2020-04-03 21:20:32 +00:00
|
|
|
package templates
|
|
|
|
|
|
|
|
import (
|
2020-06-26 12:37:55 +00:00
|
|
|
"errors"
|
2020-05-05 19:42:28 +00:00
|
|
|
"fmt"
|
2020-04-03 21:20:32 +00:00
|
|
|
"os"
|
|
|
|
|
2020-05-04 21:24:59 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/pkg/generators"
|
2020-04-26 01:03:59 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/pkg/matchers"
|
2020-04-03 21:20:32 +00:00
|
|
|
"gopkg.in/yaml.v2"
|
|
|
|
)
|
|
|
|
|
|
|
|
// ParseTemplate parses a yaml request template file
|
|
|
|
func ParseTemplate(file string) (*Template, error) {
|
|
|
|
template := &Template{}
|
|
|
|
|
|
|
|
f, err := os.Open(file)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = yaml.NewDecoder(f).Decode(template)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2020-06-26 12:37:55 +00:00
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
if len(template.RequestsHTTP)+len(template.RequestsDNS) <= 0 {
|
|
|
|
return nil, errors.New("No requests defined")
|
|
|
|
}
|
2020-04-03 21:20:32 +00:00
|
|
|
|
2020-04-22 20:45:02 +00:00
|
|
|
// Compile the matchers and the extractors for http requests
|
|
|
|
for _, request := range template.RequestsHTTP {
|
2020-04-26 01:03:59 +00:00
|
|
|
// Get the condition between the matchers
|
|
|
|
condition, ok := matchers.ConditionTypes[request.MatchersCondition]
|
|
|
|
if !ok {
|
|
|
|
request.SetMatchersCondition(matchers.ANDCondition)
|
|
|
|
} else {
|
|
|
|
request.SetMatchersCondition(condition)
|
|
|
|
}
|
|
|
|
|
2020-05-05 19:42:28 +00:00
|
|
|
// Set the attack type - used only in raw requests
|
2020-05-04 21:24:59 +00:00
|
|
|
attack, ok := generators.AttackTypes[request.AttackType]
|
|
|
|
if !ok {
|
|
|
|
request.SetAttackType(generators.Sniper)
|
|
|
|
} else {
|
|
|
|
request.SetAttackType(attack)
|
|
|
|
}
|
|
|
|
|
2020-05-05 19:42:28 +00:00
|
|
|
// Validate the payloads if any
|
|
|
|
for name, wordlist := range request.Payloads {
|
|
|
|
if !generators.FileExists(wordlist) {
|
|
|
|
return nil, fmt.Errorf("The %s file for payload %s does not exist", wordlist, name)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-04-03 21:20:32 +00:00
|
|
|
for _, matcher := range request.Matchers {
|
|
|
|
if err = matcher.CompileMatchers(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
2020-04-05 19:14:45 +00:00
|
|
|
|
|
|
|
for _, extractor := range request.Extractors {
|
|
|
|
if err := extractor.CompileExtractors(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
2020-04-03 21:20:32 +00:00
|
|
|
}
|
2020-04-22 20:45:02 +00:00
|
|
|
|
|
|
|
// Compile the matchers and the extractors for dns requests
|
|
|
|
for _, request := range template.RequestsDNS {
|
2020-04-26 01:03:59 +00:00
|
|
|
// Get the condition between the matchers
|
|
|
|
condition, ok := matchers.ConditionTypes[request.MatchersCondition]
|
|
|
|
if !ok {
|
|
|
|
request.SetMatchersCondition(matchers.ANDCondition)
|
|
|
|
} else {
|
|
|
|
request.SetMatchersCondition(condition)
|
|
|
|
}
|
|
|
|
|
2020-04-22 20:45:02 +00:00
|
|
|
for _, matcher := range request.Matchers {
|
|
|
|
if err = matcher.CompileMatchers(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, extractor := range request.Extractors {
|
|
|
|
if err := extractor.CompileExtractors(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-04-23 16:44:34 +00:00
|
|
|
|
2020-04-03 21:20:32 +00:00
|
|
|
return template, nil
|
|
|
|
}
|