hunt consolidate categories

blacklanternsecurity · Oct 17, 2024 · cedb4e6 · cedb4e6
1 parent e431348
commit cedb4e6
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 15 deletions.
diff --git a/bbot/modules/hunt.py b/bbot/modules/hunt.py
@@ -284,21 +284,29 @@ class hunt(BaseModule):
 
     async def handle_event(self, event):
         p = event.data["name"]
+        matching_categories = []
+
+        # Collect all matching categories
         for k in hunt_param_dict.keys():
             if p.lower() in hunt_param_dict[k]:
+                matching_categories.append(k)
 
-                description = f"Found potentially interesting parameter. Name: [{p}] Parameter Type: [{event.data['type']}] Category: [{k.upper()}]"
-                if (
-                    "original_value" in event.data.keys()
-                    and event.data["original_value"] != ""
-                    and event.data["original_value"] != None
-                ):
-                    description += (
-                        f" Original Value: [{self.helpers.truncate_string(str(event.data['original_value']),200)}]"
-                    )
+        if matching_categories:
+            # Create a comma-separated string of categories
+            category_str = ", ".join(matching_categories)
+            description = f"Found potentially interesting parameter. Name: [{p}] Parameter Type: [{event.data['type']}] Categories: [{category_str}]"
+
+            if (
+                "original_value" in event.data.keys()
+                and event.data["original_value"] != ""
+                and event.data["original_value"] is not None
+            ):
+                description += (
+                    f" Original Value: [{self.helpers.truncate_string(str(event.data['original_value']), 200)}]"
+                )
 
-                data = {"host": str(event.host), "description": description}
-                url = event.data.get("url", "")
-                if url:
-                    data["url"] = url
-                await self.emit_event(data, "FINDING", event)
+            data = {"host": str(event.host), "description": description}
+            url = event.data.get("url", "")
+            if url:
+                data["url"] = url
+            await self.emit_event(data, "FINDING", event)
diff --git a/bbot/test/test_step_2/module_tests/test_module_hunt.py b/bbot/test/test_step_2/module_tests/test_module_hunt.py
@@ -17,6 +17,22 @@ def check(self, module_test, events):
         assert any(
             e.type == "FINDING"
             and e.data["description"]
-            == "Found potentially interesting parameter. Name: [cipher] Parameter Type: [GETPARAM] Category: [INSECURE CRYPTOGRAPHY] Original Value: [xor]"
+            == "Found potentially interesting parameter. Name: [cipher] Parameter Type: [GETPARAM] Categories: [Insecure Cryptography] Original Value: [xor]"
+            for e in events
+        )
+
+
+class TestHunt_Multiple(TestHunt):
+
+    async def setup_after_prep(self, module_test):
+        expect_args = {"method": "GET", "uri": "/"}
+        respond_args = {"response_data": '<html><a href="/hackme.php?id=1234">ping</a></html>'}
+        module_test.set_expect_requests(expect_args=expect_args, respond_args=respond_args)
+
+    def check(self, module_test, events):
+        assert any(
+            e.type == "FINDING"
+            and e.data["description"]
+            == "Found potentially interesting parameter. Name: [id] Parameter Type: [GETPARAM] Categories: [Insecure Direct Object Reference, SQL Injection, Server-Side Template Injection] Original Value: [1234]"
             for e in events
         )