Merge branch 'master' into master

zmap · Jan 25, 2025 · 0fd9121 · 0fd9121
2 parents c81d4d2 + 22e39fd
commit 0fd9121
Show file tree

Hide file tree

Showing 83 changed files with 481 additions and 432 deletions.
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -60,7 +60,7 @@ jobs:
       - uses: docker/setup-buildx-action@v3
       - name: Build and push by digest
         id: build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           cache-from: type=gha
@@ -70,7 +70,7 @@ jobs:
           outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
 
       - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@v1
+        uses: actions/attest-build-provenance@v2
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
           subject-digest: ${{ steps.build.outputs.digest }}
@@ -146,7 +146,7 @@ jobs:
           echo "IMAGE_DIGEST=$IMAGE_DIGEST" >> $GITHUB_OUTPUT
 
       - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@v1
+        uses: actions/attest-build-provenance@v2
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
           subject-digest: ${{ steps.inspect.outputs.IMAGE_DIGEST }}

diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -37,7 +37,7 @@ jobs:
 
   integration-test:
     name: Integration Test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Check out source
         uses: actions/checkout@v4
@@ -58,17 +58,16 @@ jobs:
       - name: Install dependencies
         run: |
           set -e
-          sudo wget https://github.com/jmespath/jp/releases/download/0.2.1/jp-linux-amd64 -O /usr/local/bin/jp
-          sudo chmod +x /usr/local/bin/jp
-          # Install Python 2.7
           sudo apt update
-          sudo apt install -y python2
-          curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py
-          sudo python2 get-pip.py
+          # Install latest Python
+          sudo apt install -y python3 jp python3-pip
+          python3 -m venv venv
+          source venv/bin/activate
           # Install Python dependencies
-          pip2 install --user zschema
-          pip2 install --user -r requirements.txt
+          pip install zschema
+          pip install -r requirements.txt
 
       - name: Run tests
         run: |
+          source venv/bin/activate
           make integration-test
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 ## Build image ##
-ARG GO_VERSION=1.20
-FROM golang:${GO_VERSION}-alpine3.16 as build
+ARG GO_VERSION=1.23
+FROM golang:${GO_VERSION}-alpine3.21 as build
 
 # System dependencies
 RUN apk add --no-cache make
@@ -16,7 +16,7 @@ COPY . .
 RUN make all
 
 ## Runtime image ##
-FROM alpine:3.20 as run
+FROM alpine:3.21 as run
 
 COPY --from=build /usr/src/zgrab2/cmd/zgrab2/zgrab2 /usr/bin/zgrab2
 

diff --git a/README.md b/README.md
@@ -72,17 +72,18 @@ Module specific options must be included after the module. Application specific
 
 ## Input Format
 
-Targets are specified with input files or from `stdin`, in CSV format.  Each input line has three fields:
+Targets are specified with input files or from `stdin`, in CSV format.  Each input line has up to four fields:
 
 ```text
-IP, DOMAIN, TAG
+IP, DOMAIN, TAG, PORT
 ```
 
 Each line must specify `IP`, `DOMAIN`, or both.  If only `DOMAIN` is provided, scanners perform a DNS hostname lookup to determine the IP address.  If both `IP` and `DOMAIN` are provided, scanners connect to `IP` but use `DOMAIN` in protocol-specific contexts, such as the HTTP HOST header and TLS SNI extension.
 
 If the `IP` field contains a CIDR block, the framework will expand it to one target for each IP address in the block.
 
-The `TAG` field is optional and used with the `--trigger` scanner argument.
+The `TAG` field is optional and used with the `--trigger` scanner argument. The `PORT` field is also optional, and acts
+as a per-line override for the `-p`/`--port` option.
 
 Unused fields can be blank, and trailing unused fields can be omitted entirely.  For backwards compatibility, the parser allows lines with only one field to contain `DOMAIN`.
 
@@ -93,7 +94,9 @@ These are examples of valid input lines:
 domain.com
 10.0.0.1, domain.com
 10.0.0.1, domain.com, tag
+10.0.0.1, domain.com, tag, 1234
 10.0.0.1, , tag
+10.0.0.1, , , 5678
 , domain.com, tag
 192.168.0.0/24, , tag
 

diff --git a/bin/bin.go b/bin/bin.go
@@ -114,7 +114,7 @@ func ZGrab2Main() {
 	if m, ok := flag.(*zgrab2.MultipleCommand); ok {
 		iniParser := zgrab2.NewIniParser()
 		var modTypes []string
-		var flagsReturned []interface{}
+		var flagsReturned []any
 		if m.ConfigFileName == "-" {
 			modTypes, flagsReturned, err = iniParser.Parse(os.Stdin)
 		} else {

diff --git a/conn_bytelimit_test.go b/conn_bytelimit_test.go
@@ -65,7 +65,7 @@ type readLimitTestConfig struct {
 // Call sendReceive(), and check that the input/output match, and that any expected errors / truncation occurs.
 func checkedSendReceive(t *testing.T, conn *TimeoutConnection, size int) (result error) {
 	// helper to report + return an error
-	tErrorf := func(format string, args ...interface{}) error {
+	tErrorf := func(format string, args ...any) error {
 		result = fmt.Errorf(format, args)
 		t.Error(result)
 		return result

diff --git a/go.mod b/go.mod
@@ -1,34 +1,37 @@
 module github.com/zmap/zgrab2
 
-go 1.20
+go 1.23
+
+toolchain go1.23.0
 
 require (
 	github.com/hdm/jarm-go v0.0.7
-	github.com/prometheus/client_golang v1.14.0
-	github.com/rabbitmq/amqp091-go v1.9.0
-	github.com/sirupsen/logrus v1.9.0
-	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
+	github.com/prometheus/client_golang v1.20.5
+	github.com/rabbitmq/amqp091-go v1.10.0
+	github.com/sirupsen/logrus v1.9.3
+	github.com/zmap/zcrypto v0.0.0-20250122162432-7a1cf5fc45e3
 	github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6
-	golang.org/x/crypto v0.23.0
-	golang.org/x/net v0.25.0
-	golang.org/x/sys v0.20.0
-	golang.org/x/text v0.15.0
+	golang.org/x/crypto v0.32.0
+	golang.org/x/net v0.34.0
+	golang.org/x/sys v0.29.0
+	golang.org/x/text v0.21.0
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
 	gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22
 	gopkg.in/yaml.v2 v2.4.0
 )
 
 require (
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/kr/pretty v0.2.1 // indirect
-	github.com/kr/text v0.1.0 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
-	github.com/prometheus/client_model v0.3.0 // indirect
-	github.com/prometheus/common v0.42.0 // indirect
-	github.com/prometheus/procfs v0.9.0 // indirect
-	github.com/weppos/publicsuffix-go v0.30.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/klauspost/compress v1.17.11 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.62.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/rogpeppe/go-internal v1.10.0 // indirect
+	github.com/weppos/publicsuffix-go v0.40.3-0.20241218111332-1518a6f1cb34 // indirect
 	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
+	google.golang.org/protobuf v1.36.3 // indirect
 )