Paul Mueller
Paul Mueller
Need to make non-case sensitive, and account for non-standard locations
Odd-length keys that don't line up to a multiple of 4 (so they line up with the b64 blocks) cannot be solved properly.
Colored error messages are not retaining their color when wrapped in the error pane.
We should add additional validation around the presets, and provide more targeted error messages that pinpoint the yaml parsing issue. Also consider adding strict type checks, either through omegaconf or...
We need to report as a list since there could be multiple matches ``` {"description": "Cryptographic Product identified. Product Type: [Java Server Faces Viewstate] Product: [Ly8gp+FZKt9XsaxT5gZu41DDxO74k029z88gNBOru2jXW0g1Og+RUPdf2d8hGNTiofkD1VvmQTZAfeV+5qijOoD+SPzw6K72Y1H0sxfx5mFcfFtmqX7iN6Gq0fwLM+9PKQz88f+e7KImJqG1cz5KYhcrgT87c5Ayl03wEHvWwktTq9TcBJc4f1VnNHXVZgALGqQuETU8hYwZ1VilDmQ7J4pZbv+pvPUvzk+/e2oNeybso6TXqUrbT2Mz3k7yfe92q3pRjdxRlGxmkO9bPqNOtETlLPE5dDiZYo1U9gr8BBD=] Detecting Module: [Jsf_viewstate]", ```...
This was intentional, due to there being too many false positives. However, we should implement a solutions where the carve_regex can still get a crack at it.
Add hashcat support + carve regex to ensure identify_only will works for rails cookies investigate whether this will cause a double report via header carve + cookie check_secret()
Currently, modules have to opt in to the identity check. This check should be present automatically and have to be explicitly opted-out-of.
Make assumptions about the page when we hit the root directory or an MVC type endpoint. Further testing.