Merge pull request #356 from projectdiscovery/bugfix-fuzzing-bulk-requests

fixed small logic bug in positional finite state machine
2020-10-12 23:30:58 +02:00 · 2020-10-12 23:30:58 +02:00 · 2143d8c992
parent 0b4bb3a2f7 a1cc52c3ff
commit 2143d8c992
4 changed files with 8 additions and 9 deletions
--- a/v2/internal/runner/options.go
+++ b/v2/internal/runner/options.go
@ -40,6 +40,7 @@ type Options struct {
 	TemplatesDirectory string                 // TemplatesDirectory is the directory to use for storing templates
 	RateLimit          int                    // Rate-Limit of requests per specified target
 	StopAtFirstMatch   bool                   // Stop processing template at first full match (this may break chained requests)
+	BulkSize           int                    // Number of targets analyzed in parallel for each template
 }

 type multiStringFlag []string
@ -81,6 +82,7 @@ func ParseOptions() *Options {
 	flag.BoolVar(&options.TemplateList, "tl", false, "List available templates")
 	flag.IntVar(&options.RateLimit, "rate-limit", -1, "Per Target Rate-Limit")
 	flag.BoolVar(&options.StopAtFirstMatch, "stop-at-first-match", false, "Stop processing http requests at first match (this may break template/workflow logic)")
+	flag.IntVar(&options.BulkSize, "bulk-size", 150, "Number of hosts analyzed in parallel per template")

 	flag.Parse()

--- a/v2/internal/runner/processor.go
+++ b/v2/internal/runner/processor.go
@ -9,7 +9,6 @@ import (
 	"path"
 	"path/filepath"
 	"strings"
-	"sync"

 	tengo "github.com/d5/tengo/v2"
 	"github.com/d5/tengo/v2/stdlib"
@ -21,6 +20,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/requests"
 	"github.com/projectdiscovery/nuclei/v2/pkg/templates"
 	"github.com/projectdiscovery/nuclei/v2/pkg/workflows"
+	"github.com/remeh/sizedwaitgroup"
 )

 // workflowTemplates contains the initialized workflow templates per template group
@ -79,12 +79,12 @@ func (r *Runner) processTemplateWithList(p progress.IProgress, template *templat

 	var globalresult atomicboolean.AtomBool

-	var wg sync.WaitGroup
+	wg := sizedwaitgroup.New(r.options.BulkSize)

 	scanner := bufio.NewScanner(strings.NewReader(r.input))
 	for scanner.Scan() {
 		URL := scanner.Text()
-		wg.Add(1)
+		wg.Add()
 		go func(URL string) {
 			defer wg.Done()

@ -125,12 +125,12 @@ func (r *Runner) processWorkflowWithList(p progress.IProgress, workflow *workflo

 	logicBytes := []byte(workflow.Logic)

-	var wg sync.WaitGroup
+	wg := sizedwaitgroup.New(r.options.BulkSize)

 	scanner := bufio.NewScanner(strings.NewReader(r.input))
 	for scanner.Scan() {
 		targetURL := scanner.Text()
-		wg.Add(1)
+		wg.Add()

 		go func(targetURL string) {
 			defer wg.Done()
--- a/v2/pkg/executer/executer_http.go
+++ b/v2/pkg/executer/executer_http.go
@ -259,6 +259,7 @@ func (e *HTTPExecuter) ExecuteHTTP(p progress.IProgress, reqURL string) (result
 	result.Matches = make(map[string]interface{})
 	result.Extractions = make(map[string]interface{})
 	dynamicvalues := make(map[string]interface{})
+	_ = dynamicvalues

 	// verify if the URL is already being processed
 	if e.bulkHTTPRequest.HasGenerator(reqURL) {
--- a/v2/pkg/requests/generator.go
+++ b/v2/pkg/requests/generator.go
@ -176,10 +176,6 @@ func (gfsm *GeneratorFSM) Next(key string) bool {
 		return false
 	}

-	if gfsm.hasPayloads() && g.state == done {
-		return false
-	}
-
 	if g.positionPath+g.positionRaw >= len(gfsm.Paths)+len(gfsm.Raws) {
 		return false
 	}