changes related to scope expansion

Author: caffix

engine/plugins/horizontals/contact.go

@@ -5,9 +5,7 @@
 package horizontals
 
 import (
-	"context"
 	"errors"
-	"time"
 
 	"github.com/owasp-amass/amass/v5/engine/plugins/support"
 	et "github.com/owasp-amass/amass/v5/engine/types"
@@ -41,14 +39,17 @@ func (h *horContact) check(e *et.Event) error {
 	if conf == -1 {
 		conf = matches.Confidence(string(oam.ContactRecord))
 	}
+	if conf == -1 {
+		return nil
+	}
 
 	since, err := support.TTLStartTime(e.Session.Config(),
 		string(oam.ContactRecord), string(oam.ContactRecord), h.plugin.name)
 	if err != nil {
 		return nil
 	}
 
-	if assocs := h.lookup(e, e.Entity, since, conf); len(assocs) > 0 {
+	if assocs := h.lookup(e, e.Entity, conf); len(assocs) > 0 {
 		var impacted []*dbt.Entity
 
 		for _, assoc := range assocs {
@@ -65,28 +66,14 @@ func (h *horContact) check(e *et.Event) error {
 	return nil
 }
 
-func (h *horContact) lookup(e *et.Event, entity *dbt.Entity, since time.Time, conf int) []*et.Association {
-	labels := []string{"organization", "location", "id"}
-
-	ctx, cancel := context.WithTimeout(e.Session.Ctx(), 5*time.Second)
-	defer cancel()
-
-	var results []*et.Association
-	if edges, err := e.Session.DB().OutgoingEdges(ctx, entity, since, labels...); err == nil && len(edges) > 0 {
-		for _, edge := range edges {
-			to, err := e.Session.DB().FindEntityById(ctx, edge.ToEntity.ID)
-			if err != nil {
-				continue
-			}
-			// check if these asset discoveries could change the scope
-			if assocs, err := e.Session.Scope().IsAssociated(&et.Association{
-				Submission:  to,
-				Confidence:  conf,
-				ScopeChange: true,
-			}); err == nil && len(assocs) > 0 {
-				results = append(results, assocs...)
-			}
-		}
+func (h *horContact) lookup(e *et.Event, asset *dbt.Entity, conf int) []*et.Association {
+	assocs, err := e.Session.Scope().IsAssociated(&et.Association{
+		Submission:  asset,
+		Confidence:  conf,
+		ScopeChange: true,
+	})
+	if err != nil {
+		return nil
 	}
-	return results
+	return assocs
 }

engine/plugins/horizontals/plugin.go

@@ -94,9 +94,13 @@ func (h *horizPlugin) Start(r et.Registry) error {
 		Name:         h.horContact.name,
 		Position:     10,
 		MaxInstances: support.MaxHandlerInstances,
-		Transforms:   []string{string(oam.ContactRecord)},
-		EventType:    oam.ContactRecord,
-		Callback:     h.horContact.check,
+		Transforms: []string{
+			string(oam.Organization),
+			string(oam.Location),
+			string(oam.Identifier),
+		},
+		EventType: oam.ContactRecord,
+		Callback:  h.horContact.check,
 	}); err != nil {
 		return err
 	}
@@ -166,16 +170,16 @@ func (h *horizPlugin) process(e *et.Event, since time.Time, assets []*dbt.Entity
 			}
 		}
 
+		_, _ = e.Session.DB().CreateEntityProperty(ctx, asset, &oamgen.SourceProperty{
+			Source:     h.source.Name,
+			Confidence: h.source.Confidence,
+		})
+
 		_ = e.Dispatcher.DispatchEvent(&et.Event{
 			Name:    asset.Asset.Key(),
 			Entity:  asset,
 			Session: e.Session,
 		})
-
-		_, _ = e.Session.DB().CreateEntityProperty(ctx, asset, &oamgen.SourceProperty{
-			Source:     h.source.Name,
-			Confidence: h.source.Confidence,
-		})
 	}
 }
 

engine/sessions/scope/assoc.go

@@ -19,6 +19,7 @@ import (
 	oam "github.com/owasp-amass/open-asset-model"
 	oamcert "github.com/owasp-amass/open-asset-model/certificate"
 	oamcon "github.com/owasp-amass/open-asset-model/contact"
+	oamdns "github.com/owasp-amass/open-asset-model/dns"
 	oamorg "github.com/owasp-amass/open-asset-model/org"
 	oamreg "github.com/owasp-amass/open-asset-model/registration"
 	"golang.org/x/net/publicsuffix"
@@ -48,13 +49,6 @@ func (s *Scope) IsAssociated(req *et.Association) ([]*et.Association, error) {
 					impacted = append(impacted, im)
 				}
 			}
-			// review all previously seen assets that provide association for scope changes
-			for size := len(impacted); size > 0; {
-				added := s.reviewAndUpdate(req)
-
-				size = len(added)
-				impacted = append(impacted, added...)
-			}
 
 			result.ImpactedAssets = impacted
 			if len(result.ImpactedAssets) > 0 {
@@ -80,43 +74,6 @@ func (s *Scope) addScopeChangesToRationale(result *et.Association) {
 	result.Rationale += ". The following assets were added to the session scope: " + strings.Join(changes, ", ")
 }
 
-func (s *Scope) reviewAndUpdate(req *et.Association) []*dbt.Entity {
-	var assocs []*dbt.Entity
-
-	ctx, cancel := context.WithTimeout(s.Session.Ctx(), 10*time.Second)
-	defer cancel()
-
-	since := s.ttlStartTime(oam.DomainRecord, oam.DomainRecord)
-	if drs, err := s.Session.DB().FindEntitiesByType(ctx, oam.DomainRecord, since, 0); err == nil && len(drs) > 0 {
-		assocs = append(assocs, drs...)
-	}
-
-	since = s.ttlStartTime(oam.IPNetRecord, oam.IPNetRecord)
-	if iprecs, err := s.Session.DB().FindEntitiesByType(ctx, oam.IPNetRecord, since, 0); err == nil && len(iprecs) > 0 {
-		assocs = append(assocs, iprecs...)
-	}
-
-	since = s.ttlStartTime(oam.AutnumRecord, oam.AutnumRecord)
-	if autnums, err := s.Session.DB().FindEntitiesByType(ctx, oam.AutnumRecord, since, 0); err == nil && len(autnums) > 0 {
-		assocs = append(assocs, autnums...)
-	}
-
-	since = s.ttlStartTime(oam.TLSCertificate, oam.TLSCertificate)
-	if certs, err := s.Session.DB().FindEntitiesByType(ctx, oam.TLSCertificate, since, 0); err == nil && len(certs) > 0 {
-		assocs = append(assocs, certs...)
-	}
-
-	var impacted []*dbt.Entity
-	for _, assoc := range s.checkRelatedAssetsforAssoc(req, assocs) {
-		for _, a := range append(assoc.ImpactedAssets, assoc.Match) {
-			if s.Add(a.Asset) {
-				impacted = append(impacted, a)
-			}
-		}
-	}
-	return impacted
-}
-
 func (s *Scope) checkRelatedAssetsforAssoc(req *et.Association, assocs []*dbt.Entity) []*et.Association {
 	var results []*et.Association
 
@@ -129,14 +86,17 @@ func (s *Scope) checkRelatedAssetsforAssoc(req *et.Association, assocs []*dbt.En
 			if req.ScopeChange {
 				impacted = append(impacted, asset)
 			}
-			if match, conf := s.IsAssetInScope(asset.Asset, req.Confidence); conf > 0 {
+
+			atype := asset.Asset.AssetType()
+			rconf := s.confidence(atype, atype)
+			if match, conf := s.IsAssetInScope(asset.Asset, rconf); conf > 0 {
 				if conf > best {
 					best = conf
 
 					aa := assoc.Asset
 					sa := req.Submission.Asset
 					msg = fmt.Sprintf("[%s: %s] is related to an asset with associative value [%s: %s], ", sa.AssetType(), sa.Key(), aa.AssetType(), aa.Key())
-					msg += fmt.Sprintf("which has a related asset [%s: %s] that was determined associated with [%s: %s] at a confidence of %d out of 100",
+					msg += fmt.Sprintf("which has a related asset [%s: %s] that is in scope: matches [%s: %s] at a confidence of %d out of 100",
 						asset.Asset.AssetType(), asset.Asset.Key(), match.AssetType(), match.Key(), conf)
 				}
 			}
@@ -168,15 +128,9 @@ func (s *Scope) assetsRelatedToAssetWithAssoc(assoc *dbt.Entity) []*dbt.Entity {
 			var found bool
 
 			switch v := a.Asset.(type) {
-			/*case *oamdns.FQDN:
-			ctx, cancel := context.WithTimeout(s.Session.Ctx(), 3*time.Second)
-			defer cancel()
-
-			since := s.ttlStartTime(oam.FQDN, oam.FQDN)
-			if ents, err := s.Session.DB().IncomingEdges(ctx, a, since, "node"); err != nil || len(ents) == 0 {
+			case *oamdns.FQDN:
 				found = true
 				results = append(results, a)
-			}*/
 			case *oamorg.Organization:
 				found = true
 				if cert, ok := assoc.Asset.(*oamcert.TLSCertificate); !ok || s.orgNameSimilarToCommon(v, cert) {
@@ -258,10 +212,6 @@ func (s *Scope) awayFromAssetsWithAssociation(assoc *dbt.Entity) ([]*dbt.Entity,
 	var outRels, inRels []string
 	var outSince, inSince time.Time
 	switch assoc.Asset.AssetType() {
-	/*case oam.FQDN:
-	in = true
-	inRels = append(inRels, "node")
-	inSince = s.ttlStartTime(oam.FQDN, oam.FQDN)*/
 	case oam.DomainRecord:
 		out = true
 		outRels = append(outRels, "registrant_contact")
@@ -412,6 +362,15 @@ func (s *Scope) ttlStartTime(from, to oam.AssetType) time.Time {
 	return time.Time{}
 }
 
+func (s *Scope) confidence(from, to oam.AssetType) int {
+	if matches, err := s.Session.Config().CheckTransformations(string(from), string(to)); err == nil && matches != nil {
+		if conf := matches.Confidence(string(to)); conf >= 0 {
+			return conf
+		}
+	}
+	return -1
+}
+
 func (s *Scope) orgNameSimilarToCommon(o *oamorg.Organization, cert *oamcert.TLSCertificate) bool {
 	swg := metrics.NewSmithWatermanGotoh()
 	swg.CaseSensitive = false

internal/enum/cli.go

@@ -293,7 +293,6 @@ func CLIWorkflow(cmdName string, clArgs []string) {
 	case <-done:
 	case <-interrupt:
 		close(done)
-		return
 	}
 
 	if !args.Options.Silent {