mirror of https://github.com/daffainfo/nuclei.git
Adding CLI SNI support to unsafe http (#2077)
* Adding CLI SNI support to unsafe http * adding http unsafe sni testdev
parent
947acae857
commit
16a05d0aa2
|
@ -0,0 +1,18 @@
|
||||||
|
id: basic-unsafe-get
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Basic Unsafe GET Request with CLI SNI
|
||||||
|
author: pdteam
|
||||||
|
severity: info
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- raw:
|
||||||
|
- |+
|
||||||
|
GET / HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
unsafe: true
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "test-ok"
|
|
@ -50,6 +50,7 @@ var httpTestcases = map[string]testutils.TestCase{
|
||||||
"http/variables.yaml": &httpVariables{},
|
"http/variables.yaml": &httpVariables{},
|
||||||
"http/get-override-sni.yaml": &httpSniAnnotation{},
|
"http/get-override-sni.yaml": &httpSniAnnotation{},
|
||||||
"http/get-sni.yaml": &customCLISNI{},
|
"http/get-sni.yaml": &customCLISNI{},
|
||||||
|
"http/get-sni-unsafe.yaml": &customCLISNIUnsafe{},
|
||||||
}
|
}
|
||||||
|
|
||||||
type httpInteractshRequest struct{}
|
type httpInteractshRequest struct{}
|
||||||
|
@ -856,3 +857,25 @@ func (h *httpSniAnnotation) Execute(filePath string) error {
|
||||||
}
|
}
|
||||||
return expectResultsCount(results, 1)
|
return expectResultsCount(results, 1)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type customCLISNIUnsafe struct{}
|
||||||
|
|
||||||
|
// Execute executes a test case and returns an error if occurred
|
||||||
|
func (h *customCLISNIUnsafe) Execute(filePath string) error {
|
||||||
|
router := httprouter.New()
|
||||||
|
router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
|
||||||
|
if r.TLS.ServerName == "test" {
|
||||||
|
_, _ = w.Write([]byte("test-ok"))
|
||||||
|
} else {
|
||||||
|
_, _ = w.Write([]byte("test-ko"))
|
||||||
|
}
|
||||||
|
})
|
||||||
|
ts := httptest.NewTLSServer(router)
|
||||||
|
defer ts.Close()
|
||||||
|
|
||||||
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-sni", "test")
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return expectResultsCount(results, 1)
|
||||||
|
}
|
||||||
|
|
|
@ -35,7 +35,7 @@ require (
|
||||||
github.com/projectdiscovery/hmap v0.0.2-0.20210917080408-0fd7bd286bfa
|
github.com/projectdiscovery/hmap v0.0.2-0.20210917080408-0fd7bd286bfa
|
||||||
github.com/projectdiscovery/interactsh v1.0.4
|
github.com/projectdiscovery/interactsh v1.0.4
|
||||||
github.com/projectdiscovery/nuclei-updatecheck-api v0.0.0-20211006155443-c0a8d610a4df
|
github.com/projectdiscovery/nuclei-updatecheck-api v0.0.0-20211006155443-c0a8d610a4df
|
||||||
github.com/projectdiscovery/rawhttp v0.0.8-0.20220504112210-ae777c1ccd6b
|
github.com/projectdiscovery/rawhttp v0.0.8-0.20220526170355-03de6bb78f37
|
||||||
github.com/projectdiscovery/retryabledns v1.0.13
|
github.com/projectdiscovery/retryabledns v1.0.13
|
||||||
github.com/projectdiscovery/retryablehttp-go v1.0.3-0.20220506110515-811d938bd26d
|
github.com/projectdiscovery/retryablehttp-go v1.0.3-0.20220506110515-811d938bd26d
|
||||||
github.com/projectdiscovery/stringsutil v0.0.0-20220422150559-b54fb5dc6833
|
github.com/projectdiscovery/stringsutil v0.0.0-20220422150559-b54fb5dc6833
|
||||||
|
|
|
@ -485,6 +485,8 @@ github.com/projectdiscovery/nvd v1.0.9-0.20220314070650-d4a214c1f87d/go.mod h1:n
|
||||||
github.com/projectdiscovery/rawhttp v0.0.7/go.mod h1:PQERZAhAv7yxI/hR6hdDPgK1WTU56l204BweXrBec+0=
|
github.com/projectdiscovery/rawhttp v0.0.7/go.mod h1:PQERZAhAv7yxI/hR6hdDPgK1WTU56l204BweXrBec+0=
|
||||||
github.com/projectdiscovery/rawhttp v0.0.8-0.20220504112210-ae777c1ccd6b h1:lsiBFKZfyRFOTmY6Ebn0sOcqEz5RKDq0fuqNmigRAYA=
|
github.com/projectdiscovery/rawhttp v0.0.8-0.20220504112210-ae777c1ccd6b h1:lsiBFKZfyRFOTmY6Ebn0sOcqEz5RKDq0fuqNmigRAYA=
|
||||||
github.com/projectdiscovery/rawhttp v0.0.8-0.20220504112210-ae777c1ccd6b/go.mod h1:kulxvr2aKZPB6jhq4ZQn/E+ArwRWczs1O6b1ZdcZAxo=
|
github.com/projectdiscovery/rawhttp v0.0.8-0.20220504112210-ae777c1ccd6b/go.mod h1:kulxvr2aKZPB6jhq4ZQn/E+ArwRWczs1O6b1ZdcZAxo=
|
||||||
|
github.com/projectdiscovery/rawhttp v0.0.8-0.20220526170355-03de6bb78f37 h1:odvvszpfUvNq5UMzUhimete71/ph+XQzzL11C/u3lUc=
|
||||||
|
github.com/projectdiscovery/rawhttp v0.0.8-0.20220526170355-03de6bb78f37/go.mod h1:kulxvr2aKZPB6jhq4ZQn/E+ArwRWczs1O6b1ZdcZAxo=
|
||||||
github.com/projectdiscovery/retryabledns v1.0.11/go.mod h1:4sMC8HZyF01HXukRleSQYwz4870bwgb4+hTSXTMrkf4=
|
github.com/projectdiscovery/retryabledns v1.0.11/go.mod h1:4sMC8HZyF01HXukRleSQYwz4870bwgb4+hTSXTMrkf4=
|
||||||
github.com/projectdiscovery/retryabledns v1.0.12/go.mod h1:4sMC8HZyF01HXukRleSQYwz4870bwgb4+hTSXTMrkf4=
|
github.com/projectdiscovery/retryabledns v1.0.12/go.mod h1:4sMC8HZyF01HXukRleSQYwz4870bwgb4+hTSXTMrkf4=
|
||||||
github.com/projectdiscovery/retryabledns v1.0.13-0.20210916165024-76c5b76fd59a/go.mod h1:tXaLDs4n3pRZHwfa8mdXpUWe/AYDNK3HlWDjldhRbjI=
|
github.com/projectdiscovery/retryabledns v1.0.13-0.20210916165024-76c5b76fd59a/go.mod h1:tXaLDs4n3pRZHwfa8mdXpUWe/AYDNK3HlWDjldhRbjI=
|
||||||
|
|
|
@ -406,6 +406,7 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
|
||||||
options.FollowRedirects = request.Redirects
|
options.FollowRedirects = request.Redirects
|
||||||
options.CustomRawBytes = generatedRequest.rawRequest.UnsafeRawBytes
|
options.CustomRawBytes = generatedRequest.rawRequest.UnsafeRawBytes
|
||||||
options.ForceReadAllBody = request.ForceReadAllBody
|
options.ForceReadAllBody = request.ForceReadAllBody
|
||||||
|
options.SNI = request.options.Options.SNI
|
||||||
resp, err = generatedRequest.original.rawhttpClient.DoRawWithOptions(generatedRequest.rawRequest.Method, reqURL, generatedRequest.rawRequest.Path, generators.ExpandMapValues(generatedRequest.rawRequest.Headers), ioutil.NopCloser(strings.NewReader(generatedRequest.rawRequest.Data)), options)
|
resp, err = generatedRequest.original.rawhttpClient.DoRawWithOptions(generatedRequest.rawRequest.Method, reqURL, generatedRequest.rawRequest.Path, generators.ExpandMapValues(generatedRequest.rawRequest.Headers), ioutil.NopCloser(strings.NewReader(generatedRequest.rawRequest.Data)), options)
|
||||||
} else {
|
} else {
|
||||||
hostname = generatedRequest.request.URL.Host
|
hostname = generatedRequest.request.URL.Host
|
||||||
|
|
|
@ -142,7 +142,8 @@ func dump(req *generatedRequest, reqURL string) ([]byte, error) {
|
||||||
|
|
||||||
return dumpBytes, nil
|
return dumpBytes, nil
|
||||||
}
|
}
|
||||||
return rawhttp.DumpRequestRaw(req.rawRequest.Method, reqURL, req.rawRequest.Path, generators.ExpandMapValues(req.rawRequest.Headers), ioutil.NopCloser(strings.NewReader(req.rawRequest.Data)), rawhttp.Options{CustomHeaders: req.rawRequest.UnsafeHeaders, CustomRawBytes: req.rawRequest.UnsafeRawBytes})
|
rawHttpOptions := &rawhttp.Options{CustomHeaders: req.rawRequest.UnsafeHeaders, CustomRawBytes: req.rawRequest.UnsafeRawBytes}
|
||||||
|
return rawhttp.DumpRequestRaw(req.rawRequest.Method, reqURL, req.rawRequest.Path, generators.ExpandMapValues(req.rawRequest.Headers), ioutil.NopCloser(strings.NewReader(req.rawRequest.Data)), rawHttpOptions)
|
||||||
}
|
}
|
||||||
|
|
||||||
// handleDecompression if the user specified a custom encoding (as golang transport doesn't do this automatically)
|
// handleDecompression if the user specified a custom encoding (as golang transport doesn't do this automatically)
|
||||||
|
|
Loading…
Reference in New Issue