Fix handling of default values for scanners (fixes #60)

The default values for dropdowns and checkboxes were not being populated, and then the client side was initializing them to blank strings, which caused the default values to be wrong for script and pingless fields. This commit initializes default values for these field types, removes the int() coercion for pingless, and changes how the client side intializes values from default (since "false" is a valid default).
center-for-threat-informed-defense · Nov 17, 2022 · ed4ed7d · ed4ed7d
1 parent 5acb62b
commit ed4ed7d
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 5 deletions.
diff --git a/app/pathfinder_svc.py b/app/pathfinder_svc.py
@@ -174,7 +174,7 @@ def enrich_report(self, report):
                 cves = self.host_enrich(host.os)
                 if cves:
                     host.cves.append(cves)
-        report.hosts[key] = host
+            report.hosts[key] = host
         return report
 
     def software_enrich(self, software):

diff --git a/scanners/fields.py b/scanners/fields.py
@@ -7,16 +7,18 @@ def __init__(self, param, label=None, default=None):
 
 
 class PulldownField:
-    def __init__(self, param, values, label=None, prompt=None):
+    def __init__(self, param, values, label=None, prompt=None, default=None):
         self.type = 'pulldown'
         self.param = param
         self.name = label or param
         self.values = values
         self.prompt = prompt
+        self.default = values[0] if default is None else default
 
 
 class CheckboxField:
-    def __init__(self, param, label=None):
+    def __init__(self, param, label=None, default=None):
         self.type = 'checkbox'
         self.param = param
         self.name = label or param
+        self.default = False if default is None else default
diff --git a/scanners/nmap/scanner.py b/scanners/nmap/scanner.py
@@ -56,7 +56,7 @@ async def scan(self):
             script_args = (
                 "--script-args %s" % self.script_args if self.script_args else ""
             )
-            no_ping = "-Pn" if int(self.pingless) else ""
+            no_ping = "-Pn" if self.pingless else ""
             ports = "-p %s" % self.ports if self.ports else ""
             command = "nmap --script %s %s -sV %s -oX %s %s %s" % (
                 self.format_script(self.script),

diff --git a/templates/pathfinder.html b/templates/pathfinder.html
@@ -302,7 +302,7 @@ <h2>Create an Adversary</h2>
                 response.fields.forEach((field) => {
                     this.scannerFields.push({
                         ...field,
-                        value: field.default || ''
+                        value: field.default === null ? '' : field.default
                     })
                 });
             } catch(error) {