fixed #1107

Author: caffix

engine/plugins/service_discovery/http_probes/plugin.go

@@ -8,9 +8,7 @@ import (
 	"context"
 	"crypto/x509"
 	"fmt"
-	"hash/maphash"
 	"log/slog"
-	"sync"
 	"time"
 
 	"github.com/owasp-amass/amass/v5/engine/plugins/support"
@@ -19,18 +17,16 @@ import (
 	dbt "github.com/owasp-amass/asset-db/types"
 	oam "github.com/owasp-amass/open-asset-model"
 	oamcert "github.com/owasp-amass/open-asset-model/certificate"
-	"github.com/owasp-amass/open-asset-model/general"
-	"github.com/owasp-amass/open-asset-model/platform"
+	oamgen "github.com/owasp-amass/open-asset-model/general"
+	oamplat "github.com/owasp-amass/open-asset-model/platform"
 )
 
 type httpProbing struct {
-	name     string
-	log      *slog.Logger
-	fqdnend  *fqdnEndpoint
-	ipaddr   *ipaddrEndpoint
-	source   *et.Source
-	hash     maphash.Hash
-	servlock sync.Mutex
+	name    string
+	log     *slog.Logger
+	fqdnend *fqdnEndpoint
+	ipaddr  *ipaddrEndpoint
+	source  *et.Source
 }
 
 func NewHTTPProbing() et.Plugin {
@@ -48,7 +44,6 @@ func (hp *httpProbing) Name() string {
 }
 
 func (hp *httpProbing) Start(r et.Registry) error {
-	hp.hash.SetSeed(maphash.MakeSeed())
 	hp.log = r.Log().WithGroup("plugin").With("name", hp.name)
 
 	hp.fqdnend = &fqdnEndpoint{
@@ -117,10 +112,8 @@ func (hp *httpProbing) query(e *et.Event, entity *dbt.Entity, target string, por
 
 func (hp *httpProbing) store(e *et.Event, resp *amasshttp.Response, entity *dbt.Entity, port int) []*support.Finding {
 	addr := entity.Asset.Key()
+	serv := support.ServiceWithIdentifier(addr, port)
 
-	hp.servlock.Lock()
-	serv := support.ServiceWithIdentifier(&hp.hash, e.Session.ID().String(), addr)
-	hp.servlock.Unlock()
 	serv.Type = "web-service"
 	serv.Output = resp.Body
 	serv.OutputLen = int(resp.Length)
@@ -136,7 +129,7 @@ func (hp *httpProbing) store(e *et.Event, resp *amasshttp.Response, entity *dbt.
 		}
 	}
 
-	portrel := &general.PortRelation{
+	portrel := &oamgen.PortRelation{
 		Name:       fmt.Sprintf("tcp_port_%d", port),
 		PortNumber: port,
 		Protocol:   "TCP",
@@ -147,7 +140,7 @@ func (hp *httpProbing) store(e *et.Event, resp *amasshttp.Response, entity *dbt.
 		return findings
 	}
 
-	serv, valid := s.Asset.(*platform.Service)
+	serv, valid := s.Asset.(*oamplat.Service)
 	if !valid {
 		return findings
 	}
@@ -168,7 +161,7 @@ func (hp *httpProbing) store(e *et.Event, resp *amasshttp.Response, entity *dbt.
 			To:       firstAsset,
 			ToName:   c.SerialNumber,
 			ToMeta:   firstCert,
-			Rel:      &general.SimpleRelation{Name: "certificate"},
+			Rel:      &oamgen.SimpleRelation{Name: "certificate"},
 		})
 	}
 	return findings
@@ -215,7 +208,7 @@ func (hp *httpProbing) createCertificates(sess et.Session, resp *amasshttp.Respo
 				To:       a,
 				ToName:   c.SerialNumber,
 				ToMeta:   cert,
-				Rel:      &general.SimpleRelation{Name: "issuing_certificate"},
+				Rel:      &oamgen.SimpleRelation{Name: "issuing_certificate"},
 			})
 		}
 		prev = a

engine/plugins/support/database.go

@@ -17,9 +17,9 @@ import (
 	oam "github.com/owasp-amass/open-asset-model"
 	oamcert "github.com/owasp-amass/open-asset-model/certificate"
 	oamdns "github.com/owasp-amass/open-asset-model/dns"
-	"github.com/owasp-amass/open-asset-model/general"
+	oamgen "github.com/owasp-amass/open-asset-model/general"
 	oamnet "github.com/owasp-amass/open-asset-model/network"
-	"github.com/owasp-amass/open-asset-model/platform"
+	oamplat "github.com/owasp-amass/open-asset-model/platform"
 )
 
 func StoreFQDNsWithSource(session et.Session, names []string, src *et.Source, plugin, handler string) []*dbt.Entity {
@@ -35,7 +35,7 @@ func StoreFQDNsWithSource(session et.Session, names []string, src *et.Source, pl
 	for _, name := range names {
 		if a, err := session.DB().CreateAsset(ctx, &oamdns.FQDN{Name: name}); err == nil && a != nil {
 			results = append(results, a)
-			_, _ = session.DB().CreateEntityProperty(ctx, a, &general.SourceProperty{
+			_, _ = session.DB().CreateEntityProperty(ctx, a, &oamgen.SourceProperty{
 				Source:     src.Name,
 				Confidence: src.Confidence,
 			})
@@ -60,13 +60,13 @@ func StoreEmailsWithSource(session et.Session, emails []string, src *et.Source,
 	for _, e := range emails {
 		email := strings.ToLower(e)
 
-		if a, err := session.DB().CreateAsset(ctx, &general.Identifier{
-			UniqueID: fmt.Sprintf("%s:%s", general.EmailAddress, email),
+		if a, err := session.DB().CreateAsset(ctx, &oamgen.Identifier{
+			UniqueID: fmt.Sprintf("%s:%s", oamgen.EmailAddress, email),
 			ID:       email,
-			Type:     general.EmailAddress,
+			Type:     oamgen.EmailAddress,
 		}); err == nil && a != nil {
 			results = append(results, a)
-			_, _ = session.DB().CreateEntityProperty(ctx, a, &general.SourceProperty{
+			_, _ = session.DB().CreateEntityProperty(ctx, a, &oamgen.SourceProperty{
 				Source:     src.Name,
 				Confidence: src.Confidence,
 			})
@@ -86,7 +86,7 @@ func MarkAssetMonitored(session et.Session, asset *dbt.Entity, src *et.Source) {
 	ctx, cancel := context.WithTimeout(session.Ctx(), 3*time.Second)
 	defer cancel()
 
-	_, _ = session.DB().CreateEntityProperty(ctx, asset, general.SimpleProperty{
+	_, _ = session.DB().CreateEntityProperty(ctx, asset, oamgen.SimpleProperty{
 		PropertyName:  "last_monitored",
 		PropertyValue: src.Name,
 	})
@@ -111,13 +111,13 @@ func AssetMonitoredWithinTTL(session et.Session, asset *dbt.Entity, src *et.Sour
 	return false
 }
 
-func CreateServiceAsset(session et.Session, src *dbt.Entity, rel oam.Relation, serv *platform.Service, cert *oamcert.TLSCertificate) (*dbt.Entity, error) {
+func CreateServiceAsset(session et.Session, src *dbt.Entity, rel oam.Relation, serv *oamplat.Service, cert *oamcert.TLSCertificate) (*dbt.Entity, error) {
 	var srvs []*dbt.Entity
 
 	ctx, cancel := context.WithTimeout(session.Ctx(), 30*time.Second)
 	defer cancel()
 
-	if rport, ok := rel.(*general.PortRelation); ok && src != nil && serv != nil {
+	if rport, ok := rel.(*oamgen.PortRelation); ok && src != nil && serv != nil {
 		srcs := []*dbt.Entity{src}
 
 		if _, ok := src.Asset.(*oamdns.FQDN); ok {
@@ -137,10 +137,10 @@ func CreateServiceAsset(session et.Session, src *dbt.Entity, rel oam.Relation, s
 		for _, s := range srcs {
 			if edges, err := session.DB().OutgoingEdges(ctx, s, time.Time{}); err == nil && len(edges) > 0 {
 				for _, edge := range edges {
-					if eport, ok := edge.Relation.(*general.PortRelation); ok &&
+					if eport, ok := edge.Relation.(*oamgen.PortRelation); ok &&
 						eport.PortNumber == rport.PortNumber && strings.EqualFold(eport.Protocol, rport.Protocol) {
 						if to, err := session.DB().FindEntityById(ctx, edge.ToEntity.ID); err == nil && to != nil {
-							if srv, ok := to.Asset.(*platform.Service); ok && srv.OutputLen != 0 && srv.OutputLen == serv.OutputLen {
+							if srv, ok := to.Asset.(*oamplat.Service); ok && srv.OutputLen != 0 && srv.OutputLen == serv.OutputLen {
 								srvs = append(srvs, to)
 							}
 						}
@@ -154,7 +154,7 @@ func CreateServiceAsset(session et.Session, src *dbt.Entity, rel oam.Relation, s
 	for _, srv := range srvs {
 		var num int
 
-		s, valid := srv.Asset.(*platform.Service)
+		s, valid := srv.Asset.(*oamplat.Service)
 		if !valid {
 			continue
 		}

engine/plugins/support/normalization.go

@@ -6,7 +6,8 @@ package support
 
 import (
 	"crypto/x509"
-	"hash/maphash"
+	"encoding/hex"
+	"hash/fnv"
 	"net/url"
 	"strconv"
 	"strings"
@@ -16,13 +17,13 @@ import (
 	fnparser "github.com/caffix/fullname_parser"
 	"github.com/nyaruka/phonenumbers"
 	oamcert "github.com/owasp-amass/open-asset-model/certificate"
-	"github.com/owasp-amass/open-asset-model/contact"
-	"github.com/owasp-amass/open-asset-model/people"
-	"github.com/owasp-amass/open-asset-model/platform"
+	oamcon "github.com/owasp-amass/open-asset-model/contact"
+	oampeop "github.com/owasp-amass/open-asset-model/people"
+	oamplat "github.com/owasp-amass/open-asset-model/platform"
 	oamurl "github.com/owasp-amass/open-asset-model/url"
 )
 
-func FullNameToPerson(raw string) *people.Person {
+func FullNameToPerson(raw string) *oampeop.Person {
 	if raw == "" {
 		return nil
 	}
@@ -51,7 +52,7 @@ func FullNameToPerson(raw string) *people.Person {
 		fullname += ", " + name.Suffix
 	}
 
-	return &people.Person{
+	return &oampeop.Person{
 		ID:         fullname,
 		FullName:   fullname,
 		FirstName:  name.First,
@@ -60,7 +61,7 @@ func FullNameToPerson(raw string) *people.Person {
 	}
 }
 
-func PhoneToOAMPhone(phone, ext, country string) *contact.Phone {
+func PhoneToOAMPhone(phone, ext, country string) *oamcon.Phone {
 	if phone == "" {
 		return nil
 	}
@@ -82,7 +83,7 @@ func PhoneToOAMPhone(phone, ext, country string) *contact.Phone {
 		raw += " Ext. " + ext
 	}
 
-	return &contact.Phone{
+	return &oamcon.Phone{
 		Raw:           raw,
 		E164:          e164,
 		CountryAbbrev: strings.ToUpper(country),
@@ -200,13 +201,21 @@ func TimeToJSONString(t *time.Time) string {
 	return t.UTC().Format("2006-01-02T15:04:05Z07:00")
 }
 
-func ServiceWithIdentifier(h *maphash.Hash, sessionid, address string) *platform.Service {
-	_, _ = h.WriteString(sessionid + address)
-	serv := &platform.Service{
-		ID: address + strconv.Itoa(int(h.Sum64())),
-	}
-	h.Reset()
-	return serv
+func ServiceWithIdentifier(address string, port int) *oamplat.Service {
+	pstr := strconv.Itoa(port)
+	name := address + ":" + pstr
+	hashstr := Hash64Hex(name)
+
+	return &oamplat.Service{ID: name + ":" + hashstr}
+}
+
+func Hash64Hex(s string) string {
+	h := fnv.New64a()
+	_, _ = h.Write([]byte(s))
+	var b [8]byte
+	sum := h.Sum(nil) // 8 bytes
+	copy(b[:], sum)
+	return hex.EncodeToString(b[:]) // 16 hex chars
 }
 
 func X509ToOAMTLSCertificate(cert *x509.Certificate) *oamcert.TLSCertificate {