nuclei/pkg/requests/http-request.go

package requests

import (
	"bufio"
	"io/ioutil"
	"net/http"
	"net/url"
	"strings"

	"github.com/projectdiscovery/nuclei/pkg/extractors"
	"github.com/projectdiscovery/nuclei/pkg/matchers"
	retryablehttp "github.com/projectdiscovery/retryablehttp-go"
	"github.com/valyala/fasttemplate"
)

// HTTPRequest contains a request to be made from a template
type HTTPRequest struct {
	// Method is the request method, whether GET, POST, PUT, etc
	Method string `yaml:"method"`
	// Path contains the path/s for the request
	Path []string `yaml:"path"`
	// Headers contains headers to send with the request
	Headers map[string]string `yaml:"headers,omitempty"`
	// Body is an optional parameter which contains the request body for POST methods, etc
	Body string `yaml:"body,omitempty"`
	// Matchers contains the detection mechanism for the request to identify
	// whether the request was successful
	Matchers []*matchers.Matcher `yaml:"matchers,omitempty"`
	// MatchersCondition is the condition of the matchers
	// whether to use AND or OR. Default is OR.
	MatchersCondition string `yaml:"matchers-condition,omitempty"`
	// matchersCondition is internal condition for the matchers.
	matchersCondition matchers.ConditionType
	// Extractors contains the extraction mechanism for the request to identify
	// and extract parts of the response.
	Extractors []*extractors.Extractor `yaml:"extractors,omitempty"`
	// Redirects specifies whether redirects should be followed.
	Redirects bool `yaml:"redirects,omitempty"`
	// MaxRedirects is the maximum number of redirects that should be followed.
	MaxRedirects int `yaml:"max-redirects,omitempty"`
	// Raw contains a raw request
	Raw string `yaml:"raw,omitempty"`
}

// GetMatchersCondition returns the condition for the matcher
func (r *HTTPRequest) GetMatchersCondition() matchers.ConditionType {
	return r.matchersCondition
}

// SetMatchersCondition sets the condition for the matcher
func (r *HTTPRequest) SetMatchersCondition(condition matchers.ConditionType) {
	r.matchersCondition = condition
}

// MakeHTTPRequest creates a *http.Request from a request template
func (r *HTTPRequest) MakeHTTPRequest(baseURL string) ([]*retryablehttp.Request, error) {
	if r.Raw != "" {
		return r.makeHTTPRequestFromRaw(baseURL)
	}

	return r.makeHTTPRequestFromModel(baseURL)
}

// MakeHTTPRequestFromModel creates a *http.Request from a request template
func (r *HTTPRequest) makeHTTPRequestFromModel(baseURL string) ([]*retryablehttp.Request, error) {
	parsed, err := url.Parse(baseURL)
	if err != nil {
		return nil, err
	}
	hostname := parsed.Hostname()

	requests := make([]*retryablehttp.Request, 0, len(r.Path))
	for _, path := range r.Path {
		// Replace the dynamic variables in the URL if any
		t := fasttemplate.New(path, "{{", "}}")
		url := t.ExecuteString(map[string]interface{}{
			"BaseURL":  baseURL,
			"Hostname": hostname,
		})

		// Build a request on the specified URL
		req, err := http.NewRequest(r.Method, url, nil)
		if err != nil {
			return nil, err
		}

		// Check if the user requested a request body
		if r.Body != "" {
			req.Body = ioutil.NopCloser(strings.NewReader(r.Body))
		}

		// Set the header values requested
		for header, value := range r.Headers {
			t := fasttemplate.New(value, "{{", "}}")
			val := t.ExecuteString(map[string]interface{}{
				"BaseURL":  baseURL,
				"Hostname": hostname,
			})
			req.Header.Set(header, val)
		}

		// Set some headers only if the header wasn't supplied by the user
		if _, ok := r.Headers["User-Agent"]; !ok {
			req.Header.Set("User-Agent", "Nuclei (@pdiscoveryio)")
		}
		if _, ok := r.Headers["Accept"]; !ok {
			req.Header.Set("Accept", "*/*")
		}
		if _, ok := r.Headers["Accept-Language"]; !ok {
			req.Header.Set("Accept-Language", "en")
		}
		req.Header.Set("Connection", "close")
		req.Close = true

		request, err := retryablehttp.FromRequest(req)
		if err != nil {
			return nil, err
		}

		requests = append(requests, request)
	}

	return requests, nil
}

// makeHTTPRequestFromRaw creates a *http.Request from a raw request
func (r *HTTPRequest) makeHTTPRequestFromRaw(baseURL string) ([]*retryablehttp.Request, error) {
	parsed, err := url.Parse(baseURL)
	if err != nil {
		return nil, err
	}
	hostname := parsed.Hostname()

	requests := make([]*retryablehttp.Request, 0, len(r.Path))
	for _, path := range r.Path {
		// Replace the dynamic variables in the URL if any
		t := fasttemplate.New(path, "{{", "}}")

		// Build a request from raw
		req, err := http.ReadRequest(bufio.NewReader(strings.NewReader(r.Raw)))
		if err != nil {
			return nil, err
		}

		// Overwrite the raw requests with template defined fields if defined
		req.Method = r.Method
		targetURL, err := url.Parse(t.ExecuteString(map[string]interface{}{
			"BaseURL":  baseURL,
			"Hostname": hostname,
		}))
		if err != nil {
			return nil, err
		}
		req.URL = targetURL

		// Check if the user requested a request body
		if r.Body != "" {
			req.Body = ioutil.NopCloser(strings.NewReader(r.Body))
		}

		// Set the header values requested
		for header, value := range r.Headers {
			t := fasttemplate.New(value, "{{", "}}")
			val := t.ExecuteString(map[string]interface{}{
				"BaseURL":  baseURL,
				"Hostname": hostname,
			})
			req.Header.Set(header, val)
		}

		// Set some headers only if the header wasn't supplied by the user
		if _, ok := r.Headers["User-Agent"]; !ok {
			req.Header.Set("User-Agent", "Nuclei (@pdiscoveryio)")
		}
		if _, ok := r.Headers["Accept"]; !ok {
			req.Header.Set("Accept", "*/*")
		}
		if _, ok := r.Headers["Accept-Language"]; !ok {
			req.Header.Set("Accept-Language", "en")
		}
		req.Header.Set("Connection", "close")
		req.Close = true

		request, err := retryablehttp.FromRequest(req)
		if err != nil {
			return nil, err
		}

		requests = append(requests, request)
	}

	return requests, nil
}
Added readme + templates/requests start 2020-04-03 18:47:57 +00:00			`package requests`

			`import (`
begin of work on raw requests support 2020-04-28 21:02:07 +00:00			`"bufio"`
Added requests + compile 2020-04-03 21:20:32 +00:00			`"io/ioutil"`
			`"net/http"`
Added dynamic templating 2020-04-03 21:56:11 +00:00			`"net/url"`
Added requests + compile 2020-04-03 21:20:32 +00:00			`"strings"`

Added extractors to the workflow + misc 2020-04-05 19:14:45 +00:00			`"github.com/projectdiscovery/nuclei/pkg/extractors"`
Added readme + templates/requests start 2020-04-03 18:47:57 +00:00			`"github.com/projectdiscovery/nuclei/pkg/matchers"`
Added retryablehttp 2020-04-04 11:42:29 +00:00			`retryablehttp "github.com/projectdiscovery/retryablehttp-go"`
Added dynamic templating 2020-04-03 21:56:11 +00:00			`"github.com/valyala/fasttemplate"`
Added readme + templates/requests start 2020-04-03 18:47:57 +00:00			`)`

poc implementation of dns templating 2020-04-22 20:45:02 +00:00			`// HTTPRequest contains a request to be made from a template`
			`type HTTPRequest struct {`
Added readme + templates/requests start 2020-04-03 18:47:57 +00:00			`// Method is the request method, whether GET, POST, PUT, etc`
			Method string `yaml:"method"`
			`// Path contains the path/s for the request`
			Path []string `yaml:"path"`
			`// Headers contains headers to send with the request`
			Headers map[string]string `yaml:"headers,omitempty"`
			`// Body is an optional parameter which contains the request body for POST methods, etc`
			Body string `yaml:"body,omitempty"`
			`// Matchers contains the detection mechanism for the request to identify`
			`// whether the request was successful`
Fixed #5 leading to default headers not being set 2020-04-05 18:28:22 +00:00			Matchers []*matchers.Matcher `yaml:"matchers,omitempty"`
Added executor + refactor 2020-04-26 00:20:33 +00:00			`// MatchersCondition is the condition of the matchers`
			`// whether to use AND or OR. Default is OR.`
			MatchersCondition string `yaml:"matchers-condition,omitempty"`
Finished executer for per-request execution 2020-04-26 01:03:59 +00:00			`// matchersCondition is internal condition for the matchers.`
			`matchersCondition matchers.ConditionType`
Fixed #5 leading to default headers not being set 2020-04-05 18:28:22 +00:00			`// Extractors contains the extraction mechanism for the request to identify`
			`// and extract parts of the response.`
Added extractors to the workflow + misc 2020-04-05 19:14:45 +00:00			Extractors []*extractors.Extractor `yaml:"extractors,omitempty"`
Added configurable redirects per request 2020-04-22 22:26:41 +00:00			`// Redirects specifies whether redirects should be followed.`
			Redirects bool `yaml:"redirects,omitempty"`
			`// MaxRedirects is the maximum number of redirects that should be followed.`
			MaxRedirects int `yaml:"max-redirects,omitempty"`
begin of work on raw requests support 2020-04-28 21:02:07 +00:00			`// Raw contains a raw request`
			Raw string `yaml:"raw,omitempty"`
Added readme + templates/requests start 2020-04-03 18:47:57 +00:00			`}`
Added requests + compile 2020-04-03 21:20:32 +00:00
Finished executer for per-request execution 2020-04-26 01:03:59 +00:00			`// GetMatchersCondition returns the condition for the matcher`
			`func (r *HTTPRequest) GetMatchersCondition() matchers.ConditionType {`
			`return r.matchersCondition`
			`}`

			`// SetMatchersCondition sets the condition for the matcher`
			`func (r *HTTPRequest) SetMatchersCondition(condition matchers.ConditionType) {`
			`r.matchersCondition = condition`
			`}`

poc implementation of dns templating 2020-04-22 20:45:02 +00:00			`// MakeHTTPRequest creates a *http.Request from a request template`
			`func (r HTTPRequest) MakeHTTPRequest(baseURL string) ([]retryablehttp.Request, error) {`
begin of work on raw requests support 2020-04-28 21:02:07 +00:00			`if r.Raw != "" {`
			`return r.makeHTTPRequestFromRaw(baseURL)`
			`}`

			`return r.makeHTTPRequestFromModel(baseURL)`
			`}`

			`// MakeHTTPRequestFromModel creates a *http.Request from a request template`
			`func (r HTTPRequest) makeHTTPRequestFromModel(baseURL string) ([]retryablehttp.Request, error) {`
Added dynamic templating 2020-04-03 21:56:11 +00:00			`parsed, err := url.Parse(baseURL)`
			`if err != nil {`
			`return nil, err`
			`}`
			`hostname := parsed.Hostname()`
Added requests + compile 2020-04-03 21:20:32 +00:00
Added retryablehttp 2020-04-04 11:42:29 +00:00			`requests := make([]*retryablehttp.Request, 0, len(r.Path))`
Added requests + compile 2020-04-03 21:20:32 +00:00			`for _, path := range r.Path {`
Added dynamic templating 2020-04-03 21:56:11 +00:00			`// Replace the dynamic variables in the URL if any`
			`t := fasttemplate.New(path, "{{", "}}")`
			`url := t.ExecuteString(map[string]interface{}{`
			`"BaseURL": baseURL,`
			`"Hostname": hostname,`
			`})`
Added requests + compile 2020-04-03 21:20:32 +00:00
Added dynamic templating 2020-04-03 21:56:11 +00:00			`// Build a request on the specified URL`
Added requests + compile 2020-04-03 21:20:32 +00:00			`req, err := http.NewRequest(r.Method, url, nil)`
			`if err != nil {`
			`return nil, err`
			`}`

			`// Check if the user requested a request body`
			`if r.Body != "" {`
			`req.Body = ioutil.NopCloser(strings.NewReader(r.Body))`
			`}`

			`// Set the header values requested`
			`for header, value := range r.Headers {`
Added header templating support 2020-04-27 18:10:21 +00:00			`t := fasttemplate.New(value, "{{", "}}")`
			`val := t.ExecuteString(map[string]interface{}{`
			`"BaseURL": baseURL,`
			`"Hostname": hostname,`
			`})`
			`req.Header.Set(header, val)`
Added requests + compile 2020-04-03 21:20:32 +00:00			`}`
Added working runners + misc + logics etc 2020-04-04 10:29:05 +00:00
			`// Set some headers only if the header wasn't supplied by the user`
			`if _, ok := r.Headers["User-Agent"]; !ok {`
			`req.Header.Set("User-Agent", "Nuclei (@pdiscoveryio)")`
			`}`
Fixed #5 leading to default headers not being set 2020-04-05 18:28:22 +00:00			`if _, ok := r.Headers["Accept"]; !ok {`
			`req.Header.Set("Accept", "/")`
			`}`
			`if _, ok := r.Headers["Accept-Language"]; !ok {`
			`req.Header.Set("Accept-Language", "en")`
			`}`
Added working runners + misc + logics etc 2020-04-04 10:29:05 +00:00			`req.Header.Set("Connection", "close")`
			`req.Close = true`

Added retryablehttp 2020-04-04 11:42:29 +00:00			`request, err := retryablehttp.FromRequest(req)`
			`if err != nil {`
			`return nil, err`
			`}`

			`requests = append(requests, request)`
Added requests + compile 2020-04-03 21:20:32 +00:00			`}`

			`return requests, nil`
			`}`
begin of work on raw requests support 2020-04-28 21:02:07 +00:00
			`// makeHTTPRequestFromRaw creates a *http.Request from a raw request`
			`func (r HTTPRequest) makeHTTPRequestFromRaw(baseURL string) ([]retryablehttp.Request, error) {`
			`parsed, err := url.Parse(baseURL)`
			`if err != nil {`
			`return nil, err`
			`}`
			`hostname := parsed.Hostname()`

			`requests := make([]*retryablehttp.Request, 0, len(r.Path))`
			`for _, path := range r.Path {`
			`// Replace the dynamic variables in the URL if any`
			`t := fasttemplate.New(path, "{{", "}}")`

			`// Build a request from raw`
			`req, err := http.ReadRequest(bufio.NewReader(strings.NewReader(r.Raw)))`
			`if err != nil {`
			`return nil, err`
			`}`

			`// Overwrite the raw requests with template defined fields if defined`
			`req.Method = r.Method`
			`targetURL, err := url.Parse(t.ExecuteString(map[string]interface{}{`
			`"BaseURL": baseURL,`
			`"Hostname": hostname,`
			`}))`
			`if err != nil {`
			`return nil, err`
			`}`
			`req.URL = targetURL`

			`// Check if the user requested a request body`
			`if r.Body != "" {`
			`req.Body = ioutil.NopCloser(strings.NewReader(r.Body))`
			`}`

			`// Set the header values requested`
			`for header, value := range r.Headers {`
			`t := fasttemplate.New(value, "{{", "}}")`
			`val := t.ExecuteString(map[string]interface{}{`
			`"BaseURL": baseURL,`
			`"Hostname": hostname,`
			`})`
			`req.Header.Set(header, val)`
			`}`

			`// Set some headers only if the header wasn't supplied by the user`
			`if _, ok := r.Headers["User-Agent"]; !ok {`
			`req.Header.Set("User-Agent", "Nuclei (@pdiscoveryio)")`
			`}`
			`if _, ok := r.Headers["Accept"]; !ok {`
			`req.Header.Set("Accept", "/")`
			`}`
			`if _, ok := r.Headers["Accept-Language"]; !ok {`
			`req.Header.Set("Accept-Language", "en")`
			`}`
			`req.Header.Set("Connection", "close")`
			`req.Close = true`

			`request, err := retryablehttp.FromRequest(req)`
			`if err != nil {`
			`return nil, err`
			`}`

			`requests = append(requests, request)`
			`}`

			`return requests, nil`
			`}`