2020-04-03 21:20:32 +00:00
|
|
|
package templates
|
|
|
|
|
|
|
|
import (
|
2020-05-05 19:42:28 +00:00
|
|
|
"fmt"
|
2020-04-03 21:20:32 +00:00
|
|
|
"os"
|
|
|
|
|
2020-12-29 10:08:14 +00:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
2020-12-29 11:03:25 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/dns"
|
2021-01-01 09:58:28 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/file"
|
2020-12-29 11:03:25 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http"
|
2020-12-30 09:24:20 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/network"
|
2020-12-29 12:32:45 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/workflows"
|
2020-12-30 07:56:55 +00:00
|
|
|
"gopkg.in/yaml.v2"
|
2020-04-03 21:20:32 +00:00
|
|
|
)
|
|
|
|
|
2020-06-29 12:13:08 +00:00
|
|
|
// Parse parses a yaml request template file
|
2021-01-01 09:58:28 +00:00
|
|
|
func Parse(filePath string, options *protocols.ExecuterOptions) (*Template, error) {
|
2020-04-03 21:20:32 +00:00
|
|
|
template := &Template{}
|
|
|
|
|
2021-01-01 09:58:28 +00:00
|
|
|
f, err := os.Open(filePath)
|
2020-04-03 21:20:32 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = yaml.NewDecoder(f).Decode(template)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2020-06-26 12:37:55 +00:00
|
|
|
defer f.Close()
|
|
|
|
|
2020-12-29 10:08:14 +00:00
|
|
|
// Setting up variables regarding template metadata
|
|
|
|
options.TemplateID = template.ID
|
|
|
|
options.TemplateInfo = template.Info
|
2021-01-01 09:58:28 +00:00
|
|
|
options.TemplatePath = filePath
|
2020-07-31 15:13:51 +00:00
|
|
|
|
2020-06-29 12:13:08 +00:00
|
|
|
// If no requests, and it is also not a workflow, return error.
|
2021-01-01 13:25:35 +00:00
|
|
|
if len(template.RequestsDNS)+len(template.RequestsHTTP)+len(template.RequestsFile)+len(template.RequestsNetwork)+len(template.Workflows) == 0 {
|
2020-08-26 18:05:31 +00:00
|
|
|
return nil, fmt.Errorf("no requests defined for %s", template.ID)
|
2020-06-26 12:37:55 +00:00
|
|
|
}
|
2020-04-03 21:20:32 +00:00
|
|
|
|
2020-12-29 12:32:45 +00:00
|
|
|
// Compile the workflow request
|
2020-12-29 13:18:13 +00:00
|
|
|
if len(template.Workflows) > 0 {
|
2020-12-30 07:56:55 +00:00
|
|
|
compiled := &template.Workflow
|
|
|
|
if err := template.compileWorkflow(options, compiled); err != nil {
|
2020-12-29 12:32:45 +00:00
|
|
|
return nil, errors.Wrap(err, "could not compile workflow")
|
|
|
|
}
|
2020-12-29 14:48:59 +00:00
|
|
|
template.Workflow.Compile(options)
|
2020-12-30 07:56:55 +00:00
|
|
|
template.CompiledWorkflow = compiled
|
2020-12-29 12:32:45 +00:00
|
|
|
}
|
|
|
|
|
2020-12-29 10:08:14 +00:00
|
|
|
// Compile the requests found
|
2020-12-29 11:03:25 +00:00
|
|
|
if len(template.RequestsDNS) > 0 {
|
2020-12-29 12:32:45 +00:00
|
|
|
template.Executer = dns.NewExecuter(template.RequestsDNS, options)
|
2020-12-29 11:03:25 +00:00
|
|
|
}
|
|
|
|
if len(template.RequestsHTTP) > 0 {
|
2020-12-29 12:32:45 +00:00
|
|
|
template.Executer = http.NewExecuter(template.RequestsHTTP, options)
|
2021-01-01 09:58:28 +00:00
|
|
|
}
|
|
|
|
if len(template.RequestsFile) > 0 {
|
|
|
|
template.Executer = file.NewExecuter(template.RequestsFile, options)
|
2020-12-29 11:03:25 +00:00
|
|
|
}
|
2020-12-30 09:24:20 +00:00
|
|
|
if len(template.RequestsNetwork) > 0 {
|
|
|
|
template.Executer = network.NewExecuter(template.RequestsNetwork, options)
|
|
|
|
}
|
2020-12-30 15:44:04 +00:00
|
|
|
template.TotalRequests += template.Executer.Requests()
|
|
|
|
|
2021-01-01 14:06:21 +00:00
|
|
|
if template.Executer != nil {
|
|
|
|
err := template.Executer.Compile()
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, "could not compile request")
|
|
|
|
}
|
2020-12-29 11:03:25 +00:00
|
|
|
}
|
2020-04-03 21:20:32 +00:00
|
|
|
return template, nil
|
|
|
|
}
|
2020-12-29 12:32:45 +00:00
|
|
|
|
|
|
|
// compileWorkflow compiles the workflow for execution
|
2020-12-30 07:56:55 +00:00
|
|
|
func (t *Template) compileWorkflow(options *protocols.ExecuterOptions, workflows *workflows.Workflow) error {
|
|
|
|
for _, workflow := range workflows.Workflows {
|
2020-12-29 12:32:45 +00:00
|
|
|
if err := t.parseWorkflow(workflow, options); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// parseWorkflow parses and compiles all templates in a workflow recursively
|
|
|
|
func (t *Template) parseWorkflow(workflow *workflows.WorkflowTemplate, options *protocols.ExecuterOptions) error {
|
|
|
|
if err := t.parseWorkflowTemplate(workflow, options); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
for _, subtemplates := range workflow.Subtemplates {
|
|
|
|
if err := t.parseWorkflow(subtemplates, options); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, matcher := range workflow.Matchers {
|
|
|
|
for _, subtemplates := range matcher.Subtemplates {
|
|
|
|
if err := t.parseWorkflow(subtemplates, options); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// parseWorkflowTemplate parses a workflow template creating an executer
|
|
|
|
func (t *Template) parseWorkflowTemplate(workflow *workflows.WorkflowTemplate, options *protocols.ExecuterOptions) error {
|
|
|
|
opts := protocols.ExecuterOptions{
|
|
|
|
Output: options.Output,
|
|
|
|
Options: options.Options,
|
|
|
|
Progress: options.Progress,
|
|
|
|
Catalogue: options.Catalogue,
|
|
|
|
RateLimiter: options.RateLimiter,
|
|
|
|
ProjectFile: options.ProjectFile,
|
|
|
|
}
|
|
|
|
paths, err := options.Catalogue.GetTemplatePath(workflow.Template)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "could not get workflow template")
|
|
|
|
}
|
|
|
|
if len(paths) != 1 {
|
|
|
|
return errors.Wrap(err, "invalid number of templates matched")
|
|
|
|
}
|
|
|
|
|
|
|
|
template, err := Parse(paths[0], &opts)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "could not parse workflow template")
|
|
|
|
}
|
|
|
|
workflow.Executer = template.Executer
|
|
|
|
return nil
|
|
|
|
}
|