2020-04-03 21:20:32 +00:00
|
|
|
package templates
|
|
|
|
|
|
|
|
|
|
import (
|
2023-10-13 07:47:27 +00:00
|
|
|
"encoding/json"
|
2020-05-05 19:42:28 +00:00
|
|
|
"fmt"
|
2022-12-13 07:27:47 +00:00
|
|
|
"io"
|
2021-10-26 15:06:44 +00:00
|
|
|
"reflect"
|
2023-10-13 07:47:27 +00:00
|
|
|
"sync"
|
|
|
|
|
"sync/atomic"
|
2020-04-03 21:20:32 +00:00
|
|
|
|
2023-10-16 09:04:52 +00:00
|
|
|
"github.com/logrusorgru/aurora"
|
2020-12-29 10:08:14 +00:00
|
|
|
"github.com/pkg/errors"
|
2021-07-19 18:04:08 +00:00
|
|
|
"gopkg.in/yaml.v2"
|
|
|
|
|
|
2023-10-16 09:04:52 +00:00
|
|
|
"github.com/projectdiscovery/gologger"
|
2023-10-17 12:14:13 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/js/compiler"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/operators"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/offlinehttp"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/templates/cache"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/templates/signer"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/tmplexec"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/utils"
|
2023-02-09 13:45:44 +00:00
|
|
|
"github.com/projectdiscovery/retryablehttp-go"
|
2023-08-31 12:33:01 +00:00
|
|
|
errorutil "github.com/projectdiscovery/utils/errors"
|
2022-11-06 20:24:23 +00:00
|
|
|
stringsutil "github.com/projectdiscovery/utils/strings"
|
2020-04-03 21:20:32 +00:00
|
|
|
)
|
|
|
|
|
|
2021-08-27 18:51:07 +00:00
|
|
|
var (
|
2023-02-06 23:40:38 +00:00
|
|
|
ErrCreateTemplateExecutor = errors.New("cannot create template executer")
|
|
|
|
|
ErrIncompatibleWithOfflineMatching = errors.New("template can't be used for offline matching")
|
2023-10-13 07:47:27 +00:00
|
|
|
parsedTemplatesCache *cache.Templates
|
|
|
|
|
// track how many templates are verfied and by which signer
|
|
|
|
|
SignatureStats = map[string]*atomic.Uint64{}
|
2021-08-27 18:51:07 +00:00
|
|
|
)
|
2021-08-27 14:06:06 +00:00
|
|
|
|
2023-10-13 07:47:27 +00:00
|
|
|
const (
|
|
|
|
|
Unsigned = "unsigned"
|
|
|
|
|
)
|
2021-08-27 18:57:37 +00:00
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
parsedTemplatesCache = cache.New()
|
2023-10-13 07:47:27 +00:00
|
|
|
for _, verifier := range signer.DefaultTemplateVerifiers {
|
|
|
|
|
SignatureStats[verifier.Identifier()] = &atomic.Uint64{}
|
|
|
|
|
}
|
2023-10-16 09:04:52 +00:00
|
|
|
SignatureStats[Unsigned] = &atomic.Uint64{}
|
2021-08-27 18:57:37 +00:00
|
|
|
}
|
|
|
|
|
|
2020-06-29 12:13:08 +00:00
|
|
|
// Parse parses a yaml request template file
|
2021-08-27 14:06:06 +00:00
|
|
|
// TODO make sure reading from the disk the template parsing happens once: see parsers.ParseTemplate vs templates.Parse
|
2022-09-16 17:40:39 +00:00
|
|
|
//
|
|
|
|
|
//nolint:gocritic // this cannot be passed by pointer
|
2023-05-31 20:58:10 +00:00
|
|
|
func Parse(filePath string, preprocessor Preprocessor, options protocols.ExecutorOptions) (*Template, error) {
|
2023-02-13 12:30:25 +00:00
|
|
|
if !options.DoNotCache {
|
|
|
|
|
if value, err := parsedTemplatesCache.Has(filePath); value != nil {
|
|
|
|
|
return value.(*Template), err
|
|
|
|
|
}
|
2021-08-27 14:06:06 +00:00
|
|
|
}
|
|
|
|
|
|
2022-12-15 10:50:29 +00:00
|
|
|
var reader io.ReadCloser
|
|
|
|
|
if utils.IsURL(filePath) {
|
2023-02-09 13:45:44 +00:00
|
|
|
// use retryablehttp (tls verification is enabled by default in the standard library)
|
|
|
|
|
resp, err := retryablehttp.DefaultClient().Get(filePath)
|
2022-12-15 10:50:29 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
reader = resp.Body
|
|
|
|
|
} else {
|
|
|
|
|
var err error
|
|
|
|
|
reader, err = options.Catalog.OpenFile(filePath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2021-07-21 05:32:44 +00:00
|
|
|
}
|
2022-12-15 10:50:29 +00:00
|
|
|
defer reader.Close()
|
2023-01-03 06:47:56 +00:00
|
|
|
options.TemplatePath = filePath
|
2023-08-31 12:33:01 +00:00
|
|
|
template, err := ParseTemplateFromReader(reader, preprocessor, options.Copy())
|
2022-12-15 10:50:29 +00:00
|
|
|
if err != nil {
|
2021-08-31 13:57:26 +00:00
|
|
|
return nil, err
|
2020-04-03 21:20:32 +00:00
|
|
|
}
|
2020-12-29 12:32:45 +00:00
|
|
|
// Compile the workflow request
|
2021-08-03 11:51:34 +00:00
|
|
|
if len(template.Workflows) > 0 {
|
2020-12-30 07:56:55 +00:00
|
|
|
compiled := &template.Workflow
|
2021-07-04 23:05:53 +00:00
|
|
|
|
2021-08-30 11:28:11 +00:00
|
|
|
compileWorkflow(filePath, preprocessor, &options, compiled, options.WorkflowLoader)
|
2020-12-30 07:56:55 +00:00
|
|
|
template.CompiledWorkflow = compiled
|
2021-02-23 17:25:29 +00:00
|
|
|
template.CompiledWorkflow.Options = &options
|
2020-12-29 12:32:45 +00:00
|
|
|
}
|
2021-09-22 17:11:07 +00:00
|
|
|
template.Path = filePath
|
2023-02-13 12:30:25 +00:00
|
|
|
if !options.DoNotCache {
|
|
|
|
|
parsedTemplatesCache.Store(filePath, template, err)
|
|
|
|
|
}
|
2021-09-22 17:11:07 +00:00
|
|
|
return template, nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-19 15:59:18 +00:00
|
|
|
// parseSelfContainedRequests parses the self contained template requests.
|
2021-10-26 15:06:44 +00:00
|
|
|
func (template *Template) parseSelfContainedRequests() {
|
2021-11-17 00:28:35 +00:00
|
|
|
if template.Signature.Value.String() != "" {
|
2021-11-12 18:58:12 +00:00
|
|
|
for _, request := range template.RequestsHTTP {
|
2021-11-17 00:28:35 +00:00
|
|
|
request.Signature = template.Signature
|
2021-11-12 18:29:45 +00:00
|
|
|
}
|
|
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
if !template.SelfContained {
|
2021-10-19 15:59:18 +00:00
|
|
|
return
|
2020-12-29 11:03:25 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
for _, request := range template.RequestsHTTP {
|
2021-10-19 15:59:18 +00:00
|
|
|
request.SelfContained = true
|
2020-12-30 09:24:20 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
for _, request := range template.RequestsNetwork {
|
2021-10-19 15:59:18 +00:00
|
|
|
request.SelfContained = true
|
2021-02-21 11:01:34 +00:00
|
|
|
}
|
2023-11-02 13:38:20 +00:00
|
|
|
for _, request := range template.RequestsHeadless {
|
|
|
|
|
request.SelfContained = true
|
|
|
|
|
}
|
2021-10-19 15:59:18 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
|
|
|
|
|
// Requests returns the total request count for the template
|
|
|
|
|
func (template *Template) Requests() int {
|
|
|
|
|
return len(template.RequestsDNS) +
|
|
|
|
|
len(template.RequestsHTTP) +
|
|
|
|
|
len(template.RequestsFile) +
|
|
|
|
|
len(template.RequestsNetwork) +
|
|
|
|
|
len(template.RequestsHeadless) +
|
2021-10-29 12:56:06 +00:00
|
|
|
len(template.Workflows) +
|
|
|
|
|
len(template.RequestsSSL) +
|
2021-12-16 11:38:02 +00:00
|
|
|
len(template.RequestsWebsocket) +
|
2023-06-09 15:24:24 +00:00
|
|
|
len(template.RequestsWHOIS) +
|
2023-09-16 10:32:17 +00:00
|
|
|
len(template.RequestsCode) +
|
|
|
|
|
len(template.RequestsJavascript)
|
2021-10-26 15:06:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// compileProtocolRequests compiles all the protocol requests for the template
|
2023-11-10 23:12:27 +00:00
|
|
|
func (template *Template) compileProtocolRequests(options *protocols.ExecutorOptions) error {
|
2021-10-26 15:06:44 +00:00
|
|
|
templateRequests := template.Requests()
|
|
|
|
|
|
|
|
|
|
if templateRequests == 0 {
|
|
|
|
|
return fmt.Errorf("no requests defined for %s", template.ID)
|
2021-02-07 09:42:38 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
|
2021-10-27 10:23:04 +00:00
|
|
|
if options.Options.OfflineHTTP {
|
2023-02-06 23:40:38 +00:00
|
|
|
return template.compileOfflineHTTPRequest(options)
|
2021-09-27 12:32:49 +00:00
|
|
|
}
|
2021-08-27 14:06:06 +00:00
|
|
|
|
2021-10-26 15:06:44 +00:00
|
|
|
var requests []protocols.Request
|
2021-12-16 11:38:02 +00:00
|
|
|
|
2023-08-31 12:33:01 +00:00
|
|
|
if template.hasMultipleRequests() {
|
|
|
|
|
// when multiple requests are present preserve the order of requests and protocols
|
|
|
|
|
// which is already done during unmarshalling
|
|
|
|
|
requests = template.RequestsQueue
|
|
|
|
|
if options.Flow == "" {
|
|
|
|
|
options.IsMultiProtocol = true
|
|
|
|
|
}
|
2023-06-09 14:22:56 +00:00
|
|
|
} else {
|
2023-08-31 12:33:01 +00:00
|
|
|
if len(template.RequestsDNS) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsDNS)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsFile) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsFile)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsNetwork) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsNetwork)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsHTTP) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsHTTP)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsHeadless) > 0 && options.Options.Headless {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsHeadless)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsSSL) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsSSL)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsWebsocket) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsWebsocket)...)
|
2023-08-31 12:33:01 +00:00
|
|
|
}
|
|
|
|
|
if len(template.RequestsWHOIS) > 0 {
|
2023-06-09 14:22:56 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsWHOIS)...)
|
|
|
|
|
}
|
2023-11-16 12:26:07 +00:00
|
|
|
if len(template.RequestsCode) > 0 && options.Options.EnableCodeTemplates {
|
2023-08-31 12:33:01 +00:00
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsCode)...)
|
|
|
|
|
}
|
2023-09-16 10:32:17 +00:00
|
|
|
if len(template.RequestsJavascript) > 0 {
|
|
|
|
|
requests = append(requests, template.convertRequestToProtocolsRequest(template.RequestsJavascript)...)
|
|
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
}
|
2024-01-17 17:46:57 +00:00
|
|
|
var err error
|
|
|
|
|
template.Executer, err = tmplexec.NewTemplateExecuter(requests, options)
|
|
|
|
|
return err
|
2020-04-03 21:20:32 +00:00
|
|
|
}
|
2021-10-19 15:59:18 +00:00
|
|
|
|
2021-10-27 10:23:04 +00:00
|
|
|
// convertRequestToProtocolsRequest is a convenience wrapper to convert
|
|
|
|
|
// arbitrary interfaces which are slices of requests from the template to a
|
|
|
|
|
// slice of protocols.Request interface items.
|
2021-10-26 15:06:44 +00:00
|
|
|
func (template *Template) convertRequestToProtocolsRequest(requests interface{}) []protocols.Request {
|
|
|
|
|
switch reflect.TypeOf(requests).Kind() {
|
|
|
|
|
case reflect.Slice:
|
|
|
|
|
s := reflect.ValueOf(requests)
|
|
|
|
|
|
|
|
|
|
requestSlice := make([]protocols.Request, s.Len())
|
|
|
|
|
for i := 0; i < s.Len(); i++ {
|
|
|
|
|
value := s.Index(i)
|
|
|
|
|
valueInterface := value.Interface()
|
|
|
|
|
requestSlice[i] = valueInterface.(protocols.Request)
|
|
|
|
|
}
|
|
|
|
|
return requestSlice
|
2021-10-19 15:59:18 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// compileOfflineHTTPRequest iterates all requests if offline http mode is
|
|
|
|
|
// specified and collects all matchers for all the base request templates
|
|
|
|
|
// (those with URL {{BaseURL}} and it's slash variation.)
|
2023-11-10 23:12:27 +00:00
|
|
|
func (template *Template) compileOfflineHTTPRequest(options *protocols.ExecutorOptions) error {
|
2021-10-26 15:06:44 +00:00
|
|
|
operatorsList := []*operators.Operators{}
|
|
|
|
|
|
|
|
|
|
mainLoop:
|
|
|
|
|
for _, req := range template.RequestsHTTP {
|
2022-07-11 17:08:07 +00:00
|
|
|
hasPaths := len(req.Path) > 0
|
|
|
|
|
if !hasPaths {
|
|
|
|
|
break mainLoop
|
|
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
for _, path := range req.Path {
|
2022-07-11 17:08:07 +00:00
|
|
|
pathIsBaseURL := stringsutil.EqualFoldAny(path, "{{BaseURL}}", "{{BaseURL}}/", "/")
|
|
|
|
|
if !pathIsBaseURL {
|
2021-10-26 15:06:44 +00:00
|
|
|
break mainLoop
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
operatorsList = append(operatorsList, &req.Operators)
|
2021-10-19 15:59:18 +00:00
|
|
|
}
|
2021-10-26 15:06:44 +00:00
|
|
|
if len(operatorsList) > 0 {
|
|
|
|
|
options.Operators = operatorsList
|
2024-01-17 17:46:57 +00:00
|
|
|
var err error
|
|
|
|
|
template.Executer, err = tmplexec.NewTemplateExecuter([]protocols.Request{&offlinehttp.Request{}}, options)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// it seems like flow executor cannot be used for offline http matching (ex:http(1) && http(2))
|
|
|
|
|
return ErrIncompatibleWithOfflineMatching
|
|
|
|
|
}
|
|
|
|
|
return err
|
2021-10-19 15:59:18 +00:00
|
|
|
}
|
2023-02-06 23:40:38 +00:00
|
|
|
|
|
|
|
|
return ErrIncompatibleWithOfflineMatching
|
2020-04-03 21:20:32 +00:00
|
|
|
}
|
2022-12-13 07:27:47 +00:00
|
|
|
|
2022-12-22 05:34:16 +00:00
|
|
|
// ParseTemplateFromReader reads the template from reader
|
2022-12-13 07:27:47 +00:00
|
|
|
// returns the parsed template
|
2023-05-31 20:58:10 +00:00
|
|
|
func ParseTemplateFromReader(reader io.Reader, preprocessor Preprocessor, options protocols.ExecutorOptions) (*Template, error) {
|
2022-12-19 13:21:20 +00:00
|
|
|
data, err := io.ReadAll(reader)
|
2022-12-13 07:27:47 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2022-12-15 10:50:29 +00:00
|
|
|
|
2023-10-13 07:47:27 +00:00
|
|
|
// a preprocessor is a variable like
|
|
|
|
|
// {{randstr}} which is replaced before unmarshalling
|
|
|
|
|
// as it is known to be a random static value per template
|
|
|
|
|
hasPreprocessor := false
|
|
|
|
|
allPreprocessors := getPreprocessors(preprocessor)
|
|
|
|
|
for _, preprocessor := range allPreprocessors {
|
|
|
|
|
if preprocessor.Exists(data) {
|
|
|
|
|
hasPreprocessor = true
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !hasPreprocessor {
|
|
|
|
|
// if no preprocessors exists parse template and exit
|
|
|
|
|
template, err := parseTemplate(data, options)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2023-10-16 09:04:52 +00:00
|
|
|
if !template.Verified && len(template.Workflows) == 0 {
|
|
|
|
|
if config.DefaultConfig.LogAllEvents {
|
|
|
|
|
gologger.DefaultLogger.Print().Msgf("[%v] Template %s is not signed or tampered\n", aurora.Yellow("WRN").String(), template.ID)
|
|
|
|
|
}
|
2023-10-13 07:47:27 +00:00
|
|
|
SignatureStats[Unsigned].Add(1)
|
|
|
|
|
}
|
|
|
|
|
return template, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// if preprocessor is required / exists in this template
|
|
|
|
|
// first unmarshal it and check if its verified
|
|
|
|
|
// persist verified status value and then
|
|
|
|
|
// expand all preprocessor and reparse template
|
|
|
|
|
|
2023-10-20 12:24:10 +00:00
|
|
|
// === signature verification before preprocessors ===
|
2023-10-13 07:47:27 +00:00
|
|
|
template, err := parseTemplate(data, options)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
isVerified := template.Verified
|
2023-10-16 09:04:52 +00:00
|
|
|
if !template.Verified && len(template.Workflows) == 0 {
|
|
|
|
|
// workflows are not signed by default
|
|
|
|
|
if config.DefaultConfig.LogAllEvents {
|
|
|
|
|
gologger.DefaultLogger.Print().Msgf("[%v] Template %s is not signed or tampered\n", aurora.Yellow("WRN").String(), template.ID)
|
|
|
|
|
}
|
2023-10-13 07:47:27 +00:00
|
|
|
SignatureStats[Unsigned].Add(1)
|
2022-12-15 10:50:29 +00:00
|
|
|
}
|
|
|
|
|
|
2023-10-13 07:47:27 +00:00
|
|
|
// ==== execute preprocessors ======
|
|
|
|
|
for _, v := range allPreprocessors {
|
|
|
|
|
data = v.Process(data)
|
|
|
|
|
}
|
|
|
|
|
reParsed, err := parseTemplate(data, options)
|
|
|
|
|
if err != nil {
|
2022-12-13 07:27:47 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
2023-10-13 07:47:27 +00:00
|
|
|
reParsed.Verified = isVerified
|
|
|
|
|
return reParsed, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// this method does not include any kind of preprocessing
|
|
|
|
|
func parseTemplate(data []byte, options protocols.ExecutorOptions) (*Template, error) {
|
|
|
|
|
template := &Template{}
|
|
|
|
|
var err error
|
|
|
|
|
switch config.GetTemplateFormatFromExt(template.Path) {
|
|
|
|
|
case config.JSON:
|
|
|
|
|
err = json.Unmarshal(data, template)
|
|
|
|
|
case config.YAML:
|
|
|
|
|
err = yaml.Unmarshal(data, template)
|
|
|
|
|
default:
|
|
|
|
|
// assume its yaml
|
|
|
|
|
if err = yaml.Unmarshal(data, template); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errorutil.NewWithErr(err).Msgf("failed to parse %s", template.Path)
|
|
|
|
|
}
|
2022-12-13 07:27:47 +00:00
|
|
|
|
|
|
|
|
if utils.IsBlank(template.Info.Name) {
|
|
|
|
|
return nil, errors.New("no template name field provided")
|
|
|
|
|
}
|
|
|
|
|
if template.Info.Authors.IsEmpty() {
|
|
|
|
|
return nil, errors.New("no template author field provided")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Setting up variables regarding template metadata
|
|
|
|
|
options.TemplateID = template.ID
|
|
|
|
|
options.TemplateInfo = template.Info
|
|
|
|
|
options.StopAtFirstMatch = template.StopAtFirstMatch
|
|
|
|
|
|
|
|
|
|
if template.Variables.Len() > 0 {
|
|
|
|
|
options.Variables = template.Variables
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-31 12:33:01 +00:00
|
|
|
// if more than 1 request per protocol exist we add request id to protocol request
|
|
|
|
|
// since in template context we have proto_prefix for each protocol it is overwritten
|
|
|
|
|
// if request id is not present
|
|
|
|
|
template.validateAllRequestIDs()
|
|
|
|
|
|
2023-06-09 14:22:56 +00:00
|
|
|
// create empty context args for template scope
|
2023-08-31 12:33:01 +00:00
|
|
|
options.CreateTemplateCtxStore()
|
2023-06-09 14:22:56 +00:00
|
|
|
options.ProtocolType = template.Type()
|
2023-05-25 16:32:35 +00:00
|
|
|
options.Constants = template.Constants
|
2023-08-31 12:33:01 +00:00
|
|
|
|
2023-09-16 10:32:17 +00:00
|
|
|
// initialize the js compiler if missing
|
|
|
|
|
if options.JsCompiler == nil {
|
2023-10-13 07:47:27 +00:00
|
|
|
options.JsCompiler = GetJsCompiler()
|
2023-09-16 10:32:17 +00:00
|
|
|
}
|
|
|
|
|
|
2023-08-31 12:33:01 +00:00
|
|
|
template.Options = &options
|
2022-12-13 07:27:47 +00:00
|
|
|
// If no requests, and it is also not a workflow, return error.
|
|
|
|
|
if template.Requests() == 0 {
|
|
|
|
|
return nil, fmt.Errorf("no requests defined for %s", template.ID)
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-13 07:47:27 +00:00
|
|
|
// load `flow` and `source` in code protocol from file
|
|
|
|
|
// if file is referenced instead of actual source code
|
|
|
|
|
if err := template.ImportFileRefs(template.Options); err != nil {
|
|
|
|
|
return nil, errorutil.NewWithErr(err).Msgf("failed to load file refs for %s", template.ID)
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-10 23:12:27 +00:00
|
|
|
if err := template.compileProtocolRequests(template.Options); err != nil {
|
2022-12-13 07:27:47 +00:00
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if template.Executer != nil {
|
|
|
|
|
if err := template.Executer.Compile(); err != nil {
|
|
|
|
|
return nil, errors.Wrap(err, "could not compile request")
|
|
|
|
|
}
|
|
|
|
|
template.TotalRequests = template.Executer.Requests()
|
|
|
|
|
}
|
|
|
|
|
if template.Executer == nil && template.CompiledWorkflow == nil {
|
|
|
|
|
return nil, ErrCreateTemplateExecutor
|
|
|
|
|
}
|
|
|
|
|
template.parseSelfContainedRequests()
|
|
|
|
|
|
2023-06-09 15:24:24 +00:00
|
|
|
// check if the template is verified
|
2023-10-13 07:47:27 +00:00
|
|
|
// only valid templates can be verified or signed
|
2023-11-10 23:12:27 +00:00
|
|
|
var verifier *signer.TemplateSigner
|
|
|
|
|
for _, verifier = range signer.DefaultTemplateVerifiers {
|
2023-10-13 07:47:27 +00:00
|
|
|
template.Verified, _ = verifier.Verify(data, template)
|
2023-06-09 15:24:24 +00:00
|
|
|
if template.Verified {
|
2023-10-13 07:47:27 +00:00
|
|
|
SignatureStats[verifier.Identifier()].Add(1)
|
2023-06-09 15:24:24 +00:00
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-10 23:12:27 +00:00
|
|
|
|
|
|
|
|
if !(template.Verified && verifier.Identifier() == "projectdiscovery/nuclei-templates") {
|
|
|
|
|
template.Options.RawTemplate = data
|
|
|
|
|
}
|
2022-12-13 07:27:47 +00:00
|
|
|
return template, nil
|
|
|
|
|
}
|
2023-10-13 07:47:27 +00:00
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
jsCompiler *compiler.Compiler
|
|
|
|
|
jsCompilerOnce = sync.OnceFunc(func() {
|
|
|
|
|
jsCompiler = compiler.New()
|
|
|
|
|
})
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func GetJsCompiler() *compiler.Compiler {
|
|
|
|
|
jsCompilerOnce()
|
|
|
|
|
return jsCompiler
|
|
|
|
|
}
|
