nuclei/pkg/protocols/common/uncover/uncover.go

136 lines
3.8 KiB
Go
Raw Normal View History

package uncover
import (
"context"
"fmt"
"runtime"
"strings"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v3/pkg/templates"
"github.com/projectdiscovery/uncover"
"github.com/projectdiscovery/uncover/sources"
mapsutil "github.com/projectdiscovery/utils/maps"
stringsutil "github.com/projectdiscovery/utils/strings"
)
// returns csv string of uncover supported agents
func GetUncoverSupportedAgents() string {
u, _ := uncover.New(&uncover.Options{})
return strings.Join(u.AllAgents(), ",")
}
// GetTargetsFromUncover returns targets from uncover
func GetTargetsFromUncover(ctx context.Context, outputFormat string, opts *uncover.Options) (chan string, error) {
u, err := uncover.New(opts)
if err != nil {
return nil, err
}
resChan, err := u.Execute(ctx)
if err != nil {
return nil, err
}
outputChan := make(chan string) // buffered channel
go func() {
defer close(outputChan)
for {
select {
case <-ctx.Done():
return
case res, ok := <-resChan:
if !ok {
return
}
if res.Error != nil {
// only log in verbose mode
gologger.Verbose().Msgf("uncover: %v", res.Error)
continue
}
outputChan <- processUncoverOutput(res, outputFormat)
}
}
}()
return outputChan, nil
}
Spelling (#4008) * spelling: addresses Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: asynchronous Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: basic Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: brute force Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: constant Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: disables Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: engine Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: every time Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: execution Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: false positives Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: from Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: further Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: github Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: gitlab Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: highlight Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: hygiene Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: ignore Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: input Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: item Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: itself Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: latestxxx Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: navigation Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: negative Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: nonexistent Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: occurred Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: override Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: overrides Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: payload Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: performed Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: respective Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: retrieve Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: scanlist Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: separated Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: separator Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: severity Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: source Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: strategy Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: string Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: templates Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: terminal Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: timeout Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: trailing slash Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: trailing Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: websocket Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --------- Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2023-08-01 18:33:43 +00:00
// processUncoverOutput returns output string depending on uncover field
func processUncoverOutput(result sources.Result, outputFormat string) string {
if (result.IP == "" || result.Port == 0) && stringsutil.ContainsAny(outputFormat, "ip", "port") {
// if ip or port is not present, fallback to using host
outputFormat = "host"
}
replacer := strings.NewReplacer(
"ip", result.IP,
"host", result.Host,
"port", fmt.Sprint(result.Port),
"url", result.Url,
)
return replacer.Replace(outputFormat)
}
// GetUncoverTargetsFromMetadata returns targets from uncover metadata
func GetUncoverTargetsFromMetadata(ctx context.Context, templates []*templates.Template, outputFormat string, opts *uncover.Options) chan string {
// contains map[engine]queries
queriesMap := make(map[string][]string)
for _, template := range templates {
innerLoop:
for k, v := range template.Info.Metadata {
if !strings.HasSuffix(k, "-query") {
// this is not a query
// query keys are like shodan-query, fofa-query, etc
continue innerLoop
}
engine := strings.TrimSuffix(k, "-query")
if queriesMap[engine] == nil {
queriesMap[engine] = []string{}
}
queriesMap[engine] = append(queriesMap[engine], fmt.Sprint(v))
}
}
keys := mapsutil.GetKeys(queriesMap)
gologger.Info().Msgf("Running uncover queries from template against: %s", strings.Join(keys, ","))
result := make(chan string, runtime.NumCPU())
go func() {
defer close(result)
// unfortunately uncover doesn't support execution of map[engine]queries
// if queries are given they are executed against all engines which is not what we want
// TODO: add support for map[engine]queries in uncover
// Note below implementation is intentionally sequential to avoid burning all the API keys
counter := 0
for eng, queries := range queriesMap {
// create new uncover options for each engine
uncoverOpts := &uncover.Options{
Agents: []string{eng},
Queries: queries,
Limit: opts.Limit,
MaxRetry: opts.MaxRetry,
Timeout: opts.Timeout,
RateLimit: opts.RateLimit,
RateLimitUnit: opts.RateLimitUnit,
}
ch, err := GetTargetsFromUncover(ctx, outputFormat, uncoverOpts)
if err != nil {
gologger.Error().Msgf("Could not get targets using %v engine from uncover: %s", eng, err)
return
}
for {
select {
case <-ctx.Done():
return
case res, ok := <-ch:
if !ok {
return
}
result <- res
counter++
if opts.Limit > 0 && counter >= opts.Limit {
return
}
}
}
}
}()
return result
}