From 4d9d53ca60b753a34cbadc6ca1689a35591a741b Mon Sep 17 00:00:00 2001 From: Ice3man543 Date: Thu, 4 Feb 2021 18:29:28 +0530 Subject: [PATCH] More tests + finished tag based execution --- v2/internal/runner/options.go | 2 +- v2/internal/runner/runner.go | 3 +++ v2/internal/runner/templates.go | 9 ++++++--- v2/pkg/output/format_screen.go | 2 +- v2/pkg/protocols/dns/operators.go | 10 +++++----- v2/pkg/protocols/file/operators.go | 8 ++++---- v2/pkg/protocols/http/operators.go | 16 ++++++++-------- v2/pkg/protocols/network/operators.go | 12 ++++++------ v2/pkg/templates/compile.go | 8 ++++++-- v2/pkg/types/interfaces.go | 2 ++ 10 files changed, 42 insertions(+), 30 deletions(-) diff --git a/v2/internal/runner/options.go b/v2/internal/runner/options.go index 88db2720..b2fee379 100644 --- a/v2/internal/runner/options.go +++ b/v2/internal/runner/options.go @@ -70,7 +70,7 @@ func validateOptions(options *types.Options) error { if !options.TemplateList { // Check if a list of templates was provided and it exists - if len(options.Templates) == 0 && !options.UpdateTemplates { + if len(options.Templates) == 0 && len(options.Tags) == 0 && !options.UpdateTemplates { return errors.New("no template/templates provided") } diff --git a/v2/internal/runner/runner.go b/v2/internal/runner/runner.go index f0c84562..8712a9eb 100644 --- a/v2/internal/runner/runner.go +++ b/v2/internal/runner/runner.go @@ -179,6 +179,9 @@ func (r *Runner) Close() { // binary and runs the actual enumeration func (r *Runner) RunEnumeration() { // resolves input templates definitions and any optional exclusion + if len(r.options.Templates) == 0 && len(r.options.Tags) > 0 { + r.options.Templates = append(r.options.Templates, r.options.TemplatesDirectory) + } includedTemplates := r.catalogue.GetTemplatesPath(r.options.Templates) excludedTemplates := r.catalogue.GetTemplatesPath(r.options.ExcludedTemplates) // defaults to all templates diff --git a/v2/internal/runner/templates.go b/v2/internal/runner/templates.go index 7051385a..92ead8b1 100644 --- a/v2/internal/runner/templates.go +++ b/v2/internal/runner/templates.go @@ -9,6 +9,7 @@ import ( "github.com/projectdiscovery/gologger" "github.com/projectdiscovery/nuclei/v2/pkg/protocols" "github.com/projectdiscovery/nuclei/v2/pkg/templates" + "github.com/projectdiscovery/nuclei/v2/pkg/types" ) // getParsedTemplatesFor parse the specified templates and returns a slice of the parsable ones, optionally filtered @@ -29,10 +30,12 @@ func (r *Runner) getParsedTemplatesFor(templatePaths []string, severities []stri if len(t.Workflows) > 0 { workflowCount++ } - sev := strings.ToLower(t.Info["severity"].(string)) + sev := strings.ToLower(types.ToString(t.Info["severity"])) + + fmt.Printf("info: %+v\n", t.Info) if !filterBySeverity || hasMatchingSeverity(sev, severities) { parsedTemplates[t.ID] = t - gologger.Info().Msgf("%s\n", r.templateLogMsg(t.ID, t.Info["name"].(string), t.Info["author"].(string), t.Info["severity"].(string))) + gologger.Info().Msgf("%s\n", r.templateLogMsg(t.ID, types.ToString(t.Info["name"]), types.ToString(t.Info["author"]), sev)) } else { gologger.Error().Msgf("Excluding template %s due to severity filter (%s not in [%s])", t.ID, sev, severities) } @@ -74,7 +77,7 @@ func (r *Runner) logAvailableTemplate(tplPath string) { if err != nil { gologger.Error().Msgf("Could not parse file '%s': %s\n", tplPath, err) } else { - gologger.Print().Msgf("%s\n", r.templateLogMsg(t.ID, t.Info["name"].(string), t.Info["author"].(string), t.Info["severity"].(string))) + gologger.Print().Msgf("%s\n", r.templateLogMsg(t.ID, types.ToString(t.Info["name"]), types.ToString(t.Info["author"]), types.ToString(t.Info["severity"]))) } } diff --git a/v2/pkg/output/format_screen.go b/v2/pkg/output/format_screen.go index a81bacfb..55781fd6 100644 --- a/v2/pkg/output/format_screen.go +++ b/v2/pkg/output/format_screen.go @@ -27,7 +27,7 @@ func (w *StandardWriter) formatScreen(output *ResultEvent) ([]byte, error) { builder.WriteString("] ") builder.WriteString("[") - builder.WriteString(w.severityColors.Data[output.Info["severity"].(string)]) + builder.WriteString(w.severityColors.Data[types.ToString(output.Info["severity"])]) builder.WriteString("] ") } builder.WriteString(output.Matched) diff --git a/v2/pkg/protocols/dns/operators.go b/v2/pkg/protocols/dns/operators.go index a17b5f47..5af95f33 100644 --- a/v2/pkg/protocols/dns/operators.go +++ b/v2/pkg/protocols/dns/operators.go @@ -135,16 +135,16 @@ func (r *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*outpu func (r *Request) makeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent { data := &output.ResultEvent{ - TemplateID: wrapped.InternalEvent["template-id"].(string), + TemplateID: types.ToString(wrapped.InternalEvent["template-id"]), Info: wrapped.InternalEvent["template-info"].(map[string]interface{}), Type: "dns", - Host: wrapped.InternalEvent["host"].(string), - Matched: wrapped.InternalEvent["matched"].(string), + Host: types.ToString(wrapped.InternalEvent["host"]), + Matched: types.ToString(wrapped.InternalEvent["matched"]), ExtractedResults: wrapped.OperatorsResult.OutputExtracts, } if r.options.Options.JSONRequests { - data.Request = wrapped.InternalEvent["request"].(string) - data.Response = wrapped.InternalEvent["raw"].(string) + data.Request = types.ToString(wrapped.InternalEvent["request"]) + data.Response = types.ToString(wrapped.InternalEvent["raw"]) } return data } diff --git a/v2/pkg/protocols/file/operators.go b/v2/pkg/protocols/file/operators.go index 1c999c6f..a8b233e6 100644 --- a/v2/pkg/protocols/file/operators.go +++ b/v2/pkg/protocols/file/operators.go @@ -102,15 +102,15 @@ func (r *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*outpu func (r *Request) makeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent { data := &output.ResultEvent{ - TemplateID: wrapped.InternalEvent["template-id"].(string), + TemplateID: types.ToString(wrapped.InternalEvent["template-id"]), Info: wrapped.InternalEvent["template-info"].(map[string]interface{}), Type: "file", - Host: wrapped.InternalEvent["host"].(string), - Matched: wrapped.InternalEvent["matched"].(string), + Host: types.ToString(wrapped.InternalEvent["host"]), + Matched: types.ToString(wrapped.InternalEvent["matched"]), ExtractedResults: wrapped.OperatorsResult.OutputExtracts, } if r.options.Options.JSONRequests { - data.Response = wrapped.InternalEvent["raw"].(string) + data.Response = types.ToString(wrapped.InternalEvent["raw"]) } return data } diff --git a/v2/pkg/protocols/http/operators.go b/v2/pkg/protocols/http/operators.go index e374a160..57d7f665 100644 --- a/v2/pkg/protocols/http/operators.go +++ b/v2/pkg/protocols/http/operators.go @@ -63,8 +63,8 @@ func getMatchPart(part string, data output.InternalEvent) (string, bool) { if part == "all" { builder := &strings.Builder{} - builder.WriteString(data["body"].(string)) - builder.WriteString(data["all_headers"].(string)) + builder.WriteString(types.ToString(data["body"])) + builder.WriteString(types.ToString(data["all_headers"])) itemStr = builder.String() } else { item, ok := data[part] @@ -134,18 +134,18 @@ func (r *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*outpu func (r *Request) makeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent { data := &output.ResultEvent{ - TemplateID: wrapped.InternalEvent["template-id"].(string), + TemplateID: types.ToString(wrapped.InternalEvent["template-id"]), Info: wrapped.InternalEvent["template-info"].(map[string]interface{}), Type: "http", - Host: wrapped.InternalEvent["host"].(string), - Matched: wrapped.InternalEvent["matched"].(string), + Host: types.ToString(wrapped.InternalEvent["host"]), + Matched: types.ToString(wrapped.InternalEvent["matched"]), Metadata: wrapped.OperatorsResult.PayloadValues, ExtractedResults: wrapped.OperatorsResult.OutputExtracts, - IP: wrapped.InternalEvent["ip"].(string), + IP: types.ToString(wrapped.InternalEvent["ip"]), } if r.options.Options.JSONRequests { - data.Request = wrapped.InternalEvent["request"].(string) - data.Response = wrapped.InternalEvent["raw"].(string) + data.Request = types.ToString(wrapped.InternalEvent["request"]) + data.Response = types.ToString(wrapped.InternalEvent["raw"]) } return data } diff --git a/v2/pkg/protocols/network/operators.go b/v2/pkg/protocols/network/operators.go index 794d0446..dec59e25 100644 --- a/v2/pkg/protocols/network/operators.go +++ b/v2/pkg/protocols/network/operators.go @@ -103,17 +103,17 @@ func (r *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*outpu func (r *Request) makeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent { data := &output.ResultEvent{ - TemplateID: wrapped.InternalEvent["template-id"].(string), + TemplateID: types.ToString(wrapped.InternalEvent["template-id"]), Info: wrapped.InternalEvent["template-info"].(map[string]interface{}), Type: "network", - Host: wrapped.InternalEvent["host"].(string), - Matched: wrapped.InternalEvent["matched"].(string), + Host: types.ToString(wrapped.InternalEvent["host"]), + Matched: types.ToString(wrapped.InternalEvent["matched"]), ExtractedResults: wrapped.OperatorsResult.OutputExtracts, - IP: wrapped.InternalEvent["ip"].(string), + IP: types.ToString(wrapped.InternalEvent["ip"]), } if r.options.Options.JSONRequests { - data.Request = wrapped.InternalEvent["request"].(string) - data.Response = wrapped.InternalEvent["data"].(string) + data.Request = types.ToString(wrapped.InternalEvent["request"]) + data.Response = types.ToString(wrapped.InternalEvent["data"]) } return data } diff --git a/v2/pkg/templates/compile.go b/v2/pkg/templates/compile.go index 83f87489..4fef2ae4 100644 --- a/v2/pkg/templates/compile.go +++ b/v2/pkg/templates/compile.go @@ -37,8 +37,12 @@ func Parse(filePath string, options *protocols.ExecuterOptions) (*Template, erro if _, ok := template.Info["severity"]; !ok { return nil, errors.New("no template severity field provided") } - if templateTags, ok := template.Info["tags"]; ok && len(options.Options.Tags) > 0 { - if err := matchTemplateWithTags(templateTags.(string), options.Options); err != nil { + if len(options.Options.Tags) > 0 { + templateTags, ok := template.Info["tags"] + if !ok { + return nil, errors.New("no tags found for template") + } + if err := matchTemplateWithTags(types.ToString(templateTags), options.Options); err != nil { return nil, err } } diff --git a/v2/pkg/types/interfaces.go b/v2/pkg/types/interfaces.go index e29bdc6b..fd437d3b 100644 --- a/v2/pkg/types/interfaces.go +++ b/v2/pkg/types/interfaces.go @@ -11,6 +11,8 @@ import ( // ToString converts an interface to string in a quick way func ToString(data interface{}) string { switch s := data.(type) { + case nil: + return "" case string: return s case bool: