[BUG] Mihari Key Error
ssnkhan opened this issue · comments
Describe the bug
A rule is consistently generating an error. Based on my limited understanding I am aware that a Shodan rule is throwing the error, but I am struggling to isolate the rule in question. I am also struggling to determine what key not found: "asn" means in the context of this rule.
A KeyError occured in background
Exception
key not found: "asn"
Backtrace
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/structs/shodan.rb:30:in fetch'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/structs/shodan.rb:30:in from dynamic!'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/structs/shodan.rb: 46: in block in from_dynamic!'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/structs/shodan.rb: 46: in map'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/structs/shodan.rb: 46: in from_dynamic!'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/analyzers/shodan.rb: 17: in "block in artifacts
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/analyzers/shodan.rb: 17: in map
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/analyzers/shodan.rb: 17: in artifacts'
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/analyzers/base.rb: 88: in normalized artifacts
/var/lib/gems/2.7.0/gems/mihari-3.9.2/lib/mihari/analyzers/Steps to reproduce
I am running a bash script running multiple rules (via the CLI).
Expected behavior
Rule should process, without error.
Actual behavior
Mihari throws an error (see above).
Screenshots
N/A -- see above.
System Information:
- OS: Ubuntu
- Ruby version: 2.7
- Mihari version: 3.9.2
Additional context
Would it be possible for Mihari errors to include the name of the offending rule at all? Would really help isolate the problematic rule.
Could you share the query triggers the error, please?
Sure: ssl:"MetasploitSelfSignedCA" http.favicon.hash:-127886975 -http.title:"Bam! Application Error".