daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for template exclusions

dev
Manuel Bua 2020-08-02 15:48:10 +02:00
parent c6df7fbd43
commit 4a355f0fc0
2 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
v2/internal/runner/options.go
View File

@ -13,6 +13,7 @@ import (
type Options struct { type Options struct {
Debug bool // Debug mode allows debugging request/responses for the engine Debug bool // Debug mode allows debugging request/responses for the engine
Templates multiStringFlag // Signature specifies the template/templates to use Templates multiStringFlag // Signature specifies the template/templates to use
ExcludedTemplates multiStringFlag // Signature specifies the template/templates to exclude
Target string // Target is a single URL/Domain to scan usng a template Target string // Target is a single URL/Domain to scan usng a template
Targets string // Targets specifies the targets to scan using templates. Targets string // Targets specifies the targets to scan using templates.
Threads int // Thread controls the number of concurrent requests to make. Threads int // Thread controls the number of concurrent requests to make.
@ -51,7 +52,8 @@ func ParseOptions() *Options {
options := &Options{} options := &Options{}
flag.StringVar(&options.Target, "target", "", "Target is a single target to scan using template") flag.StringVar(&options.Target, "target", "", "Target is a single target to scan using template")
flag.Var(&options.Templates, "t", "Template input file/files to run on host. Can be used multiple times.") flag.Var(&options.Templates, "t", "Template input dir/file/files to run on host. Can be used multiple times. Supports globbing.")
flag.Var(&options.ExcludedTemplates, "exclude", "Template input dir/file/files to exclude. Can be used multiple times. Supports globbing.")
flag.StringVar(&options.Targets, "l", "", "List of URLs to run templates on") flag.StringVar(&options.Targets, "l", "", "List of URLs to run templates on")
flag.StringVar(&options.Output, "o", "", "File to write output to (optional)") flag.StringVar(&options.Output, "o", "", "File to write output to (optional)")
flag.StringVar(&options.ProxyURL, "proxy-url", "", "URL of the proxy server") flag.StringVar(&options.ProxyURL, "proxy-url", "", "URL of the proxy server")

22
v2/internal/runner/runner.go
View File

@ -298,8 +298,26 @@ func (r *Runner) getTemplatesFor(definitions []string) []string {
// RunEnumeration sets up the input layer for giving input nuclei. // RunEnumeration sets up the input layer for giving input nuclei.
// binary and runs the actual enumeration // binary and runs the actual enumeration
func (r *Runner) RunEnumeration() { func (r *Runner) RunEnumeration() {
// resolves input templates // resolves input templates definitions and any optional exclusion
allTemplates := r.getTemplatesFor(r.options.Templates) includedTemplates := r.getTemplatesFor(r.options.Templates)
excludedTemplates := r.getTemplatesFor(r.options.ExcludedTemplates)
// defaults to all templates
allTemplates := includedTemplates
if len(excludedTemplates) > 0 {
excludedMap := make(map[string]struct{}, len(excludedTemplates))
for _, excl := range excludedTemplates {
excludedMap[excl] = struct{}{}
}
// rebuild list with only non-excluded templates
allTemplates = []string{}
for _, incl := range includedTemplates {
if _, found := excludedMap[incl]; !found {
allTemplates = append(allTemplates, incl)
} else {
gologger.Warningf("Excluding '%s'", incl)
}
}
}
// 0 matches means no templates were found in directory // 0 matches means no templates were found in directory
if len(allTemplates) == 0 { if len(allTemplates) == 0 {