Skip to content

Add stop_at_first_success to Prevent Duplicate Results (Fixes #1513) #1514

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Aarush289 wants to merge 18 commits into
base: master
Choose a base branch
from
+56 −21
Open

Add stop_at_first_success to Prevent Duplicate Results (Fixes #1513) #1514

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
0cc045d
Merge pull request #4 from OWASP/master
Aarush289 Jan 20, 2026
2a32fe2
Merge pull request #8 from OWASP/master
Aarush289 Feb 5, 2026
4090ae3
Merge pull request #9 from OWASP/master
Aarush289 Feb 8, 2026
2a0b83e
Add FortiWeb authentication bypass vulnerability check
Aarush289 Feb 10, 2026
b1ffe4e
Remove FortiWeb auth bypass vulnerability entry
Aarush289 Feb 10, 2026
6db5ee7
Fix vulnerability name in wp_plugin_cve_2021_38314.yaml
Aarush289 Feb 10, 2026
6fd226a
Rename CVE identifier from 39314 to 39320
Aarush289 Feb 10, 2026
03675d5
Merge pull request #10 from OWASP/master
Aarush289 Feb 12, 2026
0d3399e
Merge pull request #13 from OWASP/master
Aarush289 Feb 18, 2026
ace2db9
Merge pull request #14 from OWASP/master
Aarush289 Feb 23, 2026
f0df79b
Stop_at_first_match feature added
Aarush289 Mar 7, 2026
14b1948
stop removedfrom waf module
Aarush289 Mar 7, 2026
d71fd77
Merge pull request #21 from OWASP/master
Aarush289 Apr 14, 2026
02fd3cd
added feature
Aarush289 Apr 14, 2026
c49eaad
pre-commit done
Aarush289 Apr 14, 2026
cb30538
Coderabbit concerns addressed
Aarush289 Apr 14, 2026
8e7df0b
Port added to query database
Aarush289 Apr 14, 2026
07d0385
Merge branch 'master' into Add_module_and_flow
Aarush289 Apr 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions nettacker/core/lib/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,13 @@ def process_conditions(
):
# Remove sensitive keys from headers before submitting to DB
event = remove_sensitive_header_keys(event)
if "stop_at_first_success" in event["response"]:
event_name = event["response"]["stop_at_first_success"]
existing = find_temp_events(
target, module_name, scan_id, event_name, port=event.get("ports", "")
)
if existing:
return False
if "save_to_temp_events_only" in event.get("response", ""):
submit_temp_logs_to_db(
{
Expand All @@ -135,6 +142,21 @@ def process_conditions(
"data": response,
}
)
if event["response"]["conditions_results"] and "stop_at_first_success" in event.get(
"response", ""
):
submit_temp_logs_to_db(
{
"date": datetime.now(),
"target": target,
"module_name": module_name,
"scan_id": scan_id,
"event_name": event["response"]["stop_at_first_success"],
"port": event.get("ports", ""),
"event": event,
"data": response,
}
)
if event["response"]["conditions_results"] and "save_to_temp_events_only" not in event.get(
"response", ""
):
Expand Down Expand Up @@ -270,6 +292,13 @@ def run(
"""Engine entry point."""
backup_method = copy.deepcopy(sub_step["method"])
backup_response = copy.deepcopy(sub_step["response"])
if "stop_at_first_success" in backup_response:
event_name = backup_response["stop_at_first_success"]
existing = find_temp_events(
target, module_name, scan_id, event_name, port=sub_step.get("ports", "")
)
if existing:
return False
del sub_step["method"]
del sub_step["response"]

Comment thread
coderabbitai[bot] marked this conversation as resolved.
Expand Down
48 changes: 27 additions & 21 deletions nettacker/database/db.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -403,7 +403,7 @@ def submit_temp_logs_to_db(log):
return False


def find_temp_events(target, module_name, scan_id, event_name):
def find_temp_events(target, module_name, scan_id, event_name, port=None):
"""
select all events by scan_unique id, target, module_name

Expand All @@ -420,16 +420,24 @@ def find_temp_events(target, module_name, scan_id, event_name):
if isinstance(session, tuple):
connection, cursor = session
try:
cursor.execute(
"""
SELECT event
FROM temp_events
WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ?
LIMIT 1
""",
(target, module_name, scan_id, event_name),
)

if port is not None:
cursor.execute(
"""
SELECT event FROM temp_events
WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ? AND port = ?
LIMIT 1
""",
(target, module_name, scan_id, event_name, json.dumps(port)),
)
else:
cursor.execute(
"""
SELECT event FROM temp_events
WHERE target = ? AND module_name = ? AND scan_unique_id = ? AND event_name = ?
LIMIT 1
""",
(target, module_name, scan_id, event_name),
)
row = cursor.fetchone()
if row:
return row[0]
Expand All @@ -444,17 +452,15 @@ def find_temp_events(target, module_name, scan_id, event_name):
except Exception:
pass
else:
result = (
session.query(TempEvents)
.filter(
TempEvents.target == target,
TempEvents.module_name == module_name,
TempEvents.scan_unique_id == scan_id,
TempEvents.event_name == event_name,
)
.first()
query = session.query(TempEvents).filter(
TempEvents.target == target,
TempEvents.module_name == module_name,
TempEvents.scan_unique_id == scan_id,
TempEvents.event_name == event_name,
)

if port is not None:
query = query.filter(TempEvents.port == json.dumps(port))
result = query.first()
return result.event if result else []


Expand Down
Loading