Fix nmap-ports regex pattern not allowing 80 (#3651)

Co-authored-by: Jan Klopper <[email protected]>

boefjes/boefjes/plugins/kat_nmap_ports/schema.json

@@ -6,7 +6,7 @@
       "title": "PORTS",
       "maxLength": 2048,
       "type": "string",
-      "pattern": "^((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d))$|^((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d))(,((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{0,4}|\\d)))+$",
+      "pattern": "^((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4}))$|^((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4}))(,((6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})|(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})-(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|\\d{1,4})))+$",
       "description": "Specify the ports that need to be scanned (nmap format). Single ports are comma separated, port ranges can be specified using the dash symbol. For example: 22,111,137,80-100 will scan ports 22, 111, 137 and the port range 80 up to 100."
     }
   },

boefjes/tests/integration/test_api.py

@@ -251,6 +251,11 @@ def test_basic_settings_api(test_client, organisation):
     response = test_client.get(f"/v1/organisations/{organisation.id}/{plug}/settings")
     assert response.json() == {}
 
+    nmap_ports = "nmap-ports"
+    response = test_client.put(f"/v1/organisations/{organisation.id}/{nmap_ports}/settings", json={"PORTS": "80"})
+    assert response.status_code == 200
+    assert test_client.get(f"/v1/organisations/{organisation.id}/{nmap_ports}/settings").json() == {"PORTS": "80"}
+
 
 def test_clone_settings(test_client, organisation):
     plug = "dns-records"

boefjes/tests/plugins/test_nmap.py

@@ -26,7 +26,7 @@ def test_normalizer():
 
 
 def get_pattern():
-    max_65535 = r"(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]\d{0,4}|\d)"
+    max_65535 = r"(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]\d{4}|\d{1,4})"
     max_65535_or_port_range = f"({max_65535}|{max_65535}-{max_65535})"
     one_or_comma_separated = f"^{max_65535_or_port_range}$|^{max_65535_or_port_range}(,{max_65535_or_port_range})+$"
 
@@ -35,7 +35,7 @@ def get_pattern():
 
 def test_single_port_pattern(local_repository):
     schema = local_repository.schema("nmap-ports")
-    for single_port in ["1", "2", "20", "200", "2000", "20000", "65535"]:
+    for single_port in ["1", "2", "20", "80", "200", "2000", "20000", "65535"]:
         assert get_pattern().search(single_port) is not None
         validate(instance={"PORTS": single_port}, schema=schema)
 
@@ -64,7 +64,7 @@ def test_port_range_pattern(local_repository):
 
 def test_combined(local_repository):
     schema = local_repository.schema("nmap-ports")
-    for port_range in ["1,1-65000", "1,2,234,4300-5999,1"]:
+    for port_range in ["1,1-65000", "1,2,234,4300-5999,1", "22,111,137,80-100"]:
         assert get_pattern().search(port_range) is not None
         validate(instance={"PORTS": port_range}, schema=schema)