daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Made iterate of values controllable with iterate-all-values flag in http

dev
Ice3man543 2021-11-24 22:40:17 +05:30
parent 273233bb81
commit 393babe3c3
7 changed files with 40 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
v2/Makefile
View File

@ -18,5 +18,9 @@ docs:
./cmd/docgen/docgen docs.md nuclei-jsonschema.json ./cmd/docgen/docgen docs.md nuclei-jsonschema.json
test: test:
$(GOTEST) -v ./... $(GOTEST) -v ./...
integration:
bash ../integration_tests/run.sh
functional:
bash cmd/functional-tests/run.sh
tidy: tidy:
$(GOMOD) tidy $(GOMOD) tidy

12
v2/pkg/operators/operators.go
View File

@ -80,8 +80,18 @@ type Result struct {
// MakeDynamicValuesCallback takes an input dynamic values map and calls // MakeDynamicValuesCallback takes an input dynamic values map and calls
// the callback function with all variations of the data in input in form // the callback function with all variations of the data in input in form
// of map[string]string (interface{}). // of map[string]string (interface{}).
func MakeDynamicValuesCallback(input map[string][]string, callback func(map[string]interface{}) bool) { func MakeDynamicValuesCallback(input map[string][]string, iterateAllValues bool, callback func(map[string]interface{}) bool) {
output := make(map[string]interface{}, len(input)) output := make(map[string]interface{}, len(input))
if !iterateAllValues {
for k, v := range input {
if len(v) > 0 {
output[k] = v[0]
}
}
callback(output)
return
}
inputIndex := make(map[string]int, len(input)) inputIndex := make(map[string]int, len(input))
var maxValue int var maxValue int

23
v2/pkg/operators/operators_test.go
View File

@ -15,14 +15,14 @@ func TestMakeDynamicValuesCallback(t *testing.T) {
} }
count := 0 count := 0
MakeDynamicValuesCallback(input, func(data map[string]interface{}) bool { MakeDynamicValuesCallback(input, true, func(data map[string]interface{}) bool {
count++ count++
require.Len(t, data, 3, "could not get correct output length") require.Len(t, data, 3, "could not get correct output length")
return false return false
}) })
require.Equal(t, 3, count, "could not get correct result count") require.Equal(t, 3, count, "could not get correct result count")
t.Run("single", func(t *testing.T) { t.Run("all", func(t *testing.T) {
input := map[string][]string{ input := map[string][]string{
"a": []string{"1"}, "a": []string{"1"},
"b": []string{"2"}, "b": []string{"2"},
@ -30,7 +30,24 @@ func TestMakeDynamicValuesCallback(t *testing.T) {
} }
count := 0 count := 0
MakeDynamicValuesCallback(input, func(data map[string]interface{}) bool { MakeDynamicValuesCallback(input, true, func(data map[string]interface{}) bool {
count++
require.Len(t, data, 3, "could not get correct output length")
return false
})
require.Equal(t, 1, count, "could not get correct result count")
})
t.Run("first", func(t *testing.T) {
input := map[string][]string{
"a": []string{"1", "2"},
"b": []string{"3"},
"c": []string{},
"d": []string{"A", "B", "C"},
}
count := 0
MakeDynamicValuesCallback(input, false, func(data map[string]interface{}) bool {
count++ count++
require.Len(t, data, 3, "could not get correct output length") require.Len(t, data, 3, "could not get correct output length")
return false return false

3
v2/pkg/protocols/common/generators/maps.go
View File

@ -1,7 +1,6 @@
package generators package generators
import ( import (
"fmt"
"reflect" "reflect"
"strings" "strings"
) )
@ -39,8 +38,6 @@ func MergeMapsMany(maps ...interface{}) map[string][]string {
appendToSlice(e.String(), value) appendToSlice(e.String(), value)
} }
} }
default:
fmt.Printf("invalid type: %v\n", v.Kind())
} }
} }
} }

3
v2/pkg/protocols/http/http.go
View File

@ -176,6 +176,9 @@ type Request struct {
// description: | // description: |
// SkipVariablesCheck skips the check for unresolved variables in request // SkipVariablesCheck skips the check for unresolved variables in request
SkipVariablesCheck bool `yaml:"skip-variables-check,omitempty" jsonschema:"title=skip variable checks,description=Skips the check for unresolved variables in request"` SkipVariablesCheck bool `yaml:"skip-variables-check,omitempty" jsonschema:"title=skip variable checks,description=Skips the check for unresolved variables in request"`
// description: |
// IterateAllValues iterates all the values extracted from internal extractors
IterateAllValues bool `yaml:"iterate-all-values,omitempty" jsonschema:"title=iterate all values,description=Iterates all the values extracted from internal extractors"`
} }
// GetID returns the unique ID of the request if any. // GetID returns the unique ID of the request if any.

2
v2/pkg/protocols/http/request.go
View File

@ -302,7 +302,7 @@ func (request *Request) ExecuteWithResults(reqURL string, dynamicValues, previou
var gotErr error var gotErr error
var skip bool var skip bool
if len(gotDynamicValues) > 0 { if len(gotDynamicValues) > 0 {
operators.MakeDynamicValuesCallback(gotDynamicValues, func(data map[string]interface{}) bool { operators.MakeDynamicValuesCallback(gotDynamicValues, request.IterateAllValues, func(data map[string]interface{}) bool {
if skip, gotErr = executeFunc(inputData, payloads, data); skip || gotErr != nil { if skip, gotErr = executeFunc(inputData, payloads, data); skip || gotErr != nil {
return true return true
} }

1
v2/pkg/protocols/http/request_test.go
View File

@ -53,6 +53,7 @@ func TestHTTPExtractMultipleReuse(t *testing.T) {
Internal: true, Internal: true,
}}, }},
}, },
IterateAllValues: true,
} }
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
switch r.URL.Path { switch r.URL.Path {