Fix protocol mismatch when manually specifying v4+v6 --local-addr#679
Open
FineTralfazz wants to merge 4 commits intozmap:masterfrom
Open
Fix protocol mismatch when manually specifying v4+v6 --local-addr#679FineTralfazz wants to merge 4 commits intozmap:masterfrom
FineTralfazz wants to merge 4 commits intozmap:masterfrom
Conversation
FineTralfazz
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When
--local-addris configured with a mix of IPv4 and IPv6 addresses (e.g.--local-addr 192.168.1.1,2001:db8::1), SetRandomLocalAddr picks one at random without considering the target's address family. This causes scans to fail intermittently. Whenever the randomly chosen local address doesn't match the target's protocol (e.g. binding an IPv6 source for an IPv4 destination), the OS rejects the connection and your grab attempt fails with{"ip":"2607:f8b0:400a:809::200e","data":{"http":{"status":"connection-timeout","protocol":"http","port":80,"result":{},"timestamp":"2026-02-27T13:38:26-08:00","error":"unable to dial target (2607:f8b0:400a:809::200e) with L4 Dialer: dial context failed: dial tcp: address 10.10.9.92:0: no suitable address found"}}}How to Test
Run this command a few times with the existing implementation:
It will fail 50% of the time. Then test mine and confirm that it works consistently.
Notes & Caveats
I've tested this patch locally and it works. However I'm not a particularly experienced Go dev and this is my first time looking at the zgrab2 source code, so feedback is welcome and appreciated. In particular, I'm not sure if
filterLocalAddrsByFamily's current return behavior is reasonable or if I should be returning an error.Issue Tracking
N/A