From ed4ed7db8e12342763c811492999d0048dffa08f Mon Sep 17 00:00:00 2001
From: "Mark E. Haase" <mhaase@mitre.org>
Date: Thu, 17 Nov 2022 15:34:03 -0500
Subject: [PATCH] Fix handling of default values for scanners (fixes #60)

The default values for dropdowns and checkboxes were not being
populated, and then the client side was initializing them to blank
strings, which caused the default values to be wrong for script and
pingless fields. This commit initializes default values for these field
types, removes the int() coercion for pingless, and changes how the
client side intializes values from default (since "false" is a valid
default).
---
 app/pathfinder_svc.py     | 2 +-
 scanners/fields.py        | 6 ++++--
 scanners/nmap/scanner.py  | 2 +-
 templates/pathfinder.html | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/app/pathfinder_svc.py b/app/pathfinder_svc.py
index c76ea3f..48715e0 100644
--- a/app/pathfinder_svc.py
+++ b/app/pathfinder_svc.py
@@ -174,7 +174,7 @@ def enrich_report(self, report):
                 cves = self.host_enrich(host.os)
                 if cves:
                     host.cves.append(cves)
-        report.hosts[key] = host
+            report.hosts[key] = host
         return report
 
     def software_enrich(self, software):
diff --git a/scanners/fields.py b/scanners/fields.py
index 5d132c0..5bc5e35 100644
--- a/scanners/fields.py
+++ b/scanners/fields.py
@@ -7,16 +7,18 @@ def __init__(self, param, label=None, default=None):
 
 
 class PulldownField:
-    def __init__(self, param, values, label=None, prompt=None):
+    def __init__(self, param, values, label=None, prompt=None, default=None):
         self.type = 'pulldown'
         self.param = param
         self.name = label or param
         self.values = values
         self.prompt = prompt
+        self.default = values[0] if default is None else default
 
 
 class CheckboxField:
-    def __init__(self, param, label=None):
+    def __init__(self, param, label=None, default=None):
         self.type = 'checkbox'
         self.param = param
         self.name = label or param
+        self.default = False if default is None else default
diff --git a/scanners/nmap/scanner.py b/scanners/nmap/scanner.py
index bfc349b..71656b1 100644
--- a/scanners/nmap/scanner.py
+++ b/scanners/nmap/scanner.py
@@ -56,7 +56,7 @@ async def scan(self):
             script_args = (
                 "--script-args %s" % self.script_args if self.script_args else ""
             )
-            no_ping = "-Pn" if int(self.pingless) else ""
+            no_ping = "-Pn" if self.pingless else ""
             ports = "-p %s" % self.ports if self.ports else ""
             command = "nmap --script %s %s -sV %s -oX %s %s %s" % (
                 self.format_script(self.script),
diff --git a/templates/pathfinder.html b/templates/pathfinder.html
index 2fbea52..4ad1dfb 100644
--- a/templates/pathfinder.html
+++ b/templates/pathfinder.html
@@ -302,7 +302,7 @@ <h2>Create an Adversary</h2>
                 response.fields.forEach((field) => {
                     this.scannerFields.push({
                         ...field,
-                        value: field.default || ''
+                        value: field.default === null ? '' : field.default
                     })
                 });
             } catch(error) {