2020-08-29 13:26:11 +00:00
|
|
|
package runner
|
|
|
|
|
|
|
|
import (
|
2021-07-01 09:06:40 +00:00
|
|
|
"bytes"
|
2020-08-29 13:26:11 +00:00
|
|
|
"fmt"
|
2021-07-12 14:20:01 +00:00
|
|
|
"github.com/projectdiscovery/goflags"
|
2021-07-01 09:06:40 +00:00
|
|
|
"io/ioutil"
|
2020-08-29 13:26:11 +00:00
|
|
|
"os"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/karrick/godirwalk"
|
|
|
|
"github.com/projectdiscovery/gologger"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
|
2021-02-04 12:59:28 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
2021-07-01 09:06:40 +00:00
|
|
|
"gopkg.in/yaml.v2"
|
2020-08-29 13:26:11 +00:00
|
|
|
)
|
|
|
|
|
2020-12-29 10:08:14 +00:00
|
|
|
// parseTemplateFile returns the parsed template file
|
|
|
|
func (r *Runner) parseTemplateFile(file string) (*templates.Template, error) {
|
2021-07-01 09:06:40 +00:00
|
|
|
f, err := os.Open(file)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
2021-07-01 09:06:40 +00:00
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
data, err := ioutil.ReadAll(f)
|
2020-12-29 10:08:14 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
2021-07-01 09:06:40 +00:00
|
|
|
|
|
|
|
template := &templates.Template{}
|
|
|
|
err = yaml.NewDecoder(bytes.NewReader(data)).Decode(template)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2021-03-05 06:47:10 +00:00
|
|
|
}
|
2020-12-29 10:08:14 +00:00
|
|
|
return template, nil
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
|
|
|
|
2021-07-12 14:20:01 +00:00
|
|
|
func (r *Runner) templateLogMsg(id string, name string, author string, severity goflags.Severity) string {
|
2020-08-29 13:26:11 +00:00
|
|
|
// Display the message for the template
|
2021-07-12 14:20:01 +00:00
|
|
|
return fmt.Sprintf("[%s] %s (%s) [%s]",
|
2020-12-29 10:08:14 +00:00
|
|
|
r.colorizer.BrightBlue(id).String(),
|
|
|
|
r.colorizer.Bold(name).String(),
|
2021-07-12 14:20:01 +00:00
|
|
|
r.colorizer.BrightYellow(appendAtSignToAuthors(author)).String(),
|
|
|
|
r.addColor(severity))
|
2020-08-29 21:02:45 +00:00
|
|
|
}
|
|
|
|
|
2021-07-08 09:45:26 +00:00
|
|
|
// appendAtSignToAuthors appends @ before each author and returns final string
|
|
|
|
func appendAtSignToAuthors(author string) string {
|
|
|
|
authors := strings.Split(author, ",")
|
|
|
|
if len(authors) == 0 {
|
|
|
|
return "@none"
|
|
|
|
}
|
|
|
|
if len(authors) == 1 {
|
|
|
|
if !strings.HasPrefix(authors[0], "@") {
|
|
|
|
return fmt.Sprintf("@%s", authors[0])
|
|
|
|
}
|
|
|
|
return authors[0]
|
|
|
|
}
|
|
|
|
values := make([]string, 0, len(authors))
|
|
|
|
for _, k := range authors {
|
|
|
|
if !strings.HasPrefix(authors[0], "@") {
|
|
|
|
values = append(values, fmt.Sprintf("@%s", k))
|
|
|
|
} else {
|
|
|
|
values = append(values, k)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return strings.Join(values, ",")
|
|
|
|
}
|
|
|
|
|
2020-08-29 21:02:45 +00:00
|
|
|
func (r *Runner) logAvailableTemplate(tplPath string) {
|
|
|
|
t, err := r.parseTemplateFile(tplPath)
|
2020-12-29 10:08:14 +00:00
|
|
|
if err != nil {
|
|
|
|
gologger.Error().Msgf("Could not parse file '%s': %s\n", tplPath, err)
|
2021-01-14 07:51:21 +00:00
|
|
|
} else {
|
2021-07-12 14:20:01 +00:00
|
|
|
gologger.Print().Msgf("%s\n", r.templateLogMsg(t.ID,
|
|
|
|
types.ToString(t.Info.Name),
|
|
|
|
types.ToString(t.Info.Author),
|
|
|
|
t.Info.Severity.Severity))
|
2020-08-29 21:02:45 +00:00
|
|
|
}
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ListAvailableTemplates prints available templates to stdout
|
2020-08-29 21:02:45 +00:00
|
|
|
func (r *Runner) listAvailableTemplates() {
|
|
|
|
if r.templatesConfig == nil {
|
|
|
|
return
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
|
|
|
|
2020-08-30 11:25:34 +00:00
|
|
|
if _, err := os.Stat(r.templatesConfig.TemplatesDirectory); os.IsNotExist(err) {
|
2020-12-29 10:08:14 +00:00
|
|
|
gologger.Error().Msgf("%s does not exists", r.templatesConfig.TemplatesDirectory)
|
2020-08-30 11:25:34 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-12-29 10:08:14 +00:00
|
|
|
gologger.Print().Msgf(
|
2020-08-30 11:25:34 +00:00
|
|
|
"\nListing available v.%s nuclei templates for %s",
|
|
|
|
r.templatesConfig.CurrentVersion,
|
|
|
|
r.templatesConfig.TemplatesDirectory,
|
|
|
|
)
|
2020-08-29 21:02:45 +00:00
|
|
|
err := directoryWalker(
|
|
|
|
r.templatesConfig.TemplatesDirectory,
|
|
|
|
func(path string, d *godirwalk.Dirent) error {
|
|
|
|
if d.IsDir() && path != r.templatesConfig.TemplatesDirectory {
|
2020-12-29 10:08:14 +00:00
|
|
|
gologger.Print().Msgf("\n%s:\n\n", r.colorizer.Bold(r.colorizer.BgBrightBlue(d.Name())).String())
|
2020-08-29 21:02:45 +00:00
|
|
|
} else if strings.HasSuffix(path, ".yaml") {
|
|
|
|
r.logAvailableTemplate(path)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
},
|
|
|
|
)
|
|
|
|
// directory couldn't be walked
|
|
|
|
if err != nil {
|
2020-12-29 10:08:14 +00:00
|
|
|
gologger.Error().Msgf("Could not find templates in directory '%s': %s\n", r.templatesConfig.TemplatesDirectory, err)
|
2020-08-29 13:26:11 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func directoryWalker(fsPath string, callback func(fsPath string, d *godirwalk.Dirent) error) error {
|
2021-07-01 09:06:40 +00:00
|
|
|
return godirwalk.Walk(fsPath, &godirwalk.Options{
|
2020-08-29 13:26:11 +00:00
|
|
|
Callback: callback,
|
|
|
|
ErrorCallback: func(fsPath string, err error) godirwalk.ErrorAction {
|
|
|
|
return godirwalk.SkipNode
|
|
|
|
},
|
|
|
|
Unsorted: true,
|
|
|
|
})
|
|
|
|
}
|