mirror of https://github.com/daffainfo/nuclei.git
Add support to query DNS TLSA record (#3054)
* Add support to query DNS TLSA record * fix build test * fix ci-lint * set expected to 0 * test domain update Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>dev
Taufik Mulyana
GitHub
parent
1508991b50
commit
7093180b6d
|
|
@ -0,0 +1,22 @@
|
|||
id: tlsa-fingerprinting
|
||||
|
||||
info:
|
||||
name: TLSA Fingerprint
|
||||
author: pdteam
|
||||
severity: info
|
||||
tags: dns,tlsa
|
||||
|
||||
dns:
|
||||
- name: "{{FQDN}}"
|
||||
type: TLSA
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "IN\tTLSA"
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- "IN\tTLSA\t(.+)"
|
||||
|
|
@ -8,6 +8,7 @@ var dnsTestCases = map[string]testutils.TestCase{
|
|||
"dns/basic.yaml": &dnsBasic{},
|
||||
"dns/ptr.yaml": &dnsPtr{},
|
||||
"dns/caa.yaml": &dnsCAA{},
|
||||
"dns/tlsa.yaml": &dnsTLSA{},
|
||||
"dns/variables.yaml": &dnsVariables{},
|
||||
}
|
||||
|
||||
|
|
@ -59,6 +60,22 @@ func (h *dnsCAA) Execute(filePath string) error {
|
|||
return expectResultsCount(results, 1)
|
||||
}
|
||||
|
||||
type dnsTLSA struct{}
|
||||
|
||||
// Execute executes a test case and returns an error if occurred
|
||||
func (h *dnsTLSA) Execute(filePath string) error {
|
||||
var routerErr error
|
||||
|
||||
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "scanme.sh", debug)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if routerErr != nil {
|
||||
return routerErr
|
||||
}
|
||||
return expectResultsCount(results, 0)
|
||||
}
|
||||
|
||||
type dnsVariables struct{}
|
||||
|
||||
// Execute executes a test case and returns an error if occurred
|
||||
|
|
|
|||
|
|
@ -221,6 +221,8 @@ func questionTypeToInt(questionType string) uint16 {
|
|||
question = dns.TypeAAAA
|
||||
case "CAA":
|
||||
question = dns.TypeCAA
|
||||
case "TLSA":
|
||||
question = dns.TypeTLSA
|
||||
}
|
||||
return question
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,6 +33,8 @@ const (
|
|||
AAAA
|
||||
// name:CAA
|
||||
CAA
|
||||
// name:TLSA
|
||||
TLSA
|
||||
limit
|
||||
)
|
||||
|
||||
|
|
@ -48,6 +50,7 @@ var DNSRequestTypeMapping = map[DNSRequestType]string{
|
|||
TXT: "TXT",
|
||||
AAAA: "AAAA",
|
||||
CAA: "CAA",
|
||||
TLSA: "TLSA",
|
||||
}
|
||||
|
||||
// GetSupportedDNSRequestTypes returns list of supported types
|
||||
|
|
|
|||
Loading…
Reference in New Issue