Support overriding User-Agent in Tsunami scans

Tsunami Team · copybara-github · commit e4e30f84acfa · 2024-04-30T00:09:13.000-07:00
PiperOrigin-RevId: 629314902
Change-Id: I890db7a29024824b4d298b4397b4a89397c87038
diff --git a/google/fingerprinters/web/build.gradle b/google/fingerprinters/web/build.gradle
@@ -122,3 +122,12 @@ task runFingerprintFileConverter(type: JavaExec) {
     classpath = sourceSets.main.runtimeClasspath
     mainClass = 'com.google.tsunami.plugins.fingerprinters.web.tools.FingerprintFileConverter'
 }
+
+// Force the JRE flavor of Guava for tasks that don't advertise themselves as targeting the JRE.
+// https://github.com/google/guava/releases/tag/v32.1.0
+// https://github.com/square/okio/issues/647
+configurations.all { configuration ->
+    if (name == "compileClasspath" || name == "runtimeClasspath" || name == "compileProtoPath" || name == "testCompileProtoPath" || name == "testCompileClasspath" || name == "testRuntimeClasspath") {
+        attributes.attribute(Attribute.of("org.gradle.jvm.environment", String), "standard-jvm")
+    }
+}
diff --git a/google/portscan/nmap/src/main/java/com/google/tsunami/plugins/portscan/nmap/NmapPortScanner.java b/google/portscan/nmap/src/main/java/com/google/tsunami/plugins/portscan/nmap/NmapPortScanner.java
@@ -27,6 +27,7 @@
 import com.google.tsunami.common.command.CommandExecutionThreadPool;
 import com.google.tsunami.common.data.NetworkEndpointUtils;
 import com.google.tsunami.common.data.NetworkServiceUtils;
+import com.google.tsunami.common.net.http.HttpClientCliOptions;
 import com.google.tsunami.plugin.PluginType;
 import com.google.tsunami.plugin.PortScanner;
 import com.google.tsunami.plugin.annotations.PluginInfo;
@@ -79,6 +80,7 @@ public final class NmapPortScanner implements PortScanner {
   private final Executor commandExecutor;
   private final NmapPortScannerConfigs configs;
   private final NmapPortScannerCliOptions cliOptions;
+  private final HttpClientCliOptions httpClientCliOptions;
 
   private ScanTarget scanTarget;
 
@@ -87,11 +89,13 @@ public final class NmapPortScanner implements PortScanner {
       NmapClient nmapClient,
       @CommandExecutionThreadPool Executor commandExecutor,
       NmapPortScannerConfigs configs,
-      NmapPortScannerCliOptions cliOptions) {
+      NmapPortScannerCliOptions cliOptions,
+      HttpClientCliOptions httpClientCliOptions) {
     this.nmapClient = checkNotNull(nmapClient);
     this.commandExecutor = checkNotNull(commandExecutor);
     this.configs = checkNotNull(configs);
     this.cliOptions = checkNotNull(cliOptions);
+    this.httpClientCliOptions = checkNotNull(httpClientCliOptions);
   }
 
   @Override
@@ -110,7 +114,7 @@ public PortScanningReport scan(ScanTarget scanTarget) {
               .withVersionDetectionIntensity(5)
               .withScript("banner")
               .withScript("ssl-enum-ciphers")
-              .withScript("http-methods", "http.useragent=TsunamiSecurityScanner")
+              .withScript("http-methods", "http.useragent=" + httpClientCliOptions.userAgent)
               .withTimingTemplate(TimingTemplate.AGGRESSIVE)
               .withTargetNetworkEndpoint(scanTarget.getNetworkEndpoint())
               .run(commandExecutor);
