snare icon indicating copy to clipboard operation
snare copied to clipboard
verified publisher icon mushorg

Tanner "Detection Type" shows only index, unknown and xss

Open djoker77 opened this issue 1 year ago • 3 comments

Hello everyone, I recently reported an issue on the t-pot page about Tanner not identifying any other attack types than XSS. Maybe you know why this is the case. Snare and Tanner are running normally, but I tried a couple attacks like SQLi, RFI/LFI or XXE, but neither of those were detected. Instead, they were classified as index or unknown. Can you help me with this issue, or do you know the reason for this behavior? (Speculation would also help)

Issue at t-pot: https://github.com/telekom-security/tpotce/issues/1560

djoker77 avatar Jun 02 '24 23:06 djoker77

Hi,

please make sure you have other emulators "enabled" on the Tanner side

afeena avatar Jun 10 '24 19:06 afeena

Hi, thanks for the reply, I see that the emulators are enabled, I just enabled another emulator in the Tanner emulator configuration of the Tpot installation. The rest were left on enabled.

djoker77 avatar Jun 10 '24 22:06 djoker77

Hi, sorry for the annoyance, but have you got any other explanation for this problem?

djoker77 avatar Jun 17 '24 14:06 djoker77