2021-09-03 13:48:39 +00:00
|
|
|
// Package templates
|
2021-08-04 08:50:48 +00:00
|
|
|
//nolint //do not lint as examples with no usage
|
|
|
|
package templates
|
|
|
|
|
|
|
|
import (
|
2021-08-20 09:41:19 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
2021-09-03 13:48:39 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
2021-08-04 08:50:48 +00:00
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/dns"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/file"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/network"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2021-08-20 09:41:19 +00:00
|
|
|
exampleInfoStructure = model.Info{
|
|
|
|
Name: "Argument Injection in Ruby Dragonfly",
|
2021-09-03 13:48:39 +00:00
|
|
|
Authors: stringslice.StringSlice{Value: "0xspara"},
|
|
|
|
SeverityHolder: severity.Holder{Severity: severity.High},
|
|
|
|
Reference: stringslice.StringSlice{Value: "https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/"},
|
|
|
|
Tags: stringslice.StringSlice{Value: "cve,cve2021,rce,ruby"},
|
2021-08-04 08:50:48 +00:00
|
|
|
}
|
|
|
|
exampleNormalHTTPRequest = &http.Request{
|
2021-11-18 13:50:21 +00:00
|
|
|
Method: http.HTTPMethodTypeHolder{MethodType: http.HTTPGet},
|
2021-08-04 08:50:48 +00:00
|
|
|
Path: []string{"{{BaseURL}}/.git/config"},
|
|
|
|
Operators: operators.Operators{
|
|
|
|
MatchersCondition: "and",
|
|
|
|
Matchers: []*matchers.Matcher{
|
2021-11-19 10:54:09 +00:00
|
|
|
{Type: matchers.MatcherTypeHolder{MatcherType: matchers.WordsMatcher}, Words: []string{"[core]"}},
|
|
|
|
{Type: matchers.MatcherTypeHolder{MatcherType: matchers.DSLMatcher}, DSL: []string{"!contains(tolower(body), '<html')", "!contains(tolower(body), '<body')"}, Condition: "and"},
|
|
|
|
{Type: matchers.MatcherTypeHolder{MatcherType: matchers.StatusMatcher}, Status: []int{200}}},
|
2021-08-04 08:50:48 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
_ = exampleNormalHTTPRequest
|
|
|
|
|
2021-11-23 07:47:19 +00:00
|
|
|
recursion = false
|
2021-08-04 08:50:48 +00:00
|
|
|
exampleNormalDNSRequest = &dns.Request{
|
2021-11-03 14:23:45 +00:00
|
|
|
Name: "{{FQDN}}",
|
2021-11-18 13:47:34 +00:00
|
|
|
RequestType: dns.DNSRequestTypeHolder{DNSRequestType: dns.CNAME},
|
2021-11-03 14:23:45 +00:00
|
|
|
Class: "inet",
|
|
|
|
Retries: 2,
|
2021-11-23 07:47:19 +00:00
|
|
|
Recursion: &recursion,
|
2021-08-04 08:50:48 +00:00
|
|
|
Operators: operators.Operators{
|
|
|
|
Extractors: []*extractors.Extractor{
|
2021-11-25 14:04:01 +00:00
|
|
|
{Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com", "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"}},
|
2021-08-04 08:50:48 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
_ = exampleNormalDNSRequest
|
|
|
|
|
|
|
|
exampleNormalFileRequest = &file.Request{
|
|
|
|
Extensions: []string{"all"},
|
|
|
|
Operators: operators.Operators{
|
|
|
|
Extractors: []*extractors.Extractor{
|
2021-11-25 14:04:01 +00:00
|
|
|
{Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"}},
|
2021-08-04 08:50:48 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
_ = exampleNormalFileRequest
|
|
|
|
|
|
|
|
exampleNormalNetworkRequest = &network.Request{
|
|
|
|
Inputs: []*network.Input{{Data: "envi\r\nquit\r\n"}},
|
|
|
|
Address: []string{"{{Hostname}}", "{{Hostname}}:2181"},
|
|
|
|
ReadSize: 2048,
|
|
|
|
Operators: operators.Operators{
|
|
|
|
Matchers: []*matchers.Matcher{
|
2021-11-19 10:54:09 +00:00
|
|
|
{Type: matchers.MatcherTypeHolder{MatcherType: matchers.WordsMatcher}, Words: []string{"zookeeper.version"}},
|
2021-08-04 08:50:48 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
_ = exampleNormalNetworkRequest
|
|
|
|
)
|