From 6330dd910a306aba2c4b86af924180371a05003a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 9 Jun 2023 00:23:32 +0000 Subject: [PATCH] Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] :robot: --- SYNTAX-REFERENCE.md | 15 ++++ nuclei-jsonschema.json | 140 ++++++++++++++++-------------- v2/pkg/templates/templates_doc.go | 11 ++- 3 files changed, 99 insertions(+), 67 deletions(-) diff --git a/SYNTAX-REFERENCE.md b/SYNTAX-REFERENCE.md index da73e9a3..3ef0d549 100755 --- a/SYNTAX-REFERENCE.md +++ b/SYNTAX-REFERENCE.md @@ -1585,6 +1585,8 @@ Appears in: - http.Request.fuzzing +- headless.Request.fuzzing + @@ -2717,6 +2719,19 @@ StopAtFirstMatch stops the execution of the requests and template as soon as a m
+
+ +fuzzing []fuzz.Rule + +
+
+ +Fuzzing describes schema to fuzz headless requests + +
+ +
+ diff --git a/nuclei-jsonschema.json b/nuclei-jsonschema.json index cccc49b2..025c74af 100644 --- a/nuclei-jsonschema.json +++ b/nuclei-jsonschema.json @@ -372,6 +372,72 @@ "title": "type of the matcher", "description": "Type of the matcher" }, + "fuzz.Rule": { + "properties": { + "type": { + "enum": [ + "replace", + "prefix", + "postfix", + "infix" + ], + "type": "string", + "title": "type of rule", + "description": "Type of fuzzing rule to perform" + }, + "part": { + "enum": [ + "query" + ], + "type": "string", + "title": "part of rule", + "description": "Part of request rule to fuzz" + }, + "mode": { + "enum": [ + "single", + "multiple" + ], + "type": "string", + "title": "mode of rule", + "description": "Mode of request rule to fuzz" + }, + "keys": { + "items": { + "type": "string" + }, + "type": "array", + "title": "keys of parameters to fuzz", + "description": "Keys of parameters to fuzz" + }, + "keys-regex": { + "items": { + "type": "string" + }, + "type": "array", + "title": "keys regex to fuzz", + "description": "Regex of parameter keys to fuzz" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "title": "values regex to fuzz", + "description": "Regex of parameter values to fuzz" + }, + "fuzz": { + "items": { + "type": "string" + }, + "type": "array", + "title": "payloads of fuzz rule", + "description": "Payloads to perform fuzzing substitutions with" + } + }, + "additionalProperties": false, + "type": "object" + }, "generators.AttackTypeHolder": { "enum": [ "batteringram", @@ -653,6 +719,14 @@ "type": "string", "title": "condition between the matchers", "description": "Conditions between the matchers" + }, + "fuzzing": { + "items": { + "$ref": "#/definitions/fuzz.Rule" + }, + "type": "array", + "title": "fuzzin rules for http fuzzing", + "description": "Fuzzing describes rule schema to fuzz headless requests" } }, "additionalProperties": false, @@ -953,72 +1027,6 @@ "title": "type of the signature", "description": "Type of the signature" }, - "fuzz.Rule": { - "properties": { - "type": { - "enum": [ - "replace", - "prefix", - "postfix", - "infix" - ], - "type": "string", - "title": "type of rule", - "description": "Type of fuzzing rule to perform" - }, - "part": { - "enum": [ - "query" - ], - "type": "string", - "title": "part of rule", - "description": "Part of request rule to fuzz" - }, - "mode": { - "enum": [ - "single", - "multiple" - ], - "type": "string", - "title": "mode of rule", - "description": "Mode of request rule to fuzz" - }, - "keys": { - "items": { - "type": "string" - }, - "type": "array", - "title": "keys of parameters to fuzz", - "description": "Keys of parameters to fuzz" - }, - "keys-regex": { - "items": { - "type": "string" - }, - "type": "array", - "title": "keys regex to fuzz", - "description": "Regex of parameter keys to fuzz" - }, - "values": { - "items": { - "type": "string" - }, - "type": "array", - "title": "values regex to fuzz", - "description": "Regex of parameter values to fuzz" - }, - "fuzz": { - "items": { - "type": "string" - }, - "type": "array", - "title": "payloads of fuzz rule", - "description": "Payloads to perform fuzzing substitutions with" - } - }, - "additionalProperties": false, - "type": "object" - }, "network.Input": { "properties": { "data": { diff --git a/v2/pkg/templates/templates_doc.go b/v2/pkg/templates/templates_doc.go index 69466296..2901e26d 100644 --- a/v2/pkg/templates/templates_doc.go +++ b/v2/pkg/templates/templates_doc.go @@ -677,6 +677,10 @@ func init() { TypeName: "http.Request", FieldName: "fuzzing", }, + { + TypeName: "headless.Request", + FieldName: "fuzzing", + }, } FUZZRuleDoc.Fields = make([]encoder.Doc, 7) FUZZRuleDoc.Fields[0].Name = "type" @@ -1203,7 +1207,7 @@ func init() { Value: "Headless response received from client (default)", }, } - HEADLESSRequestDoc.Fields = make([]encoder.Doc, 7) + HEADLESSRequestDoc.Fields = make([]encoder.Doc, 8) HEADLESSRequestDoc.Fields[0].Name = "id" HEADLESSRequestDoc.Fields[0].Type = "string" HEADLESSRequestDoc.Fields[0].Note = "" @@ -1239,6 +1243,11 @@ func init() { HEADLESSRequestDoc.Fields[6].Note = "" HEADLESSRequestDoc.Fields[6].Description = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." HEADLESSRequestDoc.Fields[6].Comments[encoder.LineComment] = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." + HEADLESSRequestDoc.Fields[7].Name = "fuzzing" + HEADLESSRequestDoc.Fields[7].Type = "[]fuzz.Rule" + HEADLESSRequestDoc.Fields[7].Note = "" + HEADLESSRequestDoc.Fields[7].Description = "Fuzzing describes schema to fuzz headless requests" + HEADLESSRequestDoc.Fields[7].Comments[encoder.LineComment] = " Fuzzing describes schema to fuzz headless requests" ENGINEActionDoc.Type = "engine.Action" ENGINEActionDoc.Comments[encoder.LineComment] = " Action is an action taken by the browser to reach a navigation"