diff --git a/v2/go.mod b/v2/go.mod index 1c90069e..330928c2 100644 --- a/v2/go.mod +++ b/v2/go.mod @@ -19,7 +19,7 @@ require ( github.com/gosuri/uilive v0.0.4 // indirect github.com/gosuri/uiprogress v0.0.1 // indirect github.com/itchyny/gojq v0.12.4 - github.com/json-iterator/go v1.1.11 + github.com/json-iterator/go v1.1.12 github.com/julienschmidt/httprouter v1.3.0 github.com/karlseguin/ccache v2.0.3+incompatible github.com/karrick/godirwalk v1.16.1 @@ -35,6 +35,7 @@ require ( github.com/projectdiscovery/gologger v1.1.4 github.com/projectdiscovery/hmap v0.0.2-0.20210616215655-7b78e7f33d1f github.com/projectdiscovery/interactsh v0.0.4 + github.com/projectdiscovery/nuclei-updatecheck-api v0.0.0-20210914222811-0a072d262f77 github.com/projectdiscovery/rawhttp v0.0.7 github.com/projectdiscovery/retryabledns v1.0.12 github.com/projectdiscovery/retryablehttp-go v1.0.2 @@ -51,8 +52,6 @@ require ( github.com/tj/go-update v2.2.5-0.20200519121640-62b4b798fd68+incompatible github.com/valyala/fasttemplate v1.2.1 github.com/xanzy/go-gitlab v0.50.3 - github.com/ysmood/got v0.14.1 // indirect - github.com/ysmood/gotrace v0.2.2 // indirect github.com/ysmood/gson v0.6.4 // indirect github.com/ysmood/leakless v0.7.0 // indirect go.uber.org/atomic v1.9.0 @@ -102,7 +101,7 @@ require ( github.com/klauspost/pgzip v1.2.5 // indirect github.com/mattn/go-isatty v0.0.13 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect - github.com/modern-go/reflect2 v1.0.1 // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/projectdiscovery/iputil v0.0.0-20210429152401-c18a5408ca46 // indirect github.com/projectdiscovery/mapcidr v0.0.6 // indirect diff --git a/v2/go.sum b/v2/go.sum index ba69b504..fa8d1640 100644 --- a/v2/go.sum +++ b/v2/go.sum @@ -224,6 +224,7 @@ github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxC github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-retryablehttp v0.6.8 h1:92lWxgpa+fF3FozM4B3UZtHZMJX8T5XT+TFdCxsPyWs= github.com/hashicorp/go-retryablehttp v0.6.8/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= +github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= @@ -244,8 +245,9 @@ github.com/jasonlvhit/gocron v0.0.1/go.mod h1:k9a3TV8VcU73XZxfVHCHWMWF9SOqgoku0/ github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4dN7jwJOQ1U= @@ -298,8 +300,9 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/ngdinhtoan/glide-cleanup v0.2.0/go.mod h1:UQzsmiDOb8YV3nOsCxK/c9zPpCZVNoHScRE3EO9pVMM= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= @@ -350,6 +353,9 @@ github.com/projectdiscovery/mapcidr v0.0.6 h1:RRIrqNakUEF/pstIXWTD6yvCMF9N6SnOb9 github.com/projectdiscovery/mapcidr v0.0.6/go.mod h1:ZEBhMmBU3laUl3g9QGTrzJku1VJOzjdFwW01f/zVVzM= github.com/projectdiscovery/networkpolicy v0.0.1 h1:RGRuPlxE8WLFF9tdKSjTsYiTIKHNHW20Kl0nGGiRb1I= github.com/projectdiscovery/networkpolicy v0.0.1/go.mod h1:asvdg5wMy3LPVMGALatebKeOYH5n5fV5RCTv6DbxpIs= +github.com/projectdiscovery/nuclei-updatecheck-api v0.0.0-20210914222811-0a072d262f77 h1:SNtAiRRrJtDJJDroaa/bFXt/Tix2LA6+rHRib0ORlJQ= +github.com/projectdiscovery/nuclei-updatecheck-api v0.0.0-20210914222811-0a072d262f77/go.mod h1:pxWVDgq88t9dWv4+J2AIaWgY+EqOE1AyfHS0Tn23w4M= +github.com/projectdiscovery/nuclei/v2 v2.5.1/go.mod h1:sU2qcY0MQFS0CqP1BgkR8ZnUyFhqK0BdnY6bvTKNjXY= github.com/projectdiscovery/rawhttp v0.0.7 h1:5m4peVgjbl7gqDcRYMTVEuX+Xs/nh76ohTkkvufucLg= github.com/projectdiscovery/rawhttp v0.0.7/go.mod h1:PQERZAhAv7yxI/hR6hdDPgK1WTU56l204BweXrBec+0= github.com/projectdiscovery/retryabledns v1.0.11/go.mod h1:4sMC8HZyF01HXukRleSQYwz4870bwgb4+hTSXTMrkf4= diff --git a/v2/internal/runner/options.go b/v2/internal/runner/options.go index aecea23b..cba1af5b 100644 --- a/v2/internal/runner/options.go +++ b/v2/internal/runner/options.go @@ -41,7 +41,7 @@ func ParseOptions(options *types.Options) { if err != nil { gologger.Fatal().Msgf("Could not read template configuration: %s\n", err) } - gologger.Info().Msgf("Current nuclei-templates version: %s (%s)\n", configuration.CurrentVersion, configuration.TemplatesDirectory) + gologger.Info().Msgf("Current nuclei-templates version: %s (%s)\n", configuration.TemplateVersion, configuration.TemplatesDirectory) os.Exit(0) } diff --git a/v2/internal/runner/runner.go b/v2/internal/runner/runner.go index e38baeae..e2f82113 100644 --- a/v2/internal/runner/runner.go +++ b/v2/internal/runner/runner.go @@ -392,7 +392,7 @@ func (r *Runner) RunEnumeration() error { if r.templatesConfig != nil && r.templatesConfig.NucleiTemplatesLatestVersion != "" { // TODO extract duplicated logic builder.WriteString(" (") - if r.templatesConfig.CurrentVersion == r.templatesConfig.NucleiTemplatesLatestVersion { + if r.templatesConfig.TemplateVersion == r.templatesConfig.NucleiTemplatesLatestVersion { builder.WriteString(r.colorizer.Green("latest").String()) } else { builder.WriteString(r.colorizer.Red("outdated").String()) @@ -403,7 +403,7 @@ func (r *Runner) RunEnumeration() error { builder.Reset() if r.templatesConfig != nil { - gologger.Info().Msgf("Using Nuclei Templates %s%s", r.templatesConfig.CurrentVersion, messageStr) + gologger.Info().Msgf("Using Nuclei Templates %s%s", r.templatesConfig.TemplateVersion, messageStr) } if r.interactsh != nil { gologger.Info().Msgf("Using Interactsh Server %s", r.options.InteractshURL) diff --git a/v2/internal/runner/templates.go b/v2/internal/runner/templates.go index d92c3e07..abe79201 100644 --- a/v2/internal/runner/templates.go +++ b/v2/internal/runner/templates.go @@ -64,7 +64,7 @@ func (r *Runner) listAvailableTemplates() { gologger.Print().Msgf( "\nListing available v.%s nuclei templates for %s", - r.templatesConfig.CurrentVersion, + r.templatesConfig.TemplateVersion, r.templatesConfig.TemplatesDirectory, ) err := directoryWalker( diff --git a/v2/internal/runner/update.go b/v2/internal/runner/update.go index 9a9b3523..2b4cc06d 100644 --- a/v2/internal/runner/update.go +++ b/v2/internal/runner/update.go @@ -7,7 +7,6 @@ import ( "context" "crypto/md5" "encoding/hex" - "encoding/json" "fmt" "io" "io/ioutil" @@ -18,7 +17,6 @@ import ( "runtime" "strconv" "strings" - "time" "github.com/apex/log" "github.com/blang/semver" @@ -27,6 +25,7 @@ import ( "github.com/pkg/errors" "github.com/projectdiscovery/gologger" + "github.com/projectdiscovery/nuclei-updatecheck-api/client" "github.com/projectdiscovery/nuclei/v2/pkg/catalog/config" "github.com/tj/go-update" @@ -39,7 +38,6 @@ const ( repoName = "nuclei-templates" nucleiIgnoreFile = ".nuclei-ignore" nucleiConfigFilename = ".templates-config.json" - defaultIgnoreURL = "https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/master/.nuclei-ignore" ) var reVersion = regexp.MustCompile(`\d+\.\d+\.\d+`) @@ -66,28 +64,28 @@ func (r *Runner) updateTemplates() error { if r.templatesConfig == nil { currentConfig := &config.Config{ TemplatesDirectory: filepath.Join(home, "nuclei-templates"), - IgnoreURL: defaultIgnoreURL, NucleiVersion: config.Version, } - if writeErr := config.WriteConfiguration(currentConfig, false, false); writeErr != nil { + if writeErr := config.WriteConfiguration(currentConfig); writeErr != nil { return errors.Wrap(writeErr, "could not write template configuration") } r.templatesConfig = currentConfig } - if r.options.NoUpdateTemplates { + if r.options.NoUpdateTemplates && !r.options.UpdateTemplates { return nil } - - // Tests if last checked time for nuclei-ignore file was more than 1 hour ago, if yes, updates the local content. - // Retrieves the latest version number of nuclei and nuclei-templates from GitHub, to check if the current build is using outdated versions or not. - checkedIgnore := false - if r.templatesConfig == nil || time.Since(r.templatesConfig.LastCheckedIgnore) > 1*time.Hour { - checkedIgnore = r.checkNucleiIgnoreFileUpdates(configDir) - } + client.InitNucleiVersion(config.Version) + r.fetchLatestVersionsFromGithub(configDir) // also fetch the latest versions ctx := context.Background() - if r.templatesConfig.CurrentVersion == "" || (r.options.TemplatesDirectory != "" && r.templatesConfig.TemplatesDirectory != r.options.TemplatesDirectory) { + + var noTemplatesFound bool + if _, err := os.Stat(r.templatesConfig.TemplatesDirectory); os.IsNotExist(err) { + noTemplatesFound = true + } + + if r.templatesConfig.TemplateVersion == "" || (r.options.TemplatesDirectory != "" && r.templatesConfig.TemplatesDirectory != r.options.TemplatesDirectory) || noTemplatesFound { gologger.Info().Msgf("nuclei-templates are not installed, installing...\n") // Use the custom location if the user has given a template directory @@ -97,36 +95,34 @@ func (r *Runner) updateTemplates() error { if r.options.TemplatesDirectory != "" && r.options.TemplatesDirectory != filepath.Join(home, "nuclei-templates") { r.templatesConfig.TemplatesDirectory, _ = filepath.Abs(r.options.TemplatesDirectory) } + r.fetchLatestVersionsFromGithub(configDir) // also fetch the latest versions + + version, err := semver.Parse(r.templatesConfig.NucleiTemplatesLatestVersion) + if err != nil { + return err + } // Download the repository and write the revision to a HEAD file. - version, asset, getErr := r.getLatestTemplateReleaseFromGithub() + asset, getErr := r.getLatestReleaseFromGithub(r.templatesConfig.NucleiTemplatesLatestVersion) if getErr != nil { return getErr } gologger.Verbose().Msgf("Downloading nuclei-templates (v%s) to %s\n", version.String(), r.templatesConfig.TemplatesDirectory) - r.fetchLatestVersionsFromGithub() // also fetch the latest versions if _, err := r.downloadReleaseAndUnzip(ctx, version.String(), asset.GetZipballURL()); err != nil { return err } - r.templatesConfig.CurrentVersion = version.String() + r.templatesConfig.TemplateVersion = version.String() - if err := config.WriteConfiguration(r.templatesConfig, true, checkedIgnore); err != nil { + if err := config.WriteConfiguration(r.templatesConfig); err != nil { return err } gologger.Info().Msgf("Successfully downloaded nuclei-templates (v%s). GoodLuck!\n", version.String()) return nil } - // If the template update was not requested explicitly by the user, - // and the last version check was less than 24 hours ago, - // then no further action is required. - if time.Since(r.templatesConfig.LastChecked) < 24*time.Hour && !r.options.UpdateTemplates { - return nil - } - - // Get the current configuration from disk. - verText := r.templatesConfig.CurrentVersion + // Get the configuration currently on disk. + verText := r.templatesConfig.TemplateVersion indices := reVersion.FindStringIndex(verText) if indices == nil { return fmt.Errorf("invalid release found with tag %s", err) @@ -140,13 +136,16 @@ func (r *Runner) updateTemplates() error { return err } - version, asset, err := r.getLatestTemplateReleaseFromGithub() + version, err := semver.Parse(r.templatesConfig.NucleiTemplatesLatestVersion) if err != nil { return err } if version.EQ(oldVersion) { - return config.WriteConfiguration(r.templatesConfig, false, checkedIgnore) + if r.options.UpdateTemplates { + gologger.Info().Msgf("No new updates found for nuclei templates") + } + return config.WriteConfiguration(r.templatesConfig) } if version.GT(oldVersion) { @@ -156,15 +155,18 @@ func (r *Runner) updateTemplates() error { if r.options.TemplatesDirectory != "" { r.templatesConfig.TemplatesDirectory = r.options.TemplatesDirectory } - r.templatesConfig.CurrentVersion = version.String() + r.templatesConfig.TemplateVersion = version.String() gologger.Verbose().Msgf("Downloading nuclei-templates (v%s) to %s\n", version.String(), r.templatesConfig.TemplatesDirectory) - r.fetchLatestVersionsFromGithub() + + asset, err := r.getLatestReleaseFromGithub(r.templatesConfig.NucleiTemplatesLatestVersion) + if err != nil { + return err + } if _, err := r.downloadReleaseAndUnzip(ctx, version.String(), asset.GetZipballURL()); err != nil { return err } - - if err := config.WriteConfiguration(r.templatesConfig, true, checkedIgnore); err != nil { + if err := config.WriteConfiguration(r.templatesConfig); err != nil { return err } gologger.Info().Msgf("Successfully updated nuclei-templates (v%s). GoodLuck!\n", version.String()) @@ -191,74 +193,33 @@ func (r *Runner) readInternalConfigurationFile(home, configDir string) error { // checkNucleiIgnoreFileUpdates checks .nuclei-ignore file for updates from GitHub func (r *Runner) checkNucleiIgnoreFileUpdates(configDir string) bool { - ignoreURL := defaultIgnoreURL - if r.templatesConfig != nil && r.templatesConfig.IgnoreURL != "" { - ignoreURL = r.templatesConfig.IgnoreURL + data, err := client.GetLatestIgnoreFile() + if err != nil { + return false } - gologger.Verbose().Msgf("Downloading config file from %s", ignoreURL) - - ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) - req, reqErr := http.NewRequestWithContext(ctx, http.MethodGet, ignoreURL, nil) - if reqErr == nil { - resp, httpGetErr := http.DefaultClient.Do(req) - if httpGetErr != nil { - if resp != nil && resp.Body != nil { - resp.Body.Close() - } - gologger.Warning().Msgf("Could not get ignore-file from %s: %s", ignoreURL, httpGetErr) - } else { - data, _ := ioutil.ReadAll(resp.Body) - resp.Body.Close() - - if len(data) > 0 { - _ = ioutil.WriteFile(filepath.Join(configDir, nucleiIgnoreFile), data, 0644) - } - if r.templatesConfig != nil { - if err := config.WriteConfiguration(r.templatesConfig, false, true); err != nil { - gologger.Warning().Msgf("Could not get ignore-file from %s: %s", ignoreURL, err) - } - } + if len(data) > 0 { + _ = ioutil.WriteFile(filepath.Join(configDir, nucleiIgnoreFile), data, 0644) + } + if r.templatesConfig != nil { + if err := config.WriteConfiguration(r.templatesConfig); err != nil { + gologger.Warning().Msgf("Could not get ignore-file from server: %s", err) } } - cancel() return true } -func (r *Runner) getLatestTemplateReleaseFromGithub() (semver.Version, *github.RepositoryRelease, error) { +// getLatestReleaseFromGithub returns the latest release from GitHub +func (r *Runner) getLatestReleaseFromGithub(latestTag string) (*github.RepositoryRelease, error) { client := github.NewClient(nil) - rels, _, err := client.Repositories.ListReleases(context.Background(), userName, repoName, nil) + release, _, err := client.Repositories.GetReleaseByTag(context.Background(), userName, repoName, "v"+latestTag) if err != nil { - return semver.Version{}, nil, err + return nil, err } - - // Find the most recent version based on semantic versioning. - var latestRelease semver.Version - var latestPublish *github.RepositoryRelease - for _, release := range rels { - verText := release.GetTagName() - indices := reVersion.FindStringIndex(verText) - if indices == nil { - return semver.Version{}, nil, fmt.Errorf("invalid release found with tag %s", err) - } - if indices[0] > 0 { - verText = verText[indices[0]:] - } - - ver, err := semver.Make(verText) - if err != nil { - return semver.Version{}, nil, err - } - - if latestPublish == nil || ver.GTE(latestRelease) { - latestRelease = ver - latestPublish = release - } + if release == nil { + return nil, errors.New("no version found for the templates") } - if latestPublish == nil { - return semver.Version{}, nil, errors.New("no version found for the templates") - } - return latestRelease, latestPublish, nil + return release, nil } // downloadReleaseAndUnzip downloads and unzips the release in a directory @@ -494,55 +455,25 @@ func (r *Runner) printUpdateChangelog(results *templateUpdateResults, version st } // fetchLatestVersionsFromGithub fetches the latest versions of nuclei repos from GitHub -func (r *Runner) fetchLatestVersionsFromGithub() { - nucleiLatest, err := r.githubFetchLatestTagRepo("projectdiscovery/nuclei") +// +// This fetches latest nuclei/templates/ignore from https://version-check.nuclei.sh/versions +// If you want to disable this automatic update check, use -nut flag. +func (r *Runner) fetchLatestVersionsFromGithub(configDir string) { + versions, err := client.GetLatestNucleiTemplatesVersion() if err != nil { - gologger.Warning().Msgf("Could not fetch latest nuclei release: %s", err) - } - templatesLatest, err := r.githubFetchLatestTagRepo("projectdiscovery/nuclei-templates") - if err != nil { - gologger.Warning().Msgf("Could not fetch latest nuclei-templates release: %s", err) + gologger.Warning().Msgf("Could not fetch latest releases: %s", err) + return } if r.templatesConfig != nil { - r.templatesConfig.NucleiLatestVersion = nucleiLatest - r.templatesConfig.NucleiTemplatesLatestVersion = templatesLatest - } -} + r.templatesConfig.NucleiLatestVersion = versions.Nuclei + r.templatesConfig.NucleiTemplatesLatestVersion = versions.Templates -type githubTagData struct { - Name string -} - -// githubFetchLatestTagRepo fetches the latest tag of the given repository from GitHub -// This function was half written by the GitHub Copilot AI :D. -func (r *Runner) githubFetchLatestTagRepo(repo string) (string, error) { - ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) - defer cancel() - - url := fmt.Sprintf("https://api.github.com/repos/%s/tags", repo) - req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil) - if err != nil { - return "", err + // If the fetch has resulted in new version of ignore file, update. + if r.templatesConfig.NucleiIgnoreHash == "" || r.templatesConfig.NucleiIgnoreHash != versions.IgnoreHash { + r.templatesConfig.NucleiIgnoreHash = versions.IgnoreHash + r.checkNucleiIgnoreFileUpdates(configDir) + } } - resp, err := http.DefaultClient.Do(req) - if err != nil { - return "", err - } - - defer resp.Body.Close() - body, err := ioutil.ReadAll(resp.Body) - if err != nil { - return "", err - } - - var tags []githubTagData - if err := json.Unmarshal(body, &tags); err != nil { - return "", err - } - if len(tags) == 0 { - return "", fmt.Errorf("no tags found for %s", repo) - } - return strings.TrimPrefix(tags[0].Name, "v"), nil } // updateNucleiVersionToLatest implements nuclei auto-update using GitHub Releases. diff --git a/v2/pkg/catalog/config/config.go b/v2/pkg/catalog/config/config.go index 8313f20c..193a25b4 100644 --- a/v2/pkg/catalog/config/config.go +++ b/v2/pkg/catalog/config/config.go @@ -3,7 +3,6 @@ package config import ( "os" "path/filepath" - "time" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" @@ -13,12 +12,10 @@ import ( // Config contains the internal nuclei engine configuration type Config struct { - TemplatesDirectory string `json:"templates-directory,omitempty"` - CurrentVersion string `json:"current-version,omitempty"` - LastChecked time.Time `json:"last-checked,omitempty"` - IgnoreURL string `json:"ignore-url,omitempty"` - NucleiVersion string `json:"nuclei-version,omitempty"` - LastCheckedIgnore time.Time `json:"last-checked-ignore,omitempty"` + TemplatesDirectory string `json:"nuclei-templates-directory,omitempty"` + TemplateVersion string `json:"nuclei-templates-version,omitempty"` + NucleiVersion string `json:"nuclei-version,omitempty"` + NucleiIgnoreHash string `json:"nuclei-ignore-hash,omitempty"` NucleiLatestVersion string `json:"nuclei-latest-version"` NucleiTemplatesLatestVersion string `json:"nuclei-templates-latest-version"` @@ -62,16 +59,7 @@ func ReadConfiguration() (*Config, error) { } // WriteConfiguration writes the updated nuclei configuration to disk -func WriteConfiguration(config *Config, checked, checkedIgnore bool) error { - if config.IgnoreURL == "" { - config.IgnoreURL = "https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/master/.nuclei-ignore" - } - if checked { - config.LastChecked = time.Now() - } - if checkedIgnore { - config.LastCheckedIgnore = time.Now() - } +func WriteConfiguration(config *Config) error { config.NucleiVersion = Version templatesConfigFile, err := getConfigDetails() diff --git a/v2/pkg/protocols/http/request.go b/v2/pkg/protocols/http/request.go index 6c2ceb05..afb52713 100644 --- a/v2/pkg/protocols/http/request.go +++ b/v2/pkg/protocols/http/request.go @@ -412,7 +412,7 @@ func (r *Request) executeRequest(reqURL string, request *generatedRequest, previ redirectedResponse = bytes.ReplaceAll(redirectedResponse, dataOrig, data) // Decode gbk response content-types - if contentType := resp.Header.Get("Content-Type"); contentType != "" && (strings.Contains(contentType, "gbk") || strings.Contains(contentType, "gb2312")) { + if contentType := strings.ToLower(resp.Header.Get("Content-Type")); contentType != "" && (strings.Contains(contentType, "gbk") || strings.Contains(contentType, "gb2312")) { dumpedResponse, err = decodegbk(dumpedResponse) if err != nil { return errors.Wrap(err, "could not gbk decode")