessible hard condition leading to false negative, fixes #56

Author: p0dalirius

apachetomcatscanner/utils/network.py

@@ -21,6 +21,15 @@
 
 
 def is_target_a_windows_machine(target) -> bool:
+    """
+    Check if the target is a Windows machine.
+
+    Args:
+        target: The target to check.
+
+    Returns:
+        True if the target is a Windows machine, False otherwise.
+    """
     # if port 135 and 445 open
     if is_port_open(target, 135) and is_port_open(target, 445):
         return True
@@ -29,6 +38,15 @@ def is_target_a_windows_machine(target) -> bool:
 
 
 def is_target_a_windows_domain_controller(target) -> bool:
+    """
+    Check if the target is a Windows domain controller.
+
+    Args:
+        target: The target to check.
+
+    Returns:
+        True if the target is a Windows domain controller, False otherwise.
+    """
     # if port 135 and 445 and 88 open
     if is_target_a_windows_machine(target) and is_port_open(target, 88):
         return True
@@ -37,6 +55,19 @@ def is_target_a_windows_domain_controller(target) -> bool:
 
 
 def is_port_open(target, port) -> bool:
+    """
+    Check if the port is open on the target.
+
+    Args:
+        target: The target to check.
+        port: The port to check.
+
+    Returns:
+        True if the port is open on the target, False otherwise.
+
+    Raises:
+        Exception: If an error occurs while checking if the port is open on the target.
+    """
     with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
         s.settimeout(0.1)
         # Non-existant domains cause a lot of errors, added error handling
@@ -47,6 +78,21 @@ def is_port_open(target, port) -> bool:
 
 
 def is_http_accessible(target, port, config, scheme="http"):
+    """
+    Check if the target is accessible via HTTP.
+
+    Args:
+        target: The target to check.
+        port: The port to check.
+        config: The config object.
+        scheme: The scheme to use.
+
+    Returns:
+        True if the target is accessible via HTTP, False otherwise.
+
+    Raises:
+        Exception: If an error occurs while checking if the target is accessible via HTTP.
+    """
     url = "%s://%s:%d/" % (scheme, target, port)
     try:
         r = requests.get(
@@ -56,7 +102,7 @@ def is_http_accessible(target, port, config, scheme="http"):
             headers=config.request_http_headers,
             verify=(not (config.request_no_check_certificate)),
         )
-        return r.status_code == 200
+        return True
     except Exception as e:
         config.debug(
             "Error in is_http_accessible('%s', %d, '%s'): %s "

apachetomcatscanner/utils/scan.py

@@ -28,6 +28,18 @@
 
 
 def is_tomcat_manager_accessible(url_manager, config):
+    """
+    Check if the Tomcat manager is accessible.
+
+    Args:
+        url_manager: The URL to check.
+        config: The config object.
+
+    Returns:
+        True if the Tomcat manager is accessible, False otherwise.
+    Raises:
+        Exception: If an error occurs while checking if the Tomcat manager is accessible.
+    """
     try:
         r = requests.get(
             url_manager,
@@ -48,6 +60,18 @@ def is_tomcat_manager_accessible(url_manager, config):
 
 
 def get_version_from_malformed_http_request(url, config):
+    """
+    Get the version of the Apache Tomcat server from a malformed HTTP request.
+
+    Args:
+        url: The URL to check.
+        config: The config object.
+
+    Returns:
+        The version of the Apache Tomcat server, None if not found.
+    Raises:
+        Exception: If an error occurs while getting the version of the Apache Tomcat server from a malformed HTTP request.
+    """
     version = None
     url_depth = len(url.split("/")[3:])
     test_urls = [
@@ -106,6 +130,18 @@ def get_version_from_malformed_http_request(url, config):
 
 
 def try_credentials(url_manager, config):
+    """
+    Try to authenticate to the Tomcat manager.
+
+    Args:
+        url_manager: The URL to check.
+        config: The config object.
+
+    Returns:
+        A list of found credentials, None if not found.
+    Raises:
+        Exception: If an error occurs while trying to authenticate to the Tomcat manager.
+    """
     found_credentials = []
     try:
         for credentials in config.credentials:
@@ -143,6 +179,7 @@ def process_url(scheme, target, port, url, config, reporter):
         url,
         url + "/manager/html",
         url + "/..;/manager/html",
+        url + "..%09/manager/text",
         baseurl + "/manager/html",
         baseurl + "/..;/manager/html",
         url + "/" + "..;/" * url_depth + "manager/html",

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "apachetomcatscanner"
-version = "3.8.0"
+version = "3.8.1"
 description = ""
 dynamic = ["scripts"]
 readme  = "README.md"

requirements.txt

@@ -1,4 +1,4 @@
-sectools>=1.5.0
+sectools>=1.5.1
 xlsxwriter
 urllib3<2
 requests==2.29.0

setup.py

@@ -14,7 +14,7 @@
 
 setuptools.setup(
     name="apachetomcatscanner",
-    version="3.8.0",
+    version="3.8.1",
     description="",
     url="https://github.com/p0dalirius/ApacheTomcatScanner",
     author="Podalirius",