mirror of https://github.com/daffainfo/nuclei.git
Merge remote-tracking branch 'origin/dev' into code_smells
commit
555e609173
|
@ -0,0 +1,68 @@
|
||||||
|
allow-list:
|
||||||
|
severity: high, critical
|
||||||
|
deny-list:
|
||||||
|
severity: low
|
||||||
|
|
||||||
|
# github contains configuration options for github issue tracker
|
||||||
|
github:
|
||||||
|
# base-url is the optional self-hosted github application url
|
||||||
|
base-url: https://localhost:8443/github
|
||||||
|
# username is the username of the github user
|
||||||
|
username: test-username
|
||||||
|
# owner is the owner name of the repository for issues.
|
||||||
|
owner: test-owner
|
||||||
|
# token is the token for github account.
|
||||||
|
token: test-token
|
||||||
|
# project-name is the name of the repository.
|
||||||
|
project-name: test-project
|
||||||
|
# issue-label is the label of the created issue type
|
||||||
|
issue-label: bug
|
||||||
|
|
||||||
|
# gitlab contains configuration options for gitlab issue tracker
|
||||||
|
gitlab:
|
||||||
|
# base-url is the optional self-hosted gitlab application url
|
||||||
|
base-url: https://localhost:8443/gitlab
|
||||||
|
# username is the username of the gitlab user
|
||||||
|
username: test-username
|
||||||
|
# token is the token for gitlab account.
|
||||||
|
token: test-token
|
||||||
|
# project-id is the ID of the repository.
|
||||||
|
project-id: 1234
|
||||||
|
# issue-label is the label of the created issue type
|
||||||
|
issue-label: bug
|
||||||
|
|
||||||
|
# jira contains configuration options for jira issue tracker
|
||||||
|
jira:
|
||||||
|
# cloud is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
|
||||||
|
cloud: true
|
||||||
|
# update-existing is the boolean which tells if the existing, opened issue should be updated or new one should be created
|
||||||
|
update-existing: false
|
||||||
|
# URL is the jira application url
|
||||||
|
url: https://localhost/jira
|
||||||
|
# account-id is the account-id of the jira user or username in case of on-prem Jira
|
||||||
|
account-id: test-account-id
|
||||||
|
# email is the email of the user for jira instance
|
||||||
|
email: test@test.com
|
||||||
|
# token is the token for jira instance or password in case of on-prem Jira
|
||||||
|
token: test-token
|
||||||
|
# project-name is the name of the project.
|
||||||
|
project-name: test-project-name
|
||||||
|
# issue-type is the name of the created issue type
|
||||||
|
issue-type: bug
|
||||||
|
|
||||||
|
# elasticsearch contains configuration options for elasticsearch exporter
|
||||||
|
elasticsearch:
|
||||||
|
# IP for elasticsearch instance
|
||||||
|
ip: 127.0.0.1
|
||||||
|
# Port is the port of elasticsearch instance
|
||||||
|
port: 9200
|
||||||
|
# IndexName is the name of the elasticsearch index
|
||||||
|
index-name: nuclei
|
||||||
|
# SSL enables ssl for elasticsearch connection
|
||||||
|
ssl: false
|
||||||
|
# SSLVerification disables SSL verification for elasticsearch
|
||||||
|
ssl-verification: false
|
||||||
|
# Username for the elasticsearch instance
|
||||||
|
username: test
|
||||||
|
# Password is the password for elasticsearch instance
|
||||||
|
password: test
|
|
@ -0,0 +1,70 @@
|
||||||
|
allow-list:
|
||||||
|
severity:
|
||||||
|
- high
|
||||||
|
- critical
|
||||||
|
deny-list:
|
||||||
|
severity: low
|
||||||
|
|
||||||
|
# github contains configuration options for github issue tracker
|
||||||
|
github:
|
||||||
|
# base-url is the optional self-hosted github application url
|
||||||
|
base-url: https://localhost:8443/github
|
||||||
|
# username is the username of the github user
|
||||||
|
username: test-username
|
||||||
|
# owner is the owner name of the repository for issues.
|
||||||
|
owner: test-owner
|
||||||
|
# token is the token for github account.
|
||||||
|
token: test-token
|
||||||
|
# project-name is the name of the repository.
|
||||||
|
project-name: test-project
|
||||||
|
# issue-label is the label of the created issue type
|
||||||
|
issue-label: bug
|
||||||
|
|
||||||
|
# gitlab contains configuration options for gitlab issue tracker
|
||||||
|
gitlab:
|
||||||
|
# base-url is the optional self-hosted gitlab application url
|
||||||
|
base-url: https://localhost:8443/gitlab
|
||||||
|
# username is the username of the gitlab user
|
||||||
|
username: test-username
|
||||||
|
# token is the token for gitlab account.
|
||||||
|
token: test-token
|
||||||
|
# project-id is the ID of the repository.
|
||||||
|
project-id: 1234
|
||||||
|
# issue-label is the label of the created issue type
|
||||||
|
issue-label: bug
|
||||||
|
|
||||||
|
# jira contains configuration options for jira issue tracker
|
||||||
|
jira:
|
||||||
|
# cloud is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
|
||||||
|
cloud: true
|
||||||
|
# update-existing is the boolean which tells if the existing, opened issue should be updated or new one should be created
|
||||||
|
update-existing: false
|
||||||
|
# URL is the jira application url
|
||||||
|
url: https://localhost/jira
|
||||||
|
# account-id is the account-id of the jira user or username in case of on-prem Jira
|
||||||
|
account-id: test-account-id
|
||||||
|
# email is the email of the user for jira instance
|
||||||
|
email: test@test.com
|
||||||
|
# token is the token for jira instance or password in case of on-prem Jira
|
||||||
|
token: test-token
|
||||||
|
# project-name is the name of the project.
|
||||||
|
project-name: test-project-name
|
||||||
|
# issue-type is the name of the created issue type
|
||||||
|
issue-type: bug
|
||||||
|
|
||||||
|
# elasticsearch contains configuration options for elasticsearch exporter
|
||||||
|
elasticsearch:
|
||||||
|
# IP for elasticsearch instance
|
||||||
|
ip: 127.0.0.1
|
||||||
|
# Port is the port of elasticsearch instance
|
||||||
|
port: 9200
|
||||||
|
# IndexName is the name of the elasticsearch index
|
||||||
|
index-name: nuclei
|
||||||
|
# SSL enables ssl for elasticsearch connection
|
||||||
|
ssl: false
|
||||||
|
# SSLVerification disables SSL verification for elasticsearch
|
||||||
|
ssl-verification: false
|
||||||
|
# Username for the elasticsearch instance
|
||||||
|
username: test
|
||||||
|
# Password is the password for elasticsearch instance
|
||||||
|
password: test
|
|
@ -1,7 +1,9 @@
|
||||||
|
# to specify which severities should be reported
|
||||||
#allow-list:
|
#allow-list:
|
||||||
# severity: high,critical
|
# severity: critical, high
|
||||||
|
# to specify which severities should be excluded from reporting
|
||||||
#deny-list:
|
#deny-list:
|
||||||
# severity: low
|
# severity: info, low, medium
|
||||||
|
|
||||||
# github contains configuration options for github issue tracker
|
# github contains configuration options for github issue tracker
|
||||||
#github:
|
#github:
|
||||||
|
@ -59,10 +61,10 @@
|
||||||
# # IndexName is the name of the elasticsearch index
|
# # IndexName is the name of the elasticsearch index
|
||||||
# index-name: nuclei
|
# index-name: nuclei
|
||||||
# # SSL enables ssl for elasticsearch connection
|
# # SSL enables ssl for elasticsearch connection
|
||||||
# # ssl: false
|
# ssl: false
|
||||||
# # SSLVerification disables SSL verification for elasticsearch
|
# # SSLVerification disables SSL verification for elasticsearch
|
||||||
# # ssl-verification: false
|
# ssl-verification: false
|
||||||
# # Username for the elasticsearch instance
|
# # Username for the elasticsearch instance
|
||||||
# # username: test
|
# username: test
|
||||||
# # Pasword is the password for elasticsearch instance
|
# # Password is the password for elasticsearch instance
|
||||||
# # password: test
|
# password: test
|
|
@ -8,7 +8,7 @@ import (
|
||||||
"github.com/projectdiscovery/goflags"
|
"github.com/projectdiscovery/goflags"
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/runner"
|
"github.com/projectdiscovery/nuclei/v2/internal/runner"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -108,9 +108,9 @@ on extensive configurability, massive extensibility and ease of use.`)
|
||||||
)
|
)
|
||||||
|
|
||||||
createGroup(flagSet, "interactsh", "interactsh",
|
createGroup(flagSet, "interactsh", "interactsh",
|
||||||
flagSet.BoolVar(&options.NoInteractsh, "no-interactsh", false, "do not use interactsh server for blind interaction polling"),
|
flagSet.BoolVar(&options.NoInteractsh, "no-interactsh", false, "disable interactsh server for OOB testing"),
|
||||||
flagSet.StringVar(&options.InteractshURL, "interactsh-url", "https://interact.sh", "self-hosted Interactsh Server URL"),
|
flagSet.StringVar(&options.InteractshURL, "interactsh-url", "https://interact.sh", "interactsh server url for self-hosted instance"),
|
||||||
|
flagSet.StringVar(&options.InteractshToken, "interactsh-token", "", "authentication token for self-hosted interactsh server"),
|
||||||
flagSet.IntVar(&options.InteractionsCacheSize, "interactions-cache-size", 5000, "number of requests to keep in the interactions cache"),
|
flagSet.IntVar(&options.InteractionsCacheSize, "interactions-cache-size", 5000, "number of requests to keep in the interactions cache"),
|
||||||
flagSet.IntVar(&options.InteractionsEviction, "interactions-eviction", 60, "number of seconds to wait before evicting requests from cache"),
|
flagSet.IntVar(&options.InteractionsEviction, "interactions-eviction", 60, "number of seconds to wait before evicting requests from cache"),
|
||||||
flagSet.IntVar(&options.InteractionsPollDuration, "interactions-poll-duration", 5, "number of seconds to wait before each interaction poll request"),
|
flagSet.IntVar(&options.InteractionsPollDuration, "interactions-poll-duration", 5, "number of seconds to wait before each interaction poll request"),
|
||||||
|
|
|
@ -4,8 +4,9 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"github.com/logrusorgru/aurora"
|
"github.com/logrusorgru/aurora"
|
||||||
|
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -19,10 +19,10 @@ import (
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/hmap/store/hybrid"
|
"github.com/projectdiscovery/hmap/store/hybrid"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/colorizer"
|
"github.com/projectdiscovery/nuclei/v2/internal/colorizer"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/progress"
|
"github.com/projectdiscovery/nuclei/v2/pkg/progress"
|
||||||
|
@ -87,35 +87,10 @@ func New(options *types.Options) (*Runner, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
runner.catalog = catalog.New(runner.options.TemplatesDirectory)
|
runner.catalog = catalog.New(runner.options.TemplatesDirectory)
|
||||||
var reportingOptions *reporting.Options
|
|
||||||
if options.ReportingConfig != "" {
|
|
||||||
file, err := os.Open(options.ReportingConfig)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrap(err, "could not open reporting config file")
|
|
||||||
}
|
|
||||||
|
|
||||||
reportingOptions = &reporting.Options{}
|
reportingOptions, err := createReportingOptions(options)
|
||||||
if parseErr := yaml.NewDecoder(file).Decode(reportingOptions); parseErr != nil {
|
if err != nil {
|
||||||
file.Close()
|
return nil, err
|
||||||
return nil, errors.Wrap(parseErr, "could not parse reporting config file")
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
if options.DiskExportDirectory != "" {
|
|
||||||
if reportingOptions != nil {
|
|
||||||
reportingOptions.DiskExporter = &disk.Options{Directory: options.DiskExportDirectory}
|
|
||||||
} else {
|
|
||||||
reportingOptions = &reporting.Options{}
|
|
||||||
reportingOptions.DiskExporter = &disk.Options{Directory: options.DiskExportDirectory}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if options.SarifExport != "" {
|
|
||||||
if reportingOptions != nil {
|
|
||||||
reportingOptions.SarifExporter = &sarif.Options{File: options.SarifExport}
|
|
||||||
} else {
|
|
||||||
reportingOptions = &reporting.Options{}
|
|
||||||
reportingOptions.SarifExporter = &sarif.Options{File: options.SarifExport}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if reportingOptions != nil {
|
if reportingOptions != nil {
|
||||||
client, err := reporting.New(reportingOptions, options.ReportingDB)
|
client, err := reporting.New(reportingOptions, options.ReportingDB)
|
||||||
|
@ -245,6 +220,7 @@ func New(options *types.Options) (*Runner, error) {
|
||||||
if !options.NoInteractsh {
|
if !options.NoInteractsh {
|
||||||
interactshClient, err := interactsh.New(&interactsh.Options{
|
interactshClient, err := interactsh.New(&interactsh.Options{
|
||||||
ServerURL: options.InteractshURL,
|
ServerURL: options.InteractshURL,
|
||||||
|
Authorization: options.InteractshToken,
|
||||||
CacheSize: int64(options.InteractionsCacheSize),
|
CacheSize: int64(options.InteractionsCacheSize),
|
||||||
Eviction: time.Duration(options.InteractionsEviction) * time.Second,
|
Eviction: time.Duration(options.InteractionsEviction) * time.Second,
|
||||||
ColldownPeriod: time.Duration(options.InteractionsColldownPeriod) * time.Second,
|
ColldownPeriod: time.Duration(options.InteractionsColldownPeriod) * time.Second,
|
||||||
|
@ -271,6 +247,40 @@ func New(options *types.Options) (*Runner, error) {
|
||||||
return runner, nil
|
return runner, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func createReportingOptions(options *types.Options) (*reporting.Options, error) {
|
||||||
|
var reportingOptions *reporting.Options
|
||||||
|
if options.ReportingConfig != "" {
|
||||||
|
file, err := os.Open(options.ReportingConfig)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Wrap(err, "could not open reporting config file")
|
||||||
|
}
|
||||||
|
|
||||||
|
reportingOptions = &reporting.Options{}
|
||||||
|
if parseErr := yaml.NewDecoder(file).Decode(reportingOptions); parseErr != nil {
|
||||||
|
file.Close()
|
||||||
|
return nil, errors.Wrap(parseErr, "could not parse reporting config file")
|
||||||
|
}
|
||||||
|
file.Close()
|
||||||
|
}
|
||||||
|
if options.DiskExportDirectory != "" {
|
||||||
|
if reportingOptions != nil {
|
||||||
|
reportingOptions.DiskExporter = &disk.Options{Directory: options.DiskExportDirectory}
|
||||||
|
} else {
|
||||||
|
reportingOptions = &reporting.Options{}
|
||||||
|
reportingOptions.DiskExporter = &disk.Options{Directory: options.DiskExportDirectory}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if options.SarifExport != "" {
|
||||||
|
if reportingOptions != nil {
|
||||||
|
reportingOptions.SarifExporter = &sarif.Options{File: options.SarifExport}
|
||||||
|
} else {
|
||||||
|
reportingOptions = &reporting.Options{}
|
||||||
|
reportingOptions.SarifExporter = &sarif.Options{File: options.SarifExport}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return reportingOptions, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Close releases all the resources and cleans up
|
// Close releases all the resources and cleans up
|
||||||
func (r *Runner) Close() {
|
func (r *Runner) Close() {
|
||||||
if r.output != nil {
|
if r.output != nil {
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
package runner
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_createReportingOptions(t *testing.T) {
|
||||||
|
var options types.Options
|
||||||
|
options.ReportingConfig = "../../../integration_tests/test-issue-tracker-config1.yaml"
|
||||||
|
resultOptions, err := createReportingOptions(&options)
|
||||||
|
|
||||||
|
assert.Nil(t, err)
|
||||||
|
assert.Equal(t, resultOptions.AllowList.Severities, severity.Severities{severity.High, severity.Critical})
|
||||||
|
assert.Equal(t, resultOptions.DenyList.Severities, severity.Severities{severity.Low})
|
||||||
|
|
||||||
|
options.ReportingConfig = "../../../integration_tests/test-issue-tracker-config2.yaml"
|
||||||
|
resultOptions2, err := createReportingOptions(&options)
|
||||||
|
assert.Nil(t, err)
|
||||||
|
assert.Equal(t, resultOptions2.AllowList.Severities, resultOptions.AllowList.Severities)
|
||||||
|
assert.Equal(t, resultOptions2.DenyList.Severities, resultOptions.DenyList.Severities)
|
||||||
|
}
|
|
@ -8,7 +8,7 @@ import (
|
||||||
"github.com/karrick/godirwalk"
|
"github.com/karrick/godirwalk"
|
||||||
|
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
package severity
|
|
||||||
|
|
||||||
import (
|
|
||||||
"fmt"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
type Severities []Severity
|
|
||||||
|
|
||||||
func (severities Severities) String() string {
|
|
||||||
return strings.Join(severities.ToStringArray(), ", ")
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severities *Severities) Set(value string) error {
|
|
||||||
inputSeverities := toStringSlice(value)
|
|
||||||
|
|
||||||
for _, inputSeverity := range inputSeverities {
|
|
||||||
if err := setSeverity(severities, inputSeverity); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func setSeverity(severities *Severities, value string) error {
|
|
||||||
computedSeverity, err := toSeverity(value)
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("'%s' is not a valid severity", value)
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO change the Severities type to map[Severity]interface{}, where the values are struct{}{}, to "simulate" a "set" data structure
|
|
||||||
*severities = append(*severities, computedSeverity)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severities *Severities) ToStringArray() []string {
|
|
||||||
var result []string
|
|
||||||
for _, severity := range *severities {
|
|
||||||
result = append(result, severity.String())
|
|
||||||
}
|
|
||||||
return result
|
|
||||||
}
|
|
||||||
|
|
||||||
func toStringSlice(value string) []string {
|
|
||||||
var result []string
|
|
||||||
if strings.Contains(value, ",") {
|
|
||||||
slices := strings.Split(value, ",")
|
|
||||||
result = append(result, slices...)
|
|
||||||
} else {
|
|
||||||
result = []string{value}
|
|
||||||
}
|
|
||||||
return result
|
|
||||||
}
|
|
|
@ -1,95 +0,0 @@
|
||||||
package severity
|
|
||||||
|
|
||||||
import (
|
|
||||||
"encoding/json"
|
|
||||||
"strings"
|
|
||||||
|
|
||||||
"github.com/alecthomas/jsonschema"
|
|
||||||
"github.com/pkg/errors"
|
|
||||||
)
|
|
||||||
|
|
||||||
type Severity int
|
|
||||||
|
|
||||||
const (
|
|
||||||
Undefined Severity = iota
|
|
||||||
Info
|
|
||||||
Low
|
|
||||||
Medium
|
|
||||||
High
|
|
||||||
Critical
|
|
||||||
limit
|
|
||||||
)
|
|
||||||
|
|
||||||
var severityMappings = map[Severity]string{
|
|
||||||
Info: "info",
|
|
||||||
Low: "low",
|
|
||||||
Medium: "medium",
|
|
||||||
High: "high",
|
|
||||||
Critical: "critical",
|
|
||||||
}
|
|
||||||
|
|
||||||
func toSeverity(valueToMap string) (Severity, error) {
|
|
||||||
normalizedValue := normalizeValue(valueToMap)
|
|
||||||
for key, currentValue := range severityMappings {
|
|
||||||
if normalizedValue == currentValue {
|
|
||||||
return key, nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return -1, errors.New("Invalid severity: " + valueToMap)
|
|
||||||
}
|
|
||||||
|
|
||||||
func GetSupportedSeverities() Severities {
|
|
||||||
var result []Severity
|
|
||||||
for index := Severity(1); index < limit; index++ {
|
|
||||||
result = append(result, index)
|
|
||||||
}
|
|
||||||
return result
|
|
||||||
}
|
|
||||||
|
|
||||||
func normalizeValue(value string) string {
|
|
||||||
return strings.TrimSpace(strings.ToLower(value))
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severity Severity) String() string {
|
|
||||||
return severityMappings[severity]
|
|
||||||
}
|
|
||||||
|
|
||||||
//nolint:exported,revive //prefer to be explicit about the name, and make it refactor-safe
|
|
||||||
type SeverityHolder struct {
|
|
||||||
Severity Severity
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severityHolder SeverityHolder) JSONSchemaType() *jsonschema.Type {
|
|
||||||
gotType := &jsonschema.Type{
|
|
||||||
Type: "string",
|
|
||||||
Title: "severity of the template",
|
|
||||||
Description: "Seriousness of the implications of the template",
|
|
||||||
}
|
|
||||||
for _, severity := range GetSupportedSeverities() {
|
|
||||||
gotType.Enum = append(gotType.Enum, severity.String())
|
|
||||||
}
|
|
||||||
return gotType
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severityHolder *SeverityHolder) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|
||||||
var marshalledSeverity string
|
|
||||||
if err := unmarshal(&marshalledSeverity); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
computedSeverity, err := toSeverity(marshalledSeverity)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
severityHolder.Severity = computedSeverity
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severityHolder *SeverityHolder) MarshalJSON() ([]byte, error) {
|
|
||||||
return json.Marshal(severityHolder.Severity.String())
|
|
||||||
}
|
|
||||||
|
|
||||||
func (severityHolder SeverityHolder) MarshalYAML() (interface{}, error) {
|
|
||||||
return severityHolder.Severity.String(), nil
|
|
||||||
}
|
|
|
@ -32,7 +32,7 @@ func RunNucleiAndGetResults(template, url string, debug bool, extra ...string) (
|
||||||
return parts, nil
|
return parts, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
var templateLoaded = regexp.MustCompile(`(?:Templates|Workflows) loaded: (\d+)`)
|
var templateLoaded = regexp.MustCompile(`(?:Templates|Workflows) loaded[^:]*: (\d+)`)
|
||||||
|
|
||||||
// RunNucleiBinaryAndGetLoadedTemplates returns a list of results for a template
|
// RunNucleiBinaryAndGetLoadedTemplates returns a list of results for a template
|
||||||
func RunNucleiBinaryAndGetLoadedTemplates(nucleiBinary string, args []string) (string, error) {
|
func RunNucleiBinaryAndGetLoadedTemplates(nucleiBinary string, args []string) (string, error) {
|
||||||
|
|
|
@ -2,16 +2,17 @@ package testutils
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/logrusorgru/aurora"
|
"github.com/logrusorgru/aurora"
|
||||||
|
"go.uber.org/ratelimit"
|
||||||
|
|
||||||
"github.com/projectdiscovery/gologger/levels"
|
"github.com/projectdiscovery/gologger/levels"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/progress"
|
"github.com/projectdiscovery/nuclei/v2/pkg/progress"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
"github.com/projectdiscovery/nuclei/v2/pkg/types"
|
||||||
"go.uber.org/ratelimit"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Init initializes the protocols and their configurations
|
// Init initializes the protocols and their configurations
|
||||||
|
|
|
@ -4,7 +4,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TagFilter is used to filter nuclei templates for tag based execution
|
// TagFilter is used to filter nuclei templates for tag based execution
|
||||||
|
|
|
@ -5,7 +5,7 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestTagBasedFilter(t *testing.T) {
|
func TestTagBasedFilter(t *testing.T) {
|
||||||
|
|
|
@ -4,9 +4,9 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
|
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader/filter"
|
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader/filter"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
|
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
|
||||||
|
|
|
@ -1,14 +1,8 @@
|
||||||
package model
|
package model
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"fmt"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
"strings"
|
|
||||||
|
|
||||||
"github.com/alecthomas/jsonschema"
|
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Info contains metadata information about a template
|
// Info contains metadata information about a template
|
||||||
|
@ -26,7 +20,7 @@ type Info struct {
|
||||||
// Multiple values can also be specified separated by commas.
|
// Multiple values can also be specified separated by commas.
|
||||||
// examples:
|
// examples:
|
||||||
// - value: "\"<username>\""
|
// - value: "\"<username>\""
|
||||||
Authors StringSlice `json:"author,omitempty" yaml:"author,omitempty" jsonschema:"title=author of the template,description=Author is the author of the template,example=username"`
|
Authors stringslice.StringSlice `json:"author,omitempty" yaml:"author,omitempty" jsonschema:"title=author of the template,description=Author is the author of the template,example=username"`
|
||||||
// description: |
|
// description: |
|
||||||
// Any tags for the template.
|
// Any tags for the template.
|
||||||
//
|
//
|
||||||
|
@ -35,7 +29,7 @@ type Info struct {
|
||||||
// examples:
|
// examples:
|
||||||
// - name: Example tags
|
// - name: Example tags
|
||||||
// value: "\"cve,cve2019,grafana,auth-bypass,dos\""
|
// value: "\"cve,cve2019,grafana,auth-bypass,dos\""
|
||||||
Tags StringSlice `json:"tags,omitempty" yaml:"tags,omitempty" jsonschema:"title=tags of the template,description=Any tags for the template"`
|
Tags stringslice.StringSlice `json:"tags,omitempty" yaml:"tags,omitempty" jsonschema:"title=tags of the template,description=Any tags for the template"`
|
||||||
// description: |
|
// description: |
|
||||||
// Description of the template.
|
// Description of the template.
|
||||||
//
|
//
|
||||||
|
@ -53,7 +47,7 @@ type Info struct {
|
||||||
// examples:
|
// examples:
|
||||||
// - value: >
|
// - value: >
|
||||||
// []string{"https://github.com/strapi/strapi", "https://github.com/getgrav/grav"}
|
// []string{"https://github.com/strapi/strapi", "https://github.com/getgrav/grav"}
|
||||||
Reference StringSlice `json:"reference,omitempty" yaml:"reference,omitempty" jsonschema:"title=references for the template,description=Links relevant to the template"`
|
Reference stringslice.StringSlice `json:"reference,omitempty" yaml:"reference,omitempty" jsonschema:"title=references for the template,description=Links relevant to the template"`
|
||||||
// description: |
|
// description: |
|
||||||
// Severity of the template.
|
// Severity of the template.
|
||||||
//
|
//
|
||||||
|
@ -63,7 +57,7 @@ type Info struct {
|
||||||
// - medium
|
// - medium
|
||||||
// - high
|
// - high
|
||||||
// - critical
|
// - critical
|
||||||
SeverityHolder severity.SeverityHolder `json:"severity,omitempty" yaml:"severity,omitempty"`
|
SeverityHolder severity.Holder `json:"severity,omitempty" yaml:"severity,omitempty"`
|
||||||
// description: |
|
// description: |
|
||||||
// AdditionalFields regarding metadata of the template.
|
// AdditionalFields regarding metadata of the template.
|
||||||
//
|
//
|
||||||
|
@ -72,84 +66,3 @@ type Info struct {
|
||||||
// map[string]string{"customField1":"customValue1"}
|
// map[string]string{"customField1":"customValue1"}
|
||||||
AdditionalFields map[string]string `json:"additional-fields,omitempty" yaml:"additional-fields,omitempty" jsonschema:"title=additional metadata for the template,description=Additional metadata fields for the template"`
|
AdditionalFields map[string]string `json:"additional-fields,omitempty" yaml:"additional-fields,omitempty" jsonschema:"title=additional metadata for the template,description=Additional metadata fields for the template"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// StringSlice represents a single (in-lined) or multiple string value(s).
|
|
||||||
// The unmarshaller does not automatically convert in-lined strings to []string, hence the interface{} type is required.
|
|
||||||
type StringSlice struct {
|
|
||||||
Value interface{}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice StringSlice) JSONSchemaType() *jsonschema.Type {
|
|
||||||
gotType := &jsonschema.Type{
|
|
||||||
OneOf: []*jsonschema.Type{{Type: "string"}, {Type: "array"}},
|
|
||||||
}
|
|
||||||
return gotType
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice *StringSlice) IsEmpty() bool {
|
|
||||||
return len(stringSlice.ToSlice()) == 0
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice StringSlice) ToSlice() []string {
|
|
||||||
switch value := stringSlice.Value.(type) {
|
|
||||||
case string:
|
|
||||||
return []string{value}
|
|
||||||
case []string:
|
|
||||||
return value
|
|
||||||
case nil:
|
|
||||||
return []string{}
|
|
||||||
default:
|
|
||||||
panic(fmt.Sprintf("Unexpected StringSlice type: '%T'", value))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice StringSlice) String() string {
|
|
||||||
return strings.Join(stringSlice.ToSlice(), ", ")
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice *StringSlice) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|
||||||
marshalledSlice, err := marshalStringToSlice(unmarshal)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
result := make([]string, 0, len(marshalledSlice))
|
|
||||||
//nolint:gosimple,nolintlint //cannot be replaced with result = append(result, slices...) because the values are being normalized
|
|
||||||
for _, value := range marshalledSlice {
|
|
||||||
result = append(result, strings.ToLower(strings.TrimSpace(value))) // TODO do we need to introduce RawStringSlice and/or NormalizedStringSlices?
|
|
||||||
}
|
|
||||||
stringSlice.Value = result
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func marshalStringToSlice(unmarshal func(interface{}) error) ([]string, error) {
|
|
||||||
var marshalledValueAsString string
|
|
||||||
var marshalledValuesAsSlice []string
|
|
||||||
|
|
||||||
sliceMarshalError := unmarshal(&marshalledValuesAsSlice)
|
|
||||||
if sliceMarshalError != nil {
|
|
||||||
stringMarshalError := unmarshal(&marshalledValueAsString)
|
|
||||||
if stringMarshalError != nil {
|
|
||||||
return nil, stringMarshalError
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
var result []string
|
|
||||||
if len(marshalledValuesAsSlice) > 0 {
|
|
||||||
result = marshalledValuesAsSlice
|
|
||||||
} else if utils.IsNotBlank(marshalledValueAsString) {
|
|
||||||
result = strings.Split(marshalledValueAsString, ",")
|
|
||||||
} else {
|
|
||||||
result = []string{}
|
|
||||||
}
|
|
||||||
|
|
||||||
return result, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice StringSlice) MarshalYAML() (interface{}, error) {
|
|
||||||
return stringSlice.Value, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (stringSlice StringSlice) MarshalJSON() ([]byte, error) {
|
|
||||||
return json.Marshal(stringSlice.Value)
|
|
||||||
}
|
|
||||||
|
|
|
@ -5,20 +5,22 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
|
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestInfoJsonMarshal(t *testing.T) {
|
func TestInfoJsonMarshal(t *testing.T) {
|
||||||
info := Info{
|
info := Info{
|
||||||
Name: "Test Template Name",
|
Name: "Test Template Name",
|
||||||
Authors: StringSlice{[]string{"forgedhallpass", "ice3man"}},
|
Authors: stringslice.StringSlice{Value: []string{"forgedhallpass", "ice3man"}},
|
||||||
Description: "Test description",
|
Description: "Test description",
|
||||||
SeverityHolder: severity.SeverityHolder{Severity: severity.High},
|
SeverityHolder: severity.Holder{Severity: severity.High},
|
||||||
Tags: StringSlice{[]string{"cve", "misc"}},
|
Tags: stringslice.StringSlice{Value: []string{"cve", "misc"}},
|
||||||
Reference: StringSlice{"reference1"},
|
Reference: stringslice.StringSlice{Value: "reference1"},
|
||||||
}
|
}
|
||||||
|
|
||||||
result, err := json.Marshal(&info)
|
result, err := json.Marshal(&info)
|
||||||
|
@ -31,11 +33,11 @@ func TestInfoJsonMarshal(t *testing.T) {
|
||||||
func TestInfoYamlMarshal(t *testing.T) {
|
func TestInfoYamlMarshal(t *testing.T) {
|
||||||
info := Info{
|
info := Info{
|
||||||
Name: "Test Template Name",
|
Name: "Test Template Name",
|
||||||
Authors: StringSlice{[]string{"forgedhallpass", "ice3man"}},
|
Authors: stringslice.StringSlice{Value: []string{"forgedhallpass", "ice3man"}},
|
||||||
Description: "Test description",
|
Description: "Test description",
|
||||||
SeverityHolder: severity.SeverityHolder{Severity: severity.High},
|
SeverityHolder: severity.Holder{Severity: severity.High},
|
||||||
Tags: StringSlice{[]string{"cve", "misc"}},
|
Tags: stringslice.StringSlice{Value: []string{"cve", "misc"}},
|
||||||
Reference: StringSlice{"reference1"},
|
Reference: stringslice.StringSlice{Value: "reference1"},
|
||||||
}
|
}
|
||||||
|
|
||||||
result, err := yaml.Marshal(&info)
|
result, err := yaml.Marshal(&info)
|
||||||
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
package severity
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/projectdiscovery/goflags"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Severities used by the goflags library for parsing an array of Severity types, passed as CLI arguments from the user
|
||||||
|
type Severities []Severity
|
||||||
|
|
||||||
|
func (severities *Severities) Set(values string) error {
|
||||||
|
inputSeverities, err := goflags.ToNormalizedStringSlice(values)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, inputSeverity := range inputSeverities {
|
||||||
|
if err := setSeverity(severities, inputSeverity); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severities *Severities) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||||
|
var stringSliceValue stringslice.StringSlice
|
||||||
|
if err := unmarshal(&stringSliceValue); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
stringSLice := stringSliceValue.ToSlice()
|
||||||
|
var result = make(Severities, 0, len(stringSLice))
|
||||||
|
for _, severityString := range stringSLice {
|
||||||
|
if err := setSeverity(&result, severityString); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*severities = result
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severities Severities) String() string {
|
||||||
|
var stringSeverities []string
|
||||||
|
for _, severity := range severities {
|
||||||
|
stringSeverities = append(stringSeverities, severity.String())
|
||||||
|
}
|
||||||
|
return strings.Join(stringSeverities, ", ")
|
||||||
|
}
|
||||||
|
|
||||||
|
func setSeverity(severities *Severities, value string) error {
|
||||||
|
computedSeverity, err := toSeverity(value)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("'%s' is not a valid severity", value)
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO change the Severities type to map[Severity]interface{}, where the values are struct{}{}, to "simulates" a "set" data structure
|
||||||
|
*severities = append(*severities, computedSeverity)
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -0,0 +1,53 @@
|
||||||
|
package severity
|
||||||
|
|
||||||
|
import (
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/pkg/errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Severity int
|
||||||
|
|
||||||
|
const (
|
||||||
|
Undefined Severity = iota
|
||||||
|
Info
|
||||||
|
Low
|
||||||
|
Medium
|
||||||
|
High
|
||||||
|
Critical
|
||||||
|
limit
|
||||||
|
)
|
||||||
|
|
||||||
|
var severityMappings = map[Severity]string{
|
||||||
|
Info: "info",
|
||||||
|
Low: "low",
|
||||||
|
Medium: "medium",
|
||||||
|
High: "high",
|
||||||
|
Critical: "critical",
|
||||||
|
}
|
||||||
|
|
||||||
|
func GetSupportedSeverities() Severities {
|
||||||
|
var result []Severity
|
||||||
|
for index := Severity(1); index < limit; index++ {
|
||||||
|
result = append(result, index)
|
||||||
|
}
|
||||||
|
return result
|
||||||
|
}
|
||||||
|
|
||||||
|
func toSeverity(valueToMap string) (Severity, error) {
|
||||||
|
normalizedValue := normalizeValue(valueToMap)
|
||||||
|
for key, currentValue := range severityMappings {
|
||||||
|
if normalizedValue == currentValue {
|
||||||
|
return key, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return -1, errors.New("Invalid severity: " + valueToMap)
|
||||||
|
}
|
||||||
|
|
||||||
|
func normalizeValue(value string) string {
|
||||||
|
return strings.TrimSpace(strings.ToLower(value))
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severity Severity) String() string {
|
||||||
|
return severityMappings[severity]
|
||||||
|
}
|
|
@ -0,0 +1,48 @@
|
||||||
|
package severity
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
|
||||||
|
"github.com/alecthomas/jsonschema"
|
||||||
|
)
|
||||||
|
|
||||||
|
//nolint:exported,revive //prefer to be explicit about the name, and make it refactor-safe
|
||||||
|
// Holder holds a Severity type. Required for un/marshalling purposes
|
||||||
|
type Holder struct {
|
||||||
|
Severity Severity
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severityHolder Holder) JSONSchemaType() *jsonschema.Type {
|
||||||
|
gotType := &jsonschema.Type{
|
||||||
|
Type: "string",
|
||||||
|
Title: "severity of the template",
|
||||||
|
Description: "Seriousness of the implications of the template",
|
||||||
|
}
|
||||||
|
for _, severity := range GetSupportedSeverities() {
|
||||||
|
gotType.Enum = append(gotType.Enum, severity.String())
|
||||||
|
}
|
||||||
|
return gotType
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severityHolder *Holder) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||||
|
var marshalledSeverity string
|
||||||
|
if err := unmarshal(&marshalledSeverity); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
computedSeverity, err := toSeverity(marshalledSeverity)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
severityHolder.Severity = computedSeverity
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severityHolder *Holder) MarshalJSON() ([]byte, error) {
|
||||||
|
return json.Marshal(severityHolder.Severity.String())
|
||||||
|
}
|
||||||
|
|
||||||
|
func (severityHolder Holder) MarshalYAML() (interface{}, error) {
|
||||||
|
return severityHolder.Severity.String(), nil
|
||||||
|
}
|
|
@ -13,7 +13,7 @@ func TestYamlUnmarshal(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestYamlMarshal(t *testing.T) {
|
func TestYamlMarshal(t *testing.T) {
|
||||||
severity := SeverityHolder{Severity: High}
|
severity := Holder{Severity: High}
|
||||||
|
|
||||||
marshalled, err := severity.MarshalYAML()
|
marshalled, err := severity.MarshalYAML()
|
||||||
assert.Nil(t, err, "could not marshal yaml")
|
assert.Nil(t, err, "could not marshal yaml")
|
||||||
|
@ -51,8 +51,8 @@ func testUnmarshalFail(t *testing.T, unmarshaller func(data []byte, v interface{
|
||||||
assert.Panics(t, func() { unmarshal(payloadCreator("invalid"), unmarshaller) })
|
assert.Panics(t, func() { unmarshal(payloadCreator("invalid"), unmarshaller) })
|
||||||
}
|
}
|
||||||
|
|
||||||
func unmarshal(value string, unmarshaller func(data []byte, v interface{}) error) SeverityHolder {
|
func unmarshal(value string, unmarshaller func(data []byte, v interface{}) error) Holder {
|
||||||
severityStruct := SeverityHolder{}
|
severityStruct := Holder{}
|
||||||
var err = unmarshaller([]byte(value), &severityStruct)
|
var err = unmarshaller([]byte(value), &severityStruct)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
|
@ -0,0 +1,92 @@
|
||||||
|
package stringslice
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/alecthomas/jsonschema"
|
||||||
|
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
|
||||||
|
)
|
||||||
|
|
||||||
|
// StringSlice represents a single (in-lined) or multiple string value(s).
|
||||||
|
// The unmarshaller does not automatically convert in-lined strings to []string, hence the interface{} type is required.
|
||||||
|
type StringSlice struct {
|
||||||
|
Value interface{}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice StringSlice) JSONSchemaType() *jsonschema.Type {
|
||||||
|
gotType := &jsonschema.Type{
|
||||||
|
OneOf: []*jsonschema.Type{{Type: "string"}, {Type: "array"}},
|
||||||
|
}
|
||||||
|
return gotType
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice *StringSlice) IsEmpty() bool {
|
||||||
|
return len(stringSlice.ToSlice()) == 0
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice StringSlice) ToSlice() []string {
|
||||||
|
switch value := stringSlice.Value.(type) {
|
||||||
|
case string:
|
||||||
|
return []string{value}
|
||||||
|
case []string:
|
||||||
|
return value
|
||||||
|
case nil:
|
||||||
|
return []string{}
|
||||||
|
default:
|
||||||
|
panic(fmt.Sprintf("Unexpected StringSlice type: '%T'", value))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice StringSlice) String() string {
|
||||||
|
return strings.Join(stringSlice.ToSlice(), ", ")
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice *StringSlice) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
||||||
|
marshalledSlice, err := marshalStringToSlice(unmarshal)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
result := make([]string, 0, len(marshalledSlice))
|
||||||
|
//nolint:gosimple,nolintlint //cannot be replaced with result = append(result, slices...) because the values are being normalized
|
||||||
|
for _, value := range marshalledSlice {
|
||||||
|
result = append(result, strings.ToLower(strings.TrimSpace(value))) // TODO do we need to introduce RawStringSlice and/or NormalizedStringSlices?
|
||||||
|
}
|
||||||
|
stringSlice.Value = result
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice StringSlice) MarshalYAML() (interface{}, error) {
|
||||||
|
return stringSlice.Value, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (stringSlice StringSlice) MarshalJSON() ([]byte, error) {
|
||||||
|
return json.Marshal(stringSlice.Value)
|
||||||
|
}
|
||||||
|
|
||||||
|
func marshalStringToSlice(unmarshal func(interface{}) error) ([]string, error) {
|
||||||
|
var marshalledValueAsString string
|
||||||
|
var marshalledValuesAsSlice []string
|
||||||
|
|
||||||
|
sliceMarshalError := unmarshal(&marshalledValuesAsSlice)
|
||||||
|
if sliceMarshalError != nil {
|
||||||
|
stringMarshalError := unmarshal(&marshalledValueAsString)
|
||||||
|
if stringMarshalError != nil {
|
||||||
|
return nil, stringMarshalError
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var result []string
|
||||||
|
if len(marshalledValuesAsSlice) > 0 {
|
||||||
|
result = marshalledValuesAsSlice
|
||||||
|
} else if utils.IsNotBlank(marshalledValueAsString) {
|
||||||
|
result = strings.Split(marshalledValueAsString, ",")
|
||||||
|
} else {
|
||||||
|
result = []string{}
|
||||||
|
}
|
||||||
|
|
||||||
|
return result, nil
|
||||||
|
}
|
|
@ -13,8 +13,8 @@ import (
|
||||||
|
|
||||||
"github.com/projectdiscovery/interactsh/pkg/server"
|
"github.com/projectdiscovery/interactsh/pkg/server"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/colorizer"
|
"github.com/projectdiscovery/nuclei/v2/internal/colorizer"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -2,10 +2,6 @@
|
||||||
|
|
||||||
package generators
|
package generators
|
||||||
|
|
||||||
import (
|
|
||||||
"errors"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Generator is the generator struct for generating payloads
|
// Generator is the generator struct for generating payloads
|
||||||
type Generator struct {
|
type Generator struct {
|
||||||
Type Type
|
Type Type
|
||||||
|
@ -45,16 +41,6 @@ func New(payloads map[string]interface{}, payloadType Type, templatePath string)
|
||||||
generator.Type = payloadType
|
generator.Type = payloadType
|
||||||
generator.payloads = compiled
|
generator.payloads = compiled
|
||||||
|
|
||||||
// Validate the payload types
|
|
||||||
if payloadType == PitchFork {
|
|
||||||
var totalLength int
|
|
||||||
for v := range compiled {
|
|
||||||
if totalLength != 0 && totalLength != len(compiled[v]) {
|
|
||||||
return nil, errors.New("pitchfork payloads must be of equal number")
|
|
||||||
}
|
|
||||||
totalLength = len(compiled[v])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return generator, nil
|
return generator, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,6 +93,11 @@ func (i *Iterator) Total() int {
|
||||||
}
|
}
|
||||||
case PitchFork:
|
case PitchFork:
|
||||||
count = len(i.payloads[0].values)
|
count = len(i.payloads[0].values)
|
||||||
|
for _, p := range i.payloads {
|
||||||
|
if count > len(p.values) {
|
||||||
|
count = len(p.values)
|
||||||
|
}
|
||||||
|
}
|
||||||
case ClusterBomb:
|
case ClusterBomb:
|
||||||
count = 1
|
count = 1
|
||||||
for _, p := range i.payloads {
|
for _, p := range i.payloads {
|
||||||
|
|
|
@ -27,7 +27,7 @@ func TestSniperGenerator(t *testing.T) {
|
||||||
|
|
||||||
func TestPitchforkGenerator(t *testing.T) {
|
func TestPitchforkGenerator(t *testing.T) {
|
||||||
usernames := []string{"admin", "token"}
|
usernames := []string{"admin", "token"}
|
||||||
passwords := []string{"admin", "password"}
|
passwords := []string{"password1", "password2", "password3"}
|
||||||
|
|
||||||
generator, err := New(map[string]interface{}{"username": usernames, "password": passwords}, PitchFork, "")
|
generator, err := New(map[string]interface{}{"username": usernames, "password": passwords}, PitchFork, "")
|
||||||
require.Nil(t, err, "could not create generator")
|
require.Nil(t, err, "could not create generator")
|
||||||
|
@ -43,7 +43,7 @@ func TestPitchforkGenerator(t *testing.T) {
|
||||||
require.Contains(t, usernames, value["username"], "Could not get correct pitchfork username")
|
require.Contains(t, usernames, value["username"], "Could not get correct pitchfork username")
|
||||||
require.Contains(t, passwords, value["password"], "Could not get correct pitchfork password")
|
require.Contains(t, passwords, value["password"], "Could not get correct pitchfork password")
|
||||||
}
|
}
|
||||||
require.Equal(t, len(passwords), count, "could not get correct pitchfork counts")
|
require.Equal(t, len(usernames), count, "could not get correct pitchfork counts")
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestClusterbombGenerator(t *testing.T) {
|
func TestClusterbombGenerator(t *testing.T) {
|
||||||
|
|
|
@ -58,6 +58,8 @@ func gadgetEncodingHelper(returnData []byte, encoding string) string {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
return urlsafeBase64Encode(buffer.Bytes())
|
return urlsafeBase64Encode(buffer.Bytes())
|
||||||
|
case "base64-raw":
|
||||||
|
return base64.StdEncoding.EncodeToString(returnData)
|
||||||
default:
|
default:
|
||||||
return urlsafeBase64Encode(returnData)
|
return urlsafeBase64Encode(returnData)
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,6 +49,8 @@ var (
|
||||||
type Options struct {
|
type Options struct {
|
||||||
// ServerURL is the URL of the interactsh server.
|
// ServerURL is the URL of the interactsh server.
|
||||||
ServerURL string
|
ServerURL string
|
||||||
|
// Authorization is the Authorization header value
|
||||||
|
Authorization string
|
||||||
// CacheSize is the numbers of requests to keep track of at a time.
|
// CacheSize is the numbers of requests to keep track of at a time.
|
||||||
// Older items are discarded in LRU manner in favor of new requests.
|
// Older items are discarded in LRU manner in favor of new requests.
|
||||||
CacheSize int64
|
CacheSize int64
|
||||||
|
@ -81,6 +83,7 @@ func New(options *Options) (*Client, error) {
|
||||||
|
|
||||||
interactsh, err := client.New(&client.Options{
|
interactsh, err := client.New(&client.Options{
|
||||||
ServerURL: options.ServerURL,
|
ServerURL: options.ServerURL,
|
||||||
|
Token: options.Authorization,
|
||||||
PersistentSession: false,
|
PersistentSession: false,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestDNSCompileMake(t *testing.T) {
|
func TestDNSCompileMake(t *testing.T) {
|
||||||
|
@ -25,7 +25,7 @@ func TestDNSCompileMake(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
|
|
@ -8,9 +8,9 @@ import (
|
||||||
"github.com/miekg/dns"
|
"github.com/miekg/dns"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -32,7 +32,7 @@ func TestResponseToDSLMap(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
@ -64,7 +64,7 @@ func TestDNSOperatorMatch(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
@ -147,7 +147,7 @@ func TestDNSOperatorExtract(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
@ -217,7 +217,7 @@ func TestDNSMakeResult(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -42,7 +42,7 @@ func TestDNSExecuteWithResults(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile dns request")
|
require.Nil(t, err, "could not compile dns request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestFileCompile(t *testing.T) {
|
func TestFileCompile(t *testing.T) {
|
||||||
|
@ -24,7 +24,7 @@ func TestFileCompile(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
|
|
@ -8,9 +8,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestFindInputPaths(t *testing.T) {
|
func TestFindInputPaths(t *testing.T) {
|
||||||
|
@ -27,7 +27,7 @@ func TestFindInputPaths(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -28,7 +28,7 @@ func TestResponseToDSLMap(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -53,7 +53,7 @@ func TestFileOperatorMatch(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -118,7 +118,7 @@ func TestFileOperatorExtract(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -183,7 +183,7 @@ func TestFileMakeResult(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
|
|
@ -6,14 +6,15 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
||||||
"github.com/stretchr/testify/require"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestFileExecuteWithResults(t *testing.T) {
|
func TestFileExecuteWithResults(t *testing.T) {
|
||||||
|
@ -43,7 +44,7 @@ func TestFileExecuteWithResults(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
|
|
@ -4,10 +4,11 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestBaseURLWithTemplatePrefs(t *testing.T) {
|
func TestBaseURLWithTemplatePrefs(t *testing.T) {
|
||||||
|
@ -77,7 +78,7 @@ func TestMakeRequestFromModal(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile http request")
|
require.Nil(t, err, "could not compile http request")
|
||||||
|
@ -104,7 +105,7 @@ func TestMakeRequestFromModalTrimSuffixSlash(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile http request")
|
require.Nil(t, err, "could not compile http request")
|
||||||
|
@ -142,7 +143,7 @@ Accept-Encoding: gzip`},
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile http request")
|
require.Nil(t, err, "could not compile http request")
|
||||||
|
@ -181,7 +182,7 @@ Accept-Encoding: gzip`},
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile http request")
|
require.Nil(t, err, "could not compile http request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestHTTPCompile(t *testing.T) {
|
func TestHTTPCompile(t *testing.T) {
|
||||||
|
@ -32,7 +32,7 @@ Accept-Encoding: gzip`},
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile http request")
|
require.Nil(t, err, "could not compile http request")
|
||||||
|
|
|
@ -7,9 +7,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -29,7 +29,7 @@ func TestResponseToDSLMap(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -59,7 +59,7 @@ func TestHTTPOperatorMatch(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -129,7 +129,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
@ -240,7 +240,7 @@ func TestHTTPMakeResult(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile file request")
|
require.Nil(t, err, "could not compile file request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestNetworkCompileMake(t *testing.T) {
|
func TestNetworkCompileMake(t *testing.T) {
|
||||||
|
@ -23,7 +23,7 @@ func TestNetworkCompileMake(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
|
|
@ -5,9 +5,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -27,7 +27,7 @@ func TestResponseToDSLMap(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
@ -52,7 +52,7 @@ func TestNetworkOperatorMatch(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
@ -115,7 +115,7 @@ func TestNetworkOperatorExtract(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
@ -178,7 +178,7 @@ func TestNetworkMakeResult(t *testing.T) {
|
||||||
}
|
}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
|
|
@ -10,9 +10,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -55,7 +55,7 @@ func TestNetworkExecuteWithResults(t *testing.T) {
|
||||||
request.Inputs = append(request.Inputs, &Input{Data: fmt.Sprintf("GET / HTTP/1.1\r\nHost: %s\r\n\r\n", parsed.Host)})
|
request.Inputs = append(request.Inputs, &Input{Data: fmt.Sprintf("GET / HTTP/1.1\r\nHost: %s\r\n\r\n", parsed.Host)})
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
err = request.Compile(executerOpts)
|
err = request.Compile(executerOpts)
|
||||||
require.Nil(t, err, "could not compile network request")
|
require.Nil(t, err, "could not compile network request")
|
||||||
|
|
|
@ -8,9 +8,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -22,7 +22,7 @@ func TestFindResponses(t *testing.T) {
|
||||||
request := &Request{}
|
request := &Request{}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
executerOpts.Operators = []*operators.Operators{{}}
|
executerOpts.Operators = []*operators.Operators{{}}
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
|
|
|
@ -7,9 +7,9 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
"github.com/projectdiscovery/nuclei/v2/internal/testutils"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -24,7 +24,7 @@ func TestResponseToDSLMap(t *testing.T) {
|
||||||
request := &Request{}
|
request := &Request{}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
executerOpts.Operators = []*operators.Operators{{}}
|
executerOpts.Operators = []*operators.Operators{{}}
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
|
@ -50,7 +50,7 @@ func TestHTTPOperatorMatch(t *testing.T) {
|
||||||
request := &Request{}
|
request := &Request{}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
executerOpts.Operators = []*operators.Operators{{}}
|
executerOpts.Operators = []*operators.Operators{{}}
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
|
@ -116,7 +116,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
|
||||||
request := &Request{}
|
request := &Request{}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
executerOpts.Operators = []*operators.Operators{{}}
|
executerOpts.Operators = []*operators.Operators{{}}
|
||||||
err := request.Compile(executerOpts)
|
err := request.Compile(executerOpts)
|
||||||
|
@ -169,7 +169,7 @@ func TestHTTPMakeResult(t *testing.T) {
|
||||||
request := &Request{}
|
request := &Request{}
|
||||||
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
|
||||||
ID: templateID,
|
ID: templateID,
|
||||||
Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
|
Info: model.Info{SeverityHolder: severity.Holder{Severity: severity.Low}, Name: "test"},
|
||||||
})
|
})
|
||||||
executerOpts.Operators = []*operators.Operators{{
|
executerOpts.Operators = []*operators.Operators{{
|
||||||
Matchers: []*matchers.Matcher{{
|
Matchers: []*matchers.Matcher{{
|
||||||
|
|
|
@ -11,7 +11,7 @@ import (
|
||||||
"github.com/owenrumney/go-sarif/sarif"
|
"github.com/owenrumney/go-sarif/sarif"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/format"
|
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/format"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
|
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
|
||||||
|
|
|
@ -6,18 +6,19 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestToMarkdownTableString(t *testing.T) {
|
func TestToMarkdownTableString(t *testing.T) {
|
||||||
info := model.Info{
|
info := model.Info{
|
||||||
Name: "Test Template Name",
|
Name: "Test Template Name",
|
||||||
Authors: model.StringSlice{Value: []string{"forgedhallpass", "ice3man"}},
|
Authors: stringslice.StringSlice{Value: []string{"forgedhallpass", "ice3man"}},
|
||||||
Description: "Test description",
|
Description: "Test description",
|
||||||
SeverityHolder: severity.SeverityHolder{Severity: severity.High},
|
SeverityHolder: severity.Holder{Severity: severity.High},
|
||||||
Tags: model.StringSlice{Value: []string{"cve", "misc"}},
|
Tags: stringslice.StringSlice{Value: []string{"cve", "misc"}},
|
||||||
Reference: model.StringSlice{Value: "reference1"},
|
Reference: stringslice.StringSlice{Value: "reference1"},
|
||||||
AdditionalFields: map[string]string{
|
AdditionalFields: map[string]string{
|
||||||
"customDynamicKey1": "customDynamicValue1",
|
"customDynamicKey1": "customDynamicValue1",
|
||||||
"customDynamicKey2": "customDynamicValue2",
|
"customDynamicKey2": "customDynamicValue2",
|
||||||
|
|
|
@ -6,8 +6,8 @@ import (
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"go.uber.org/multierr"
|
"go.uber.org/multierr"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
"github.com/projectdiscovery/nuclei/v2/pkg/output"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/dedupe"
|
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/dedupe"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/disk"
|
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/disk"
|
||||||
|
@ -41,8 +41,8 @@ type Options struct {
|
||||||
// Filter filters the received event and decides whether to perform
|
// Filter filters the received event and decides whether to perform
|
||||||
// reporting for it or not.
|
// reporting for it or not.
|
||||||
type Filter struct {
|
type Filter struct {
|
||||||
Severities severity.Severities `yaml:"severity"`
|
Severities severity.Severities `yaml:"severity"`
|
||||||
Tags model.StringSlice `yaml:"tags"`
|
Tags stringslice.StringSlice `yaml:"tags"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetMatch returns true if a filter matches result event
|
// GetMatch returns true if a filter matches result event
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
// Package templates
|
||||||
// This Source Code Form is subject to the terms of the Mozilla Public
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
|
// Package templates
|
||||||
//nolint //do not lint as examples with no usage
|
//nolint //do not lint as examples with no usage
|
||||||
package templates
|
package templates
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
|
||||||
|
@ -16,10 +18,10 @@ import (
|
||||||
var (
|
var (
|
||||||
exampleInfoStructure = model.Info{
|
exampleInfoStructure = model.Info{
|
||||||
Name: "Argument Injection in Ruby Dragonfly",
|
Name: "Argument Injection in Ruby Dragonfly",
|
||||||
Authors: model.StringSlice{"0xspara"},
|
Authors: stringslice.StringSlice{Value: "0xspara"},
|
||||||
SeverityHolder: severity.SeverityHolder{severity.High},
|
SeverityHolder: severity.Holder{Severity: severity.High},
|
||||||
Reference: model.StringSlice{"https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/"},
|
Reference: stringslice.StringSlice{Value: "https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/"},
|
||||||
Tags: model.StringSlice{"cve,cve2021,rce,ruby"},
|
Tags: stringslice.StringSlice{Value: "cve,cve2021,rce,ruby"},
|
||||||
}
|
}
|
||||||
exampleNormalHTTPRequest = &http.Request{
|
exampleNormalHTTPRequest = &http.Request{
|
||||||
Method: "GET",
|
Method: "GET",
|
||||||
|
|
|
@ -7,7 +7,7 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
// JSONScalarToString converts an interface coming from json to string
|
// JSONScalarToString converts an interface coming from json to string
|
||||||
|
@ -62,7 +62,7 @@ func ToString(data interface{}) string {
|
||||||
return strconv.FormatUint(uint64(s), 10)
|
return strconv.FormatUint(uint64(s), 10)
|
||||||
case []byte:
|
case []byte:
|
||||||
return string(s)
|
return string(s)
|
||||||
case severity.SeverityHolder:
|
case severity.Holder:
|
||||||
return s.Severity.String()
|
return s.Severity.String()
|
||||||
case severity.Severity:
|
case severity.Severity:
|
||||||
return s.String()
|
return s.String()
|
||||||
|
|
|
@ -2,7 +2,7 @@ package types
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/projectdiscovery/goflags"
|
"github.com/projectdiscovery/goflags"
|
||||||
"github.com/projectdiscovery/nuclei/v2/internal/severity"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Options contains the configuration options for nuclei scanner.
|
// Options contains the configuration options for nuclei scanner.
|
||||||
|
@ -37,6 +37,8 @@ type Options struct {
|
||||||
ProjectPath string
|
ProjectPath string
|
||||||
// InteractshURL is the URL for the interactsh server.
|
// InteractshURL is the URL for the interactsh server.
|
||||||
InteractshURL string
|
InteractshURL string
|
||||||
|
// Interactsh Authorization header value for self-hosted servers
|
||||||
|
InteractshToken string
|
||||||
// Target URLs/Domains to scan using a template
|
// Target URLs/Domains to scan using a template
|
||||||
Targets goflags.StringSlice
|
Targets goflags.StringSlice
|
||||||
// TargetsFilePath specifies the targets from a file to scan using templates.
|
// TargetsFilePath specifies the targets from a file to scan using templates.
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package workflows
|
package workflows
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/model"
|
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
|
||||||
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ type WorkflowTemplate struct {
|
||||||
Template string `yaml:"template,omitempty" jsonschema:"title=template/directory to execute,description=Template or directory to execute as part of workflow"`
|
Template string `yaml:"template,omitempty" jsonschema:"title=template/directory to execute,description=Template or directory to execute as part of workflow"`
|
||||||
// description: |
|
// description: |
|
||||||
// Tags to run templates based on.
|
// Tags to run templates based on.
|
||||||
Tags model.StringSlice `yaml:"tags,omitempty" jsonschema:"title=tags to execute,description=Tags to run template based on"`
|
Tags stringslice.StringSlice `yaml:"tags,omitempty" jsonschema:"title=tags to execute,description=Tags to run template based on"`
|
||||||
// description: |
|
// description: |
|
||||||
// Matchers perform name based matching to run subtemplates for a workflow.
|
// Matchers perform name based matching to run subtemplates for a workflow.
|
||||||
Matchers []*Matcher `yaml:"matchers,omitempty" jsonschema:"title=name based template result matchers,description=Matchers perform name based matching to run subtemplates for a workflow"`
|
Matchers []*Matcher `yaml:"matchers,omitempty" jsonschema:"title=name based template result matchers,description=Matchers perform name based matching to run subtemplates for a workflow"`
|
||||||
|
|
Loading…
Reference in New Issue