gilles/cameradar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add max attempts to incremental routes to prevent infinite loop

Browse Source
This commit is contained in:
Brendan Le Glaunec
2026-01-28 19:50:36 +01:00
parent 510a9af2fd
commit 10bf1b59e8
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/attack/attacker.go
+9
View File
@@ -15,6 +15,8 @@ import (
// Route that should never be a constructor default. // Route that should never be a constructor default.
const dummyRoute = "/0x8b6c42" const dummyRoute = "/0x8b6c42"
const maxIncrementalRouteAttempts = 32
// Dictionary provides dictionaries for routes, usernames and passwords. // Dictionary provides dictionaries for routes, usernames and passwords.
type Dictionary interface { type Dictionary interface {
Routes() []string Routes() []string
@@ -401,7 +403,13 @@ func (a Attacker) tryIncrementalRoutes(ctx context.Context,
} }
nextNumber := match.number + 1 nextNumber := match.number + 1
attempts := 0
for { for {
if attempts >= maxIncrementalRouteAttempts {
a.reporter.Debug(cameradar.StepAttackRoutes, fmt.Sprintf("incremental route attempts capped at %d for %s:%d", maxIncrementalRouteAttempts, target.Address.String(), target.Port))
return target, nil
}
select { select {
case <-ctx.Done(): case <-ctx.Done():
return target, ctx.Err() return target, ctx.Err()
@@ -431,6 +439,7 @@ func (a Attacker) tryIncrementalRoutes(ctx context.Context,
)) ))
return target, nil return target, nil
} }
attempts++
if !ok { if !ok {
return target, nil return target, nil
} }