nl-kat-coordination icon indicating copy to clipboard operation
nl-kat-coordination copied to clipboard
verified publisher icon minvws

Update oci_adapter.js, use NodeJS http modules for http calls.

Open underdarknl opened this issue 1 year ago • 2 comments

This should fix https://github.com/minvws/nl-kat-coordination/security/code-scanning/112 and https://github.com/minvws/nl-kat-coordination/security/code-scanning/111 by not building a complete bash string, but instead uses the native NodeJS functions to specify the correct arguments. I've also added an env-var option to include a custom CA file, allowing for internal (acme) signed trafic between OpenKAT modules.

Issue link

Closes https://github.com/minvws/nl-kat-coordination/security/code-scanning/112 and https://github.com/minvws/nl-kat-coordination/security/code-scanning/111

Demo

Please add some proof in the form of screenshots or screen recordings to show (off) new functionality, if there are interesting new features for end-users.

QA notes

The nikto boef should still be able to fetch jobs, and return Nikto output to bytes.

Code Checklist

  • [ ] All the commits in this PR are properly PGP-signed and verified.
  • [ ] This PR only contains functionality relevant to the issue.
  • [ ] I have written unit tests for the changes or fixes I made.
  • [ ] I have checked the documentation and made changes where necessary.
  • [ ] I have performed a self-review of my code and refactored it to the best of my abilities.
  • [ ] Tickets have been created for newly discovered issues.
  • [ ] For any non-trivial functionality, I have added integration and/or end-to-end tests.
  • [ ] I have informed others of any required .env changes files if required and changed the .env-dist accordingly.
  • [ ] I have included comments in the code to elaborate on what is not self-evident from the code itself, including references to issues and discussions online, or implicit behavior of an interface.

Checklist for code reviewers:

Copy-paste the checklist from the docs/source/templates folder into your comment.

Checklist for QA:

Copy-paste the checklist from the docs/source/templates folder into your comment.

underdarknl avatar Apr 14 '25 18:04 underdarknl

These changes seem to not work correctly if the internal addresses are ipv6. @Souf149 is seeing errors when ipv6 is enabled when connecting to the boefjes api which resolves into an ipv6 address.

underdarknl avatar Apr 22 '25 09:04 underdarknl

Quality Gate Failed Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud

sonarqubecloud[bot] avatar Apr 22 '25 10:04 sonarqubecloud[bot]