Made iterate of values controllable with iterate-all-values flag in http

2021-11-24 22:40:17 +05:30 · 2021-11-24 22:40:17 +05:30 · 393babe3c3
parent 273233bb81
commit 393babe3c3
7 changed files with 40 additions and 8 deletions
--- a/v2/Makefile
+++ b/v2/Makefile
@ -18,5 +18,9 @@ docs:
 	./cmd/docgen/docgen docs.md nuclei-jsonschema.json
 test:
 	$(GOTEST) -v ./...
+integration:
+	bash ../integration_tests/run.sh
+functional:
+	bash cmd/functional-tests/run.sh
 tidy:
 	$(GOMOD) tidy
--- a/v2/pkg/operators/operators.go
+++ b/v2/pkg/operators/operators.go
@ -80,8 +80,18 @@ type Result struct {
 // MakeDynamicValuesCallback takes an input dynamic values map and calls
 // the callback function with all variations of the data in input in form
 // of map[string]string (interface{}).
-func MakeDynamicValuesCallback(input map[string][]string, callback func(map[string]interface{}) bool) {
+func MakeDynamicValuesCallback(input map[string][]string, iterateAllValues bool, callback func(map[string]interface{}) bool) {
 	output := make(map[string]interface{}, len(input))
+
+	if !iterateAllValues {
+		for k, v := range input {
+			if len(v) > 0 {
+				output[k] = v[0]
+			}
+		}
+		callback(output)
+		return
+	}
 	inputIndex := make(map[string]int, len(input))

 	var maxValue int
--- a/v2/pkg/operators/operators_test.go
+++ b/v2/pkg/operators/operators_test.go
@ -15,14 +15,14 @@ func TestMakeDynamicValuesCallback(t *testing.T) {
 	}

 	count := 0
-	MakeDynamicValuesCallback(input, func(data map[string]interface{}) bool {
+	MakeDynamicValuesCallback(input, true, func(data map[string]interface{}) bool {
 		count++
 		require.Len(t, data, 3, "could not get correct output length")
 		return false
 	})
 	require.Equal(t, 3, count, "could not get correct result count")

-	t.Run("single", func(t *testing.T) {
+	t.Run("all", func(t *testing.T) {
 		input := map[string][]string{
 			"a": []string{"1"},
 			"b": []string{"2"},
@ -30,7 +30,24 @@ func TestMakeDynamicValuesCallback(t *testing.T) {
 		}

 		count := 0
-		MakeDynamicValuesCallback(input, func(data map[string]interface{}) bool {
+		MakeDynamicValuesCallback(input, true, func(data map[string]interface{}) bool {
+			count++
+			require.Len(t, data, 3, "could not get correct output length")
+			return false
+		})
+		require.Equal(t, 1, count, "could not get correct result count")
+	})
+
+	t.Run("first", func(t *testing.T) {
+		input := map[string][]string{
+			"a": []string{"1", "2"},
+			"b": []string{"3"},
+			"c": []string{},
+			"d": []string{"A", "B", "C"},
+		}
+
+		count := 0
+		MakeDynamicValuesCallback(input, false, func(data map[string]interface{}) bool {
 			count++
 			require.Len(t, data, 3, "could not get correct output length")
 			return false
--- a/v2/pkg/protocols/common/generators/maps.go
+++ b/v2/pkg/protocols/common/generators/maps.go
@ -1,7 +1,6 @@
 package generators

 import (
-	"fmt"
 	"reflect"
 	"strings"
 )
@ -39,8 +38,6 @@ func MergeMapsMany(maps ...interface{}) map[string][]string {
 						appendToSlice(e.String(), value)
 					}
 				}
-			default:
-				fmt.Printf("invalid type: %v\n", v.Kind())
 			}
 		}
 	}
--- a/v2/pkg/protocols/http/http.go
+++ b/v2/pkg/protocols/http/http.go
@ -176,6 +176,9 @@ type Request struct {
 	// description: |
 	//   SkipVariablesCheck skips the check for unresolved variables in request
 	SkipVariablesCheck bool `yaml:"skip-variables-check,omitempty" jsonschema:"title=skip variable checks,description=Skips the check for unresolved variables in request"`
+	// description: |
+	//   IterateAllValues iterates all the values extracted from internal extractors
+	IterateAllValues bool `yaml:"iterate-all-values,omitempty" jsonschema:"title=iterate all values,description=Iterates all the values extracted from internal extractors"`
 }

 // GetID returns the unique ID of the request if any.
--- a/v2/pkg/protocols/http/request.go
+++ b/v2/pkg/protocols/http/request.go
@ -302,7 +302,7 @@ func (request *Request) ExecuteWithResults(reqURL string, dynamicValues, previou
 		var gotErr error
 		var skip bool
 		if len(gotDynamicValues) > 0 {
-			operators.MakeDynamicValuesCallback(gotDynamicValues, func(data map[string]interface{}) bool {
+			operators.MakeDynamicValuesCallback(gotDynamicValues, request.IterateAllValues, func(data map[string]interface{}) bool {
 				if skip, gotErr = executeFunc(inputData, payloads, data); skip || gotErr != nil {
 					return true
 				}
--- a/v2/pkg/protocols/http/request_test.go
+++ b/v2/pkg/protocols/http/request_test.go
@ -53,6 +53,7 @@ func TestHTTPExtractMultipleReuse(t *testing.T) {
 				Internal: true,
 			}},
 		},
+		IterateAllValues: true,
 	}
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		switch r.URL.Path {