Skip to content

Commit 6effa6b

Browse files
liquidsecliquidsec
committed
fix asn helper access
1 parent 1b12214 commit 6effa6b

File tree

1 file changed

+27
-28
lines changed

1 file changed

+27
-28
lines changed

bbot/modules/waf_bypass.py

Lines changed: 27 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -147,34 +147,32 @@ async def handle_event(self, event):
147147

148148
# Get CIDRs from the base domain of the protected domain
149149
base_dns = await self.helpers.dns.resolve(base_domain)
150-
if base_dns:
151-
# Skip if base domain has same IPs as protected domain
152-
if set(str(ip) for ip in base_dns) == self.domain_ips.get(domain, set()):
153-
self.debug(f"Base domain {base_domain} has same IPs as protected domain, skipping CIDR collection")
154-
else:
155-
if base_domain not in self.bypass_candidates:
156-
self.bypass_candidates[base_domain] = set()
157-
self.debug(f"Created new CIDR set for {provider_name} base domain: {base_domain}")
158-
159-
for ip in base_dns:
160-
self.debug(f"Getting ASN info for IP {ip} from {provider_name} base domain {base_domain}")
161-
asns = await self.helpers.asn.ip_to_subnets(str(ip))
162-
if asns:
163-
for asn_info in asns:
164-
subnets = asn_info.get("subnets")
165-
if isinstance(subnets, str):
166-
subnets = [subnets]
167-
if subnets:
168-
for cidr in subnets:
169-
self.bypass_candidates[base_domain].add(cidr)
170-
self.debug(
171-
f"Added CIDR {cidr} from {provider_name} base domain {base_domain} "
172-
f"(ASN{asn_info.get('asn', 'Unknown')} - {asn_info.get('name', 'Unknown')})"
173-
)
174-
else:
175-
self.warning(f"No ASN info found for IP {ip}")
176-
else:
150+
if not base_dns:
177151
self.debug(f"WARNING: No DNS resolution for {provider_name} base domain {base_domain}")
152+
if base_dns and (set(str(ip) for ip in base_dns) == self.domain_ips.get(domain, set())):
153+
self.debug(f"Base domain {base_domain} has same IPs as protected domain, skipping CIDR collection")
154+
else:
155+
if base_domain not in self.bypass_candidates:
156+
self.bypass_candidates[base_domain] = set()
157+
self.debug(f"Created new CIDR set for {provider_name} base domain: {base_domain}")
158+
159+
for ip in base_dns:
160+
self.debug(f"Getting ASN info for IP {ip} from {provider_name} base domain {base_domain}")
161+
asns = await self.helpers.asn.ip_to_subnets(str(ip))
162+
if asns:
163+
for asn_info in asns:
164+
subnets = asn_info.get("subnets")
165+
if isinstance(subnets, str):
166+
subnets = [subnets]
167+
if subnets:
168+
for cidr in subnets:
169+
self.bypass_candidates[base_domain].add(cidr)
170+
self.debug(
171+
f"Added CIDR {cidr} from {provider_name} base domain {base_domain} "
172+
f"(ASN{asn_info.get('asn', 'Unknown')} - {asn_info.get('name', 'Unknown')})"
173+
)
174+
else:
175+
self.warning(f"No ASN info found for IP {ip}")
178176

179177
else:
180178
if "cdn-ip" in event.tags:
@@ -254,6 +252,7 @@ async def finish(self):
254252

255253
# Then collect non-CloudFlare IPs
256254
for domain, ips in self.domain_ips.items():
255+
self.debug(f"Checking IP {ips} from domain {domain}")
257256
if domain not in self.protected_domains: # If it's not a protected domain
258257
for ip in ips:
259258
# Validate that this is actually an IP address before processing
@@ -275,7 +274,7 @@ async def finish(self):
275274
n_ip_str = str(neighbor_ip)
276275
if n_ip_str == ip or n_ip_str in cloudflare_ips or n_ip_str in all_ips:
277276
continue
278-
asns_neighbor = await self.helpers.asn.get(n_ip_str)
277+
asns_neighbor = await self.helpers.asn.ip_to_subnets(n_ip_str)
279278
if not asns_neighbor:
280279
continue
281280
# Check if any ASN matches

0 commit comments

Comments
 (0)