nuclei/v2/pkg/operators/extractors/extract.go

package extractors

import (
	"net/http"

	"github.com/miekg/dns"
)

// Extract extracts response from the parts of request using a regex
func (e *Extractor) Extract(resp *http.Response, body, headers string) map[string]struct{} {
	switch e.extractorType {
	case RegexExtractor:
		if e.part == BodyPart {
			return e.extractRegex(body)
		} else if e.part == HeaderPart {
			return e.extractRegex(headers)
		} else {
			matches := e.extractRegex(headers)
			if len(matches) > 0 {
				return matches
			}
			return e.extractRegex(body)
		}
	case KValExtractor:
		if e.part == HeaderPart {
			return e.extractKVal(resp)
		}

		matches := e.extractKVal(resp)

		if len(matches) > 0 {
			return matches
		}

		return e.extractCookieKVal(resp)
	}

	return nil
}

// ExtractDNS extracts response from dns message using a regex
// nolint:interfacer // dns.Msg is out of current scope
func (e *Extractor) ExtractDNS(msg *dns.Msg) map[string]struct{} {
	switch e.extractorType {
	case RegexExtractor:
		return e.extractRegex(msg.String())
	case KValExtractor:
	}

	return nil
}

// extractRegex extracts text from a corpus and returns it
func (e *Extractor) extractRegex(corpus string) map[string]struct{} {
	results := make(map[string]struct{})

	groupPlusOne := e.RegexGroup + 1
	for _, regex := range e.regexCompiled {
		matches := regex.FindAllStringSubmatch(corpus, -1)
		for _, match := range matches {
			if len(match) >= groupPlusOne {
				results[match[e.RegexGroup]] = struct{}{}
			}
		}
	}
	return results
}

// extractKVal extracts text from http response
func (e *Extractor) extractKVal(r *http.Response) map[string]struct{} {
	results := make(map[string]struct{})

	for _, k := range e.KVal {
		for _, v := range r.Header.Values(k) {
			results[v] = struct{}{}
		}
	}

	return results
}

// extractCookieKVal extracts text from cookies
func (e *Extractor) extractCookieKVal(r *http.Response) map[string]struct{} {
	results := make(map[string]struct{})

	for _, k := range e.KVal {
		for _, cookie := range r.Cookies() {
			if cookie.Name == k {
				results[cookie.Value] = struct{}{}
			}
		}
	}

	return results
}
Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`package extractors`

finalized + corrected typo 2020-07-16 08:32:00 +00:00			`import (`
			`"net/http"`

			`"github.com/miekg/dns"`
			`)`

Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`// Extract extracts response from the parts of request using a regex`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`func (e Extractor) Extract(resp http.Response, body, headers string) map[string]struct{} {`
prototyping 2020-07-14 22:47:01 +00:00			`switch e.extractorType {`
			`case RegexExtractor:`
			`if e.part == BodyPart {`
			`return e.extractRegex(body)`
			`} else if e.part == HeaderPart {`
			`return e.extractRegex(headers)`
			`} else {`
			`matches := e.extractRegex(headers)`
			`if len(matches) > 0 {`
			`return matches`
			`}`
			`return e.extractRegex(body)`
Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`}`
prototyping 2020-07-14 22:47:01 +00:00			`case KValExtractor:`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`if e.part == HeaderPart {`
			`return e.extractKVal(resp)`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
			`matches := e.extractKVal(resp)`

			`if len(matches) > 0 {`
			`return matches`
			`}`

			`return e.extractCookieKVal(resp)`
Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`}`
prototyping 2020-07-14 22:47:01 +00:00
			`return nil`
Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`}`

poc implementation of dns templating 2020-04-22 20:45:02 +00:00			`// ExtractDNS extracts response from dns message using a regex`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00			`// nolint:interfacer // dns.Msg is out of current scope`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`func (e Extractor) ExtractDNS(msg dns.Msg) map[string]struct{} {`
prototyping 2020-07-14 22:47:01 +00:00			`switch e.extractorType {`
			`case RegexExtractor:`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`return e.extractRegex(msg.String())`
prototyping 2020-07-14 22:47:01 +00:00			`case KValExtractor:`
			`}`

			`return nil`
poc implementation of dns templating 2020-04-22 20:45:02 +00:00			`}`

Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`// extractRegex extracts text from a corpus and returns it`
Added unique regex values support 2020-04-27 18:04:08 +00:00			`func (e *Extractor) extractRegex(corpus string) map[string]struct{} {`
			`results := make(map[string]struct{})`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
Added group capturing in backward compatible way 2020-09-17 06:31:51 +00:00			`groupPlusOne := e.RegexGroup + 1`
Added extractors to the workflow + misc 2020-04-05 19:14:45 +00:00			`for _, regex := range e.regexCompiled {`
Added group capturing in backward compatible way 2020-09-17 06:31:51 +00:00			`matches := regex.FindAllStringSubmatch(corpus, -1)`
Added unique regex values support 2020-04-27 18:04:08 +00:00			`for _, match := range matches {`
Added group capturing in backward compatible way 2020-09-17 06:31:51 +00:00			`if len(match) >= groupPlusOne {`
			`results[match[e.RegexGroup]] = struct{}{}`
			`}`
Added unique regex values support 2020-04-27 18:04:08 +00:00			`}`
Added extractors to the workflow + misc 2020-04-05 19:14:45 +00:00			`}`
			`return results`
Added extractors for text extraction 2020-04-05 18:35:01 +00:00			`}`
finalized + corrected typo 2020-07-16 08:32:00 +00:00
			`// extractKVal extracts text from http response`
			`func (e Extractor) extractKVal(r http.Response) map[string]struct{} {`
			`results := make(map[string]struct{})`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`for _, k := range e.KVal {`
			`for _, v := range r.Header.Values(k) {`
			`results[v] = struct{}{}`
			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`return results`
			`}`

using native go for cookies 2020-07-16 10:58:56 +00:00			`// extractCookieKVal extracts text from cookies`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00			`func (e Extractor) extractCookieKVal(r http.Response) map[string]struct{} {`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`results := make(map[string]struct{})`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
using native go for cookies 2020-07-16 10:58:56 +00:00			`for _, k := range e.KVal {`
			`for _, cookie := range r.Cookies() {`
			`if cookie.Name == k {`
			`results[cookie.Value] = struct{}{}`
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`}`
			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 21:24:31 +00:00
finalized + corrected typo 2020-07-16 08:32:00 +00:00			`return results`
			`}`