IVRE Version

IVRE - Network recon framework
Copyright 2011 - 2022 Pierre LALET [email protected]
Version 0.9.18.dev124-dockerhub

Python 3.9.2 (default, Feb 28 2021, 17:03:44)
[GCC 10.2.1 20210110]

Linux 62dce771524b 5.4.0-136-generic #153-Ubuntu SMP Thu Nov 24 15:56:58 UTC 2022 x86_64

Dependencies:
Python module pymongo: 3.11.0
Python module sqlalchemy: missing
Python module psycopg2: missing
Python module cryptography: 3.3.2
Python module krbV: missing
Python module pycurl: missing
Python module PIL: missing
Python module MySQLdb: missing
Python module dbus: missing
Python module matplotlib: missing
Python module bottle: 0.12.19
Python module OpenSSL: 20.0.1
Python module tinydb: missing

Summary

When using regular expressions ( in search, or cert.subject ) in the web GUI special characters cannot be escaped. E.g: searching for wildcard characters in SSL certificate subjects using '' as an escaping character ( in previous example something like: cert.subject:/.*DOMAIN.NET/ ) will result in removing the backslash. Results will be as if the backslash never existed and thus a different result will be shown than intended

Expected behavior

Escaping special characters (.*) with an escape character (backslash) while using regular expressions will lead to passing these characters to the engine and a search will be performed on the search string including these characters.

Actual behavior

Regular Expression escape character (backslash) is removed and therefore not able to escape characters that need to be part of the search string

How to reproduce

Use a regular expression in a filter / search using a backslash to escape characters like . or *