nuclei/pkg/protocols/file/find.go

package file

import (
	"io"
	"io/fs"
	"os"
	"path/filepath"
	"strings"

	"github.com/pkg/errors"
	"github.com/projectdiscovery/gologger"
	fileutil "github.com/projectdiscovery/utils/file"
	folderutil "github.com/projectdiscovery/utils/folder"
)

// getInputPaths parses the specified input paths and returns a compiled
// list of finished absolute paths to the files evaluating any allowlist, denylist,
// glob, file or folders, etc.
func (request *Request) getInputPaths(target string, callback func(string)) error {
	processed := make(map[string]struct{})

	// Template input includes a wildcard
	if strings.Contains(target, "*") && !request.NoRecursive {
		if err := request.findGlobPathMatches(target, processed, callback); err != nil {
			return errors.Wrap(err, "could not find glob matches")
		}
		return nil
	}

	// Template input is either a file or a directory
	file, err := request.findFileMatches(target, processed, callback)
	if err != nil {
		return errors.Wrap(err, "could not find file")
	}
	if file {
		return nil
	}
	if request.NoRecursive {
		return nil // we don't process dirs in no-recursive mode
	}
	// Recursively walk down the Templates directory and run all
	// the template file checks
	if err := request.findDirectoryMatches(target, processed, callback); err != nil {
		return errors.Wrap(err, "could not find directory matches")
	}
	return nil
}

// findGlobPathMatches returns the matched files from a glob path
func (request *Request) findGlobPathMatches(absPath string, processed map[string]struct{}, callback func(string)) error {
	matches, err := filepath.Glob(absPath)
	if err != nil {
		return errors.Errorf("wildcard found, but unable to glob: %s\n", err)
	}
	for _, match := range matches {
		if !request.validatePath(absPath, match, false) {
			continue
		}
		if _, ok := processed[match]; !ok {
			processed[match] = struct{}{}
			callback(match)
		}
	}
	return nil
}

// findFileMatches finds if a path is an absolute file. If the path
// is a file, it returns true otherwise false with no errors.
func (request *Request) findFileMatches(absPath string, processed map[string]struct{}, callback func(string)) (bool, error) {
	info, err := os.Stat(absPath)
	if err != nil {
		return false, err
	}
	if !info.Mode().IsRegular() {
		return false, nil
	}
	if _, ok := processed[absPath]; !ok {
		if !request.validatePath(absPath, absPath, false) {
			return false, nil
		}
		processed[absPath] = struct{}{}
		callback(absPath)
	}
	return true, nil
}

// findDirectoryMatches finds matches for templates from a directory
func (request *Request) findDirectoryMatches(absPath string, processed map[string]struct{}, callback func(string)) error {
	err := filepath.WalkDir(
		absPath,
		func(path string, d fs.DirEntry, err error) error {
			// continue on errors
			if err != nil {
				return nil
			}
			if d.IsDir() {
				return nil
			}
			if !request.validatePath(absPath, path, false) {
				return nil
			}
			if _, ok := processed[path]; !ok {
				callback(path)
				processed[path] = struct{}{}
			}
			return nil
		},
	)
	return err
}

// validatePath validates a file path for blacklist and whitelist options
func (request *Request) validatePath(absPath, item string, inArchive bool) bool {
	extension := filepath.Ext(item)
	// extension check
	if len(request.extensions) > 0 {
		if _, ok := request.extensions[extension]; ok {
			return true
		} else if !request.allExtensions {
			return false
		}
	}

	var (
		fileExists bool
		dataChunk  []byte
	)
	if !inArchive && request.MimeType {
		// mime type check
		// read first bytes to infer runtime type
		fileExists = fileutil.FileExists(item)
		if fileExists {
			dataChunk, _ = readChunk(item)
			if len(request.mimeTypesChecks) > 0 && matchAnyMimeTypes(dataChunk, request.mimeTypesChecks) {
				return true
			}
		}
	}

	if matchingRule, ok := request.isInDenyList(absPath, item); ok {
		gologger.Verbose().Msgf("Ignoring path %s due to denylist item %s\n", item, matchingRule)
		return false
	}

	// denied mime type checks
	if !inArchive && request.MimeType && fileExists {
		if len(request.denyMimeTypesChecks) > 0 && matchAnyMimeTypes(dataChunk, request.denyMimeTypesChecks) {
			return false
		}
	}

	return true
}

func (request *Request) isInDenyList(absPath, item string) (string, bool) {
	extension := filepath.Ext(item)
	// check for possible deny rules
	// - extension is in deny list
	if _, ok := request.denyList[extension]; ok {
		return extension, true
	}

	// - full path is in deny list
	if _, ok := request.denyList[item]; ok {
		return item, true
	}

	// file is in a forbidden subdirectory
	filename := filepath.Base(item)
	fullPathWithoutFilename := strings.TrimSuffix(item, filename)
	relativePathWithFilename := strings.TrimPrefix(item, absPath)
	relativePath := strings.TrimSuffix(relativePathWithFilename, filename)

	// - filename is in deny list
	if _, ok := request.denyList[filename]; ok {
		return filename, true
	}

	// - relative path is in deny list
	if _, ok := request.denyList[relativePath]; ok {
		return relativePath, true
	}

	// relative path + filename are in the forbidden list
	if _, ok := request.denyList[relativePathWithFilename]; ok {
		return relativePathWithFilename, true
	}

	// root path + relative path are in the forbidden list
	if _, ok := request.denyList[fullPathWithoutFilename]; ok {
		return fullPathWithoutFilename, true
	}

	// check any progressive combined part of the relative and absolute path with filename for matches within rules prefixes
	if pathTreeItem, ok := request.isAnyChunkInDenyList(relativePath, false); ok {
		return pathTreeItem, true
	}
	if pathTreeItem, ok := request.isAnyChunkInDenyList(item, true); ok {
		return pathTreeItem, true
	}

	return "", false
}

func readChunk(fileName string) ([]byte, error) {
	r, err := os.Open(fileName)
	if err != nil {
		return nil, err
	}

	defer r.Close()

	var buff [1024]byte
	if _, err = io.ReadFull(r, buff[:]); err != nil {
		return nil, err
	}
	return buff[:], nil
}

func (request *Request) isAnyChunkInDenyList(path string, splitWithUtils bool) (string, bool) {
	var paths []string

	if splitWithUtils {
		pathInfo, _ := folderutil.NewPathInfo(path)
		paths, _ = pathInfo.Paths()
	} else {
		pathTree := strings.Split(path, string(os.PathSeparator))
		for i := range pathTree {
			paths = append(paths, filepath.Join(pathTree[:i]...))
		}
	}
	for _, pathTreeItem := range paths {
		if _, ok := request.denyList[pathTreeItem]; ok {
			return pathTreeItem, true
		}
	}

	return "", false
}
Added file based template support 2021-01-01 09:58:28 +00:00			`package file`

			`import (`
adding mime type file support 2022-03-22 11:35:11 +00:00			`"io"`
Fixing directory walk error check on windows (#1951) * Fixing directory walk error check on windows * moving check to helper package * replacing godirwalk with standard library 2022-05-08 06:52:21 +00:00			`"io/fs"`
Added file based template support 2021-01-01 09:58:28 +00:00			`"os"`
			`"path/filepath"`
			`"strings"`

			`"github.com/pkg/errors"`
			`"github.com/projectdiscovery/gologger"`
Use utils helpers libraries (#2809) (#2810) * Use utils helpers libraries (#2809) * Use utils helpers libraries (#2809) 2022-11-06 20:24:23 +00:00			`fileutil "github.com/projectdiscovery/utils/file"`
			`folderutil "github.com/projectdiscovery/utils/folder"`
Added file based template support 2021-01-01 09:58:28 +00:00			`)`

			`// getInputPaths parses the specified input paths and returns a compiled`
			`// list of finished absolute paths to the files evaluating any allowlist, denylist,`
			`// glob, file or folders, etc.`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`func (request *Request) getInputPaths(target string, callback func(string)) error {`
Added file based template support 2021-01-01 09:58:28 +00:00			`processed := make(map[string]struct{})`

			`// Template input includes a wildcard`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`if strings.Contains(target, "*") && !request.NoRecursive {`
			`if err := request.findGlobPathMatches(target, processed, callback); err != nil {`
Added file based template support 2021-01-01 09:58:28 +00:00			`return errors.Wrap(err, "could not find glob matches")`
			`}`
			`return nil`
			`}`

			`// Template input is either a file or a directory`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`file, err := request.findFileMatches(target, processed, callback)`
Added file based template support 2021-01-01 09:58:28 +00:00			`if err != nil {`
			`return errors.Wrap(err, "could not find file")`
			`}`
			`if file {`
			`return nil`
			`}`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`if request.NoRecursive {`
Bump gomod + Misc 2021-03-07 04:51:52 +00:00			`return nil // we don't process dirs in no-recursive mode`
			`}`
Added file based template support 2021-01-01 09:58:28 +00:00			`// Recursively walk down the Templates directory and run all`
			`// the template file checks`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`if err := request.findDirectoryMatches(target, processed, callback); err != nil {`
Added file based template support 2021-01-01 09:58:28 +00:00			`return errors.Wrap(err, "could not find directory matches")`
			`}`
			`return nil`
			`}`

			`// findGlobPathMatches returns the matched files from a glob path`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`func (request *Request) findGlobPathMatches(absPath string, processed map[string]struct{}, callback func(string)) error {`
Added file based template support 2021-01-01 09:58:28 +00:00			`matches, err := filepath.Glob(absPath)`
			`if err != nil {`
			`return errors.Errorf("wildcard found, but unable to glob: %s\n", err)`
			`}`
			`for _, match := range matches {`
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`if !request.validatePath(absPath, match, false) {`
Added file based template support 2021-01-01 09:58:28 +00:00			`continue`
			`}`
			`if _, ok := processed[match]; !ok {`
			`processed[match] = struct{}{}`
			`callback(match)`
			`}`
			`}`
			`return nil`
			`}`

			`// findFileMatches finds if a path is an absolute file. If the path`
			`// is a file, it returns true otherwise false with no errors.`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`func (request *Request) findFileMatches(absPath string, processed map[string]struct{}, callback func(string)) (bool, error) {`
Added file based template support 2021-01-01 09:58:28 +00:00			`info, err := os.Stat(absPath)`
			`if err != nil {`
			`return false, err`
			`}`
			`if !info.Mode().IsRegular() {`
			`return false, nil`
			`}`
			`if _, ok := processed[absPath]; !ok {`
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`if !request.validatePath(absPath, absPath, false) {`
Misc 2021-03-08 14:00:48 +00:00			`return false, nil`
			`}`
Added file based template support 2021-01-01 09:58:28 +00:00			`processed[absPath] = struct{}{}`
			`callback(absPath)`
			`}`
			`return true, nil`
			`}`

			`// findDirectoryMatches finds matches for templates from a directory`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`func (request *Request) findDirectoryMatches(absPath string, processed map[string]struct{}, callback func(string)) error {`
Fixing directory walk error check on windows (#1951) * Fixing directory walk error check on windows * moving check to helper package * replacing godirwalk with standard library 2022-05-08 06:52:21 +00:00			`err := filepath.WalkDir(`
			`absPath,`
			`func(path string, d fs.DirEntry, err error) error {`
			`// continue on errors`
			`if err != nil {`
			`return nil`
			`}`
File protocol tests + misc fixes 2021-02-03 12:19:10 +00:00			`if d.IsDir() {`
			`return nil`
			`}`
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`if !request.validatePath(absPath, path, false) {`
Added file based template support 2021-01-01 09:58:28 +00:00			`return nil`
			`}`
			`if _, ok := processed[path]; !ok {`
			`callback(path)`
			`processed[path] = struct{}{}`
			`}`
			`return nil`
			`},`
Fixing directory walk error check on windows (#1951) * Fixing directory walk error check on windows * moving check to helper package * replacing godirwalk with standard library 2022-05-08 06:52:21 +00:00			`)`
Added file based template support 2021-01-01 09:58:28 +00:00			`return err`
			`}`

			`// validatePath validates a file path for blacklist and whitelist options`
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`func (request *Request) validatePath(absPath, item string, inArchive bool) bool {`
Replacing "path." methods to "filepath." in order to make the code OS independent 2021-08-23 11:53:37 +00:00			`extension := filepath.Ext(item)`
adding mime type file support 2022-03-22 11:35:11 +00:00			`// extension check`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`if len(request.extensions) > 0 {`
			`if _, ok := request.extensions[extension]; ok {`
Added file based template support 2021-01-01 09:58:28 +00:00			`return true`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 11:30:04 +00:00			`} else if !request.allExtensions {`
Fixed file extension list 2021-03-06 09:04:54 +00:00			`return false`
Added file based template support 2021-01-01 09:58:28 +00:00			`}`
			`}`
adding mime type file support 2022-03-22 11:35:11 +00:00
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`var (`
			`fileExists bool`
			`dataChunk []byte`
			`)`
			`if !inArchive && request.MimeType {`
			`// mime type check`
			`// read first bytes to infer runtime type`
			`fileExists = fileutil.FileExists(item)`
			`if fileExists {`
			`dataChunk, _ = readChunk(item)`
			`if len(request.mimeTypesChecks) > 0 && matchAnyMimeTypes(dataChunk, request.mimeTypesChecks) {`
			`return true`
			`}`
adding mime type file support 2022-03-22 11:35:11 +00:00			`}`
			`}`

Extending deny list to support filenames and folders (#1260) * Extending deny list to support filenames and folders * fixing field name * adding missing edge case with relative path + filename * handling root path + relative path * Improving matchers to handle all deny cases 2021-12-16 10:51:06 +00:00			`if matchingRule, ok := request.isInDenyList(absPath, item); ok {`
			`gologger.Verbose().Msgf("Ignoring path %s due to denylist item %s\n", item, matchingRule)`
Added file based template support 2021-01-01 09:58:28 +00:00			`return false`
			`}`
Extending deny list to support filenames and folders (#1260) * Extending deny list to support filenames and folders * fixing field name * adding missing edge case with relative path + filename * handling root path + relative path * Improving matchers to handle all deny cases 2021-12-16 10:51:06 +00:00
adding mime type file support 2022-03-22 11:35:11 +00:00			`// denied mime type checks`
more checks + test cases fix 2022-03-22 13:18:01 +00:00			`if !inArchive && request.MimeType && fileExists {`
adding mime type file support 2022-03-22 11:35:11 +00:00			`if len(request.denyMimeTypesChecks) > 0 && matchAnyMimeTypes(dataChunk, request.denyMimeTypesChecks) {`
			`return false`
			`}`
			`}`

Added file based template support 2021-01-01 09:58:28 +00:00			`return true`
			`}`
Extending deny list to support filenames and folders (#1260) * Extending deny list to support filenames and folders * fixing field name * adding missing edge case with relative path + filename * handling root path + relative path * Improving matchers to handle all deny cases 2021-12-16 10:51:06 +00:00
			`func (request *Request) isInDenyList(absPath, item string) (string, bool) {`
			`extension := filepath.Ext(item)`
			`// check for possible deny rules`
			`// - extension is in deny list`
			`if _, ok := request.denyList[extension]; ok {`
			`return extension, true`
			`}`

			`// - full path is in deny list`
			`if _, ok := request.denyList[item]; ok {`
			`return item, true`
			`}`

			`// file is in a forbidden subdirectory`
			`filename := filepath.Base(item)`
			`fullPathWithoutFilename := strings.TrimSuffix(item, filename)`
			`relativePathWithFilename := strings.TrimPrefix(item, absPath)`
			`relativePath := strings.TrimSuffix(relativePathWithFilename, filename)`

			`// - filename is in deny list`
			`if _, ok := request.denyList[filename]; ok {`
			`return filename, true`
			`}`

			`// - relative path is in deny list`
			`if _, ok := request.denyList[relativePath]; ok {`
			`return relativePath, true`
			`}`

			`// relative path + filename are in the forbidden list`
			`if _, ok := request.denyList[relativePathWithFilename]; ok {`
			`return relativePathWithFilename, true`
			`}`

			`// root path + relative path are in the forbidden list`
			`if _, ok := request.denyList[fullPathWithoutFilename]; ok {`
			`return fullPathWithoutFilename, true`
			`}`

			`// check any progressive combined part of the relative and absolute path with filename for matches within rules prefixes`
			`if pathTreeItem, ok := request.isAnyChunkInDenyList(relativePath, false); ok {`
			`return pathTreeItem, true`
			`}`
			`if pathTreeItem, ok := request.isAnyChunkInDenyList(item, true); ok {`
			`return pathTreeItem, true`
			`}`

			`return "", false`
			`}`

adding mime type file support 2022-03-22 11:35:11 +00:00			`func readChunk(fileName string) ([]byte, error) {`
			`r, err := os.Open(fileName)`
			`if err != nil {`
			`return nil, err`
			`}`

			`defer r.Close()`

			`var buff [1024]byte`
			`if _, err = io.ReadFull(r, buff[:]); err != nil {`
			`return nil, err`
			`}`
			`return buff[:], nil`
			`}`

Extending deny list to support filenames and folders (#1260) * Extending deny list to support filenames and folders * fixing field name * adding missing edge case with relative path + filename * handling root path + relative path * Improving matchers to handle all deny cases 2021-12-16 10:51:06 +00:00			`func (request *Request) isAnyChunkInDenyList(path string, splitWithUtils bool) (string, bool) {`
			`var paths []string`

			`if splitWithUtils {`
			`pathInfo, _ := folderutil.NewPathInfo(path)`
			`paths, _ = pathInfo.Paths()`
			`} else {`
			`pathTree := strings.Split(path, string(os.PathSeparator))`
			`for i := range pathTree {`
			`paths = append(paths, filepath.Join(pathTree[:i]...))`
			`}`
			`}`
			`for _, pathTreeItem := range paths {`
			`if _, ok := request.denyList[pathTreeItem]; ok {`
			`return pathTreeItem, true`
			`}`
			`}`

			`return "", false`
			`}`