From e62b8afffa5b1c0a4e32e7e974d2ee88b0036852 Mon Sep 17 00:00:00 2001 From: Spencer McIntyre Date: Mon, 25 Mar 2024 10:41:34 -0400 Subject: [PATCH 1/3] Add a spec for what is broken --- spec/rex/socket_spec.rb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/spec/rex/socket_spec.rb b/spec/rex/socket_spec.rb index f2c9ca0..30d5c39 100644 --- a/spec/rex/socket_spec.rb +++ b/spec/rex/socket_spec.rb @@ -342,6 +342,13 @@ end end + context 'with a name containing underscores' do + let(:try) { '_ldap._tcp.msflab.local' } + it 'should return true' do + expect(name).to eq true + end + end + context 'with a fully qualified domain name' do let(:try) { "www.metasploit.com" } it "should return true" do From c43f9506295a6429a911ec1eccf594b7694e4b27 Mon Sep 17 00:00:00 2001 From: Spencer McIntyre Date: Mon, 25 Mar 2024 10:43:30 -0400 Subject: [PATCH 2/3] Hostnames can contain spaces per RFC 2181 --- lib/rex/socket.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rex/socket.rb b/lib/rex/socket.rb index 7fd2665..ced0adb 100644 --- a/lib/rex/socket.rb +++ b/lib/rex/socket.rb @@ -85,7 +85,7 @@ def self.create_ip(opts = {}) # # see: https://debugpointer.com/regex/regex-for-dns-name - MATCH_DNS_NAME = /^(((?!-))(xn--)?([a-z0-9][a-z0-9\-]{0,59})?[a-z0-9]\.)*(xn--)?([a-z0-9\-]{1,61}|[a-z0-9-]{1,30}\.[a-z]{2,})$/i + MATCH_DNS_NAME = /^(((?!-))(xn--)?([a-z0-9_][a-z0-9_\-]{0,59})?[a-z0-9_]\.)*(xn--)?([a-z0-9_\-]{1,61}|[a-z0-9_-]{1,30}\.[a-z]{2,})$/i MATCH_IPV6 = /^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/ From 9937ebbeac899a68c831c3f8a953a4465c149f60 Mon Sep 17 00:00:00 2001 From: Spencer McIntyre Date: Mon, 25 Mar 2024 13:07:37 -0400 Subject: [PATCH 3/3] Allow trailing dots in the domain name --- lib/rex/socket.rb | 2 +- spec/rex/socket_spec.rb | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/lib/rex/socket.rb b/lib/rex/socket.rb index ced0adb..8e83637 100644 --- a/lib/rex/socket.rb +++ b/lib/rex/socket.rb @@ -133,7 +133,7 @@ def self.support_ipv6? # def self.is_name?(name) return false if name.length > 253 - name =~ MATCH_DNS_NAME ? (name =~ /\s/).nil? : false + name.delete_suffix('.') =~ MATCH_DNS_NAME ? (name =~ /\s/).nil? : false end # diff --git a/spec/rex/socket_spec.rb b/spec/rex/socket_spec.rb index 30d5c39..1bd619a 100644 --- a/spec/rex/socket_spec.rb +++ b/spec/rex/socket_spec.rb @@ -350,9 +350,18 @@ end context 'with a fully qualified domain name' do - let(:try) { "www.metasploit.com" } - it "should return true" do - expect(name).to eq true + context 'and a trailing dot' do + let(:try) { "www.metasploit.com." } + it "should return true" do + expect(name).to eq true + end + end + + context 'and no trailing dot' do + let(:try) { "www.metasploit.com" } + it "should return true" do + expect(name).to eq true + end end end