mirror of https://github.com/daffainfo/nuclei.git
Support for environment variables with .env file
parent
eb080223d8
commit
25235523da
|
@ -162,6 +162,10 @@ on extensive configurability, massive extensibility and ease of use.`)
|
|||
flagSet.IntVar(&options.MetricsPort, "metrics-port", 9092, "port to expose nuclei metrics on"),
|
||||
)
|
||||
|
||||
createGroup(flagSet, "env", "DotEnv",
|
||||
flagSet.StringVar(&options.DotEnvPath, "env", ".env", "path of .env file to use"),
|
||||
)
|
||||
|
||||
_ = flagSet.Parse()
|
||||
|
||||
if cfgFile != "" {
|
||||
|
|
|
@ -17,6 +17,7 @@ require (
|
|||
github.com/gosuri/uiprogress v0.0.1 // indirect
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
||||
github.com/hashicorp/go-retryablehttp v0.6.8 // indirect
|
||||
github.com/joho/godotenv v1.3.0 // indirect
|
||||
github.com/json-iterator/go v1.1.10
|
||||
github.com/julienschmidt/httprouter v1.3.0
|
||||
github.com/karlseguin/ccache v2.0.3+incompatible
|
||||
|
|
|
@ -183,6 +183,8 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:
|
|||
github.com/jasonlvhit/gocron v0.0.1 h1:qTt5qF3b3srDjeOIR4Le1LfeyvoYzJlYpqvG7tJX5YU=
|
||||
github.com/jasonlvhit/gocron v0.0.1/go.mod h1:k9a3TV8VcU73XZxfVHCHWMWF9SOqgoku0/QlY2yvlA4=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||
github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
|
||||
github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
|
||||
github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0=
|
||||
github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
|
||||
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/joho/godotenv"
|
||||
"github.com/projectdiscovery/gologger"
|
||||
"github.com/projectdiscovery/gologger/formatter"
|
||||
"github.com/projectdiscovery/gologger/levels"
|
||||
|
@ -59,6 +60,13 @@ func ParseOptions(options *types.Options) {
|
|||
if err != nil {
|
||||
gologger.Fatal().Msgf("Could not initialize protocols: %s\n", err)
|
||||
}
|
||||
|
||||
if len(options.DotEnvPath) > 0 {
|
||||
err := godotenv.Load(options.DotEnvPath)
|
||||
if err != nil {
|
||||
gologger.Warning().Msgf("Failed loading .env file: %s\n", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// hasStdin returns true if we have stdin input
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"net"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
"strings"
|
||||
"time"
|
||||
|
@ -129,6 +130,19 @@ func (r *requestGenerator) handleRawWithPayloads(ctx context.Context, rawRequest
|
|||
// request values.
|
||||
finalValues := generators.MergeMaps(generatorValues, values)
|
||||
|
||||
// read env variables
|
||||
envVars := strings.Split(strings.Trim(r.request.EnvVars, " "), ",")
|
||||
if len(envVars) > 0 {
|
||||
envVarValues := make(map[string]interface{})
|
||||
for _, envVar := range envVars {
|
||||
envVarValue := os.Getenv(envVar)
|
||||
if len(envVarValue) > 0 {
|
||||
envVarValues[envVar] = envVarValue
|
||||
}
|
||||
}
|
||||
finalValues = generators.MergeMaps(finalValues, envVarValues)
|
||||
}
|
||||
|
||||
// Evaulate the expressions for raw request if any.
|
||||
var err error
|
||||
rawRequest, err = expressions.Evaluate(rawRequest, finalValues)
|
||||
|
|
|
@ -73,6 +73,8 @@ type Request struct {
|
|||
// their history for being matched at the end.
|
||||
// Currently only works with sequential http requests.
|
||||
ReqCondition bool `yaml:"req-condition"`
|
||||
// Dynamic ENV Variables
|
||||
EnvVars string `yaml:"env-vars"`
|
||||
}
|
||||
|
||||
// GetID returns the unique ID of the request if any.
|
||||
|
|
|
@ -143,4 +143,6 @@ type Options struct {
|
|||
UpdateNuclei bool
|
||||
// NoUpdateTemplates disables checking for nuclei templates updates
|
||||
NoUpdateTemplates bool
|
||||
// .env file path
|
||||
DotEnvPath string
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue