daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge from dev

dev
Ice3man543 2021-11-30 16:55:09 +05:30
parent f6072e9a95 be66166b9d
commit 72a387c40a
107 changed files with 670 additions and 603 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE/issue-report.md vendored
View File

@ -33,4 +33,4 @@ Example: steps to reproduce the behavior:
### Anything else:
<!-- Links? References? Screnshots? Anything that will give us more context about the issue that you are encountering! -->
<!-- Links? References? Screenshots? Anything that will give us more context about the issue that you are encountering! -->

43
DESIGN.md
View File

@ -10,9 +10,9 @@ Template is the basic unit of input to the engine which describes the requests t
The template structure is described here. Template level attributes are defined here as well as convenience methods to validate, parse and compile templates creating executers.
Any attributes etc required for the template, engine or requests to function are also set here.
Any attributes etc. required for the template, engine or requests to function are also set here.
Workflows are also compiled, their templates are loaded and compiled as well. Any validations etc on the paths provided are also done here.
Workflows are also compiled, their templates are loaded and compiled as well. Any validations etc. on the paths provided are also done here.
`Parse` function is the main entry point which returns a template for a `filePath` and `executorOptions`. It compiles all the requests for the templates, all the workflows, as well as any self-contained request etc. It also caches the templates in an in-memory cache.
@ -106,7 +106,7 @@ The default executer is provided in `pkg/protocols/common/executer` . It takes a
A different executer is the Clustered Requests executer which implements the Nuclei Request clustering functionality in `pkg/templates` We have a single HTTP request in cases where multiple templates can be clustered and multiple operator lists to match/extract. The first HTTP request is executed while all the template matcher/extractor are evaluated separately.
For Workflow execution, a separate RunWorkflow function is used which executes the workflow independently from the template execution.
For Workflow execution, a separate RunWorkflow function is used which executes the workflow independently of the template execution.
With this basic premise set, we can now start exploring the current runner implementation which will also walk us through the architecture of nuclei.
@ -118,7 +118,7 @@ The first process after all CLI specific initialisation is the loading of templa
#### pkg/catalog
This package is used to get paths using mixed syntax. It takes a template directory and performs resolving for template paths both from provided template directory as well as the current user directory.
This package is used to get paths using mixed syntax. It takes a template directory and performs resolving for template paths both from provided template and current user directory.
The syntax is very versatile and can include filenames, glob patterns, directories, absolute paths, and relative-paths.
@ -177,7 +177,7 @@ ResultEvent structure is passed to the Nuclei Output Writer which contains the e
#### pkg/protocols/common/interactsh
Interactsh module is used to provide automatic Out of Band vulnerability identification in Nuclei.
Interactsh module is used to provide automatic Out-of-Band vulnerability identification in Nuclei.
It uses two LRU caches, one for storing interactions for request URLs and one for storing requests for interaction URL. These both caches are used to correlated requests received to the Interactsh OOB server and Nuclei Instance. [Interactsh Client](https://github.com/projectdiscovery/interactsh/pkg/client) package does most of the heavy lifting of this module.
@ -193,13 +193,13 @@ Next we arrive in the `RunEnumeration` function of the runner.
Next the `WorkflowLoader` is initialised which used to load workflows. It exists in `v2/pkg/parsers/workflow_loader.go`
The loader is initialised moving forward which is responsible for Using Catalog, Passed Tags, Filters, Paths, etc to return compiled `Templates` and `Workflows`.
The loader is initialised moving forward which is responsible for Using Catalog, Passed Tags, Filters, Paths, etc. to return compiled `Templates` and `Workflows`.
#### pkg/catalog/loader
First the input passed by the user as paths is normalised to absolute paths which is done by the `pkg/catalog` module. Next the path filter module is used to removed the excluded template/workflows paths.
First the input passed by the user as paths is normalised to absolute paths which is done by the `pkg/catalog` module. Next the path filter module is used to remove the excluded template/workflows paths.
`pkg/parsers` module's `LoadTemplate`,`LoadWorkflow` functions are used to check if the templates pass the validation + are not excluded via tags/severity/etc filters. If all checks are passed, then the template/workflow is parsed and returned in a compiled form by the `pkg/templates`'s `Parse` function.
`pkg/parsers` module's `LoadTemplate`,`LoadWorkflow` functions are used to check if the templates pass the validation + are not excluded via tags/severity/etc. filters. If all checks are passed, then the template/workflow is parsed and returned in a compiled form by the `pkg/templates`'s `Parse` function.
`Parse` function performs compilation of all the requests in a template + creates Executers from them returning a runnable Template/Workflow structure.
@ -207,10 +207,10 @@ Clustering module comes in next whose job is to cluster identical HTTP GET reque
### pkg/operators
Operators package implements all of the matching and extracting logic of Nuclei.
Operators package implements all the matching and extracting logic of Nuclei.
```go
// Operators contains the operators that can be applied on protocols
// Operators contain the operators that can be applied on protocols
type Operators struct {
Matchers []*matchers.Matcher
Extractors []*extractors.Extractor
@ -218,7 +218,7 @@ type Operators struct {
}
```
A protocol only needs to embed the `operators.Operators` type shown above and it can utilise all the matching/extracting functionality of nuclei.
A protocol only needs to embed the `operators.Operators` type shown above, and it can utilise all the matching/extracting functionality of nuclei.
```go
// MatchFunc performs matching operation for a matcher on model and returns true or false.
@ -246,7 +246,7 @@ type Result struct {
}
```
The internal logics for matching and extracting for things like words, regexes, jq, paths, etc is specified in `pkg/operators/matchers`, `pkg/operators/extractors`. Those packages should be investigated for further look into the topic.
The internal logics for matching and extracting for things like words, regexes, jq, paths, etc. is specified in `pkg/operators/matchers`, `pkg/operators/extractors`. Those packages should be investigated for further look into the topic.
### Template Execution
@ -275,6 +275,8 @@ import (
"path"
"github.com/logrusorgru/aurora"
"go.uber.org/ratelimit"
"github.com/projectdiscovery/goflags"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
@ -291,7 +293,6 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/reporting"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
"go.uber.org/ratelimit"
)
func main() {
@ -356,7 +357,7 @@ func main() {
### Adding a New Protocol
Protocols form the core of Nuclei Engine. All the request types like `http`, `dns`, etc are implemented in form of protocol requests.
Protocols form the core of Nuclei Engine. All the request types like `http`, `dns`, etc. are implemented in form of protocol requests.
A protocol must implement the `Protocol` and `Request` interfaces described above in `pkg/protocols`. We'll take the example of an existing protocol implementation - websocket for this short reference around Nuclei internals.
@ -474,13 +475,13 @@ func (r *Request) Type() templateTypes.ProtocolType {
}
```
Almost all of these protocols have boilerplate functions for which default implementations have been provided in the `providers` package. Examples are the implementation of `Match`, `Extract`, `MakeResultEvent`, GetCompiledOperators`, etc which are almost same throughout Nuclei protocols code. It is enough to copy-paste them unless customization is required.
Almost all of these protocols have boilerplate functions for which default implementations have been provided in the `providers` package. Examples are the implementation of `Match`, `Extract`, `MakeResultEvent`, GetCompiledOperators`, etc. which are almost same throughout Nuclei protocols code. It is enough to copy-paste them unless customization is required.
`eventcreator` package offers `CreateEventWithAdditionalOptions` function which can be used to create result events after doing request execution.
Step by step description of how to add a new protocol to Nuclei -
1. Add the protocol implementation in `pkg/protocols` directory. If it's a small protocol with less number of options, considering adding it to the `pkg/protocols/others` directory. Add the enum for the new protocol to `v2/pkg/templates/types/types.go`.
1. Add the protocol implementation in `pkg/protocols` directory. If it's a small protocol with fewer options, considering adding it to the `pkg/protocols/others` directory. Add the enum for the new protocol to `v2/pkg/templates/types/types.go`.
2. Add the protocol request structure to the `Template` structure fields. This is done in `pkg/templates/templates.go` with the corresponding import line.
@ -526,7 +527,7 @@ func (t *Template) Type() templateTypes.ProtocolType {
```go
// Requests returns the total request count for the template
// Requests return the total request count for the template
func (template *Template) Requests() int {
return len(template.RequestsDNS) +
...
@ -554,11 +555,11 @@ That's it, you've added a new protocol to Nuclei. The next good step would be to
- [v2/pkg/reporting](./v2/pkg/reporting) - Reporting modules for nuclei.
- [v2/pkg/reporting/exporters/sarif](./v2/pkg/reporting/exporters/sarif) - Sarif Result Exporter
- [v2/pkg/reporting/exporters/markdown](./v2/pkg/reporting/exporters/markdown) - Markdown Result Exporter
- [v2/pkg/reporting/exporters/es](./v2/pkg/reporting/exporters/e) - Elasticsearch Result Exporter
- [v2/pkg/reporting/exporters/es](./v2/pkg/reporting/exporters/es) - Elasticsearch Result Exporter
- [v2/pkg/reporting/dedupe](./v2/pkg/reporting/dedupe) - Dedupe module for Results
- [v2/pkg/reporting/trackers/gitlab](./v2/pkg/reporting/trackers/gitlab) - Gitlab Issue Tracker Exporter
- [v2/pkg/reporting/trackers/jira](./v2/pkg/reporting/trackers/jira) - Jira Issue Tracker Exporter
- [v2/pkg/reporting/trackers/github](./v2/pkg/reporting/trackers/github) - Github Issue Tracker Exporter
- [v2/pkg/reporting/trackers/github](./v2/pkg/reporting/trackers/github) - GitHub Issue Tracker Exporter
- [v2/pkg/reporting/format](./v2/pkg/reporting/format) - Result Formatting Functions
- [v2/pkg/parsers](./v2/pkg/parsers) - Implements template as well as workflow loader for initial template discovery, validation and - loading.
- [v2/pkg/types](./v2/pkg/types) - Contains CLI options as well as misc helper functions.
@ -577,12 +578,12 @@ That's it, you've added a new protocol to Nuclei. The next good step would be to
- [v2/pkg/model](./v2/pkg/model) - Template Info + misc
- [v2/pkg/templates](./v2/pkg/templates) - Templates core starting point
- [v2/pkg/templates/cache](./v2/pkg/templates/cache) - Templates cache
- [v2/pkg/protocols](./v2/pkg/protocol) - Protocol Specification
- [v2/pkg/protocols](./v2/pkg/protocols) - Protocol Specification
- [v2/pkg/protocols/file](./v2/pkg/protocols/file) - File protocol
- [v2/pkg/protocols/network](./v2/pkg/protocols/network) - Network protocol
- [v2/pkg/protocols/common/expressions](./v2/pkg/protocols/common/expressions) - Expression evaluation + Templating Support
- [v2/pkg/protocols/common/interactsh](./v2/pkg/protocols/common/interactsh) - Interactsh integration
- [v2/pkg/protocols/common/generators](./v2/pkg/protocols/common/generators) - Payload support for Requests (Sniper, etc)
- [v2/pkg/protocols/common/generators](./v2/pkg/protocols/common/generators) - Payload support for Requests (Sniper, etc.)
- [v2/pkg/protocols/common/executer](./v2/pkg/protocols/common/executer) - Default Template Executer
- [v2/pkg/protocols/common/replacer](./v2/pkg/protocols/common/replacer) - Template replacement helpers
- [v2/pkg/protocols/common/helpers/eventcreator](./v2/pkg/protocols/common/helpers/eventcreator) - Result event creator

2
Dockerfile
View File

@ -1,7 +1,7 @@
FROM golang:1.17.3-alpine as build-env
RUN go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
FROM alpine:3.14
FROM alpine:3.15.0
RUN apk add --no-cache bind-tools ca-certificates chromium
COPY --from=build-env /go/bin/nuclei /usr/local/bin/nuclei
ENTRYPOINT ["nuclei"]

4
README.md
View File

@ -58,7 +58,7 @@ go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
### Nuclei Templates
Nuclei has had built-in support for automatic template download/update as default since version [v2.5.2](https://github.com/projectdiscovery/nuclei/releases/tag/v2.5.2). [**Nuclei-Templates**](https://github.com/projectdiscovery/nuclei-templates) project provides a community-contributed list of ready-to-use templates that is constantly updated.
Nuclei has built-in support for automatic template download/update as default since version [v2.5.2](https://github.com/projectdiscovery/nuclei/releases/tag/v2.5.2). [**Nuclei-Templates**](https://github.com/projectdiscovery/nuclei-templates) project provides a community-contributed list of ready-to-use templates that is constantly updated.
You may still use the `update-templates` flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's [templating guide](https://nuclei.projectdiscovery.io/templating-guide/).
@ -250,7 +250,7 @@ Please check our other open-source projects that might fit into your bug bounty
Nuclei immensely improve how you approach security assessment by augmenting the manual, repetitive processes. Consultancies are already converting their manual assessment steps with Nuclei, it allows them to run set of their custom assessment approach across thousands of hosts in an automated manner.
Pen-testers get the full power of our public templates and customization capabilities to speed-up their assessment process, and specifically with the regression cycle where you can easily verify the fix.
Pen-testers get the full power of our public templates and customization capabilities to speed up their assessment process, and specifically with the regression cycle where you can easily verify the fix.
- Easily create your compliance, standards suite (e.g. OWASP Top 10) checklist.
- With capabilities like [fuzz](https://nuclei.projectdiscovery.io/templating-guide/#advance-fuzzing) and [workflows](https://nuclei.projectdiscovery.io/templating-guide/#workflows), complex manual steps and repetitive assessment can be easily automated with Nuclei.

2
README_CN.md
View File

@ -29,7 +29,7 @@ Nuclei是一个基于模板的、可配置攻击目标的扫描快速工具
- [安装](#安装)
- [Nuclei模板](#nuclei模板)
- [用法](#用法)
- [运行Nuclei](#运行nuclei)
- [运行Nuclei](#运行Nuclei)
- [排除模板](#排除模板)
- [致谢](#致谢)

10
SYNTAX-REFERENCE.md
View File

@ -847,7 +847,7 @@ ID is the optional id of the request
Name is the optional name of the request.
If a name is specified, all the named request in a template can be matched upon
in a combined manner allowing multirequest based matchers.
in a combined manner allowing multi-request based matchers.
</div>
@ -862,7 +862,7 @@ in a combined manner allowing multirequest based matchers.
Attack is the type of payload combinations to perform.
batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
batteringram is inserts the same payload into all defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
permutations and combinations for all payloads.
@ -1454,7 +1454,7 @@ Examples:
```yaml
# Match for outlook mail protection domain
# Match for Outlook mail protection domain
words:
- mail.protection.outlook.com
```
@ -2452,7 +2452,7 @@ host:
Attack is the type of payload combinations to perform.
Batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
Batteringram is inserts the same payload into all defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
permutations and combinations for all payloads.
@ -2676,7 +2676,7 @@ Valid values:
Read is the number of bytes to read from socket.
This can be used for protocols which expect an immediate response. You can
read and write responses one after another and evetually perform matching
read and write responses one after another and eventually perform matching
on every data captured with `name` attribute.
The [network docs](https://nuclei.projectdiscovery.io/templating-guide/protocols/network/) highlight more on how to do this.

30
integration_tests/test-issue-tracker-config1.yaml
View File

@ -3,35 +3,35 @@ allow-list:
deny-list:
severity: low
# github contains configuration options for github issue tracker
# GitHub contains configuration options for GitHub issue tracker
github:
# base-url is the optional self-hosted github application url
# base-url is the optional self-hosted GitHub application url
base-url: https://localhost:8443/github
# username is the username of the github user
# username is the username of the GitHub user
username: test-username
# owner is the owner name of the repository for issues.
# owner is the owner name of the repository for issues
owner: test-owner
# token is the token for github account.
# token is the token for GitHub account
token: test-token
# project-name is the name of the repository.
# project-name is the name of the repository
project-name: test-project
# issue-label is the label of the created issue type
issue-label: bug
# gitlab contains configuration options for gitlab issue tracker
# GitLab contains configuration options for gitlab issue tracker
gitlab:
# base-url is the optional self-hosted gitlab application url
# base-url is the optional self-hosted GitLab application url
base-url: https://localhost:8443/gitlab
# username is the username of the gitlab user
# username is the username of the GitLab user
username: test-username
# token is the token for gitlab account.
# token is the token for GitLab account
token: test-token
# project-name is the name/id of the project(repository).
# project-name is the name/id of the project(repository)
project-name: "1234"
# issue-label is the label of the created issue type
issue-label: bug
# jira contains configuration options for jira issue tracker
# Jira contains configuration options for Jira issue tracker
jira:
# cloud is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
cloud: true
@ -39,11 +39,11 @@ jira:
update-existing: false
# URL is the jira application url
url: https://localhost/jira
# account-id is the account-id of the jira user or username in case of on-prem Jira
# account-id is the account-id of the Jira user or username in case of on-prem Jira
account-id: test-account-id
# email is the email of the user for jira instance
# email is the email of the user for Jira instance
email: test@test.com
# token is the token for jira instance or password in case of on-prem Jira
# token is the token for Jira instance or password in case of on-prem Jira
token: test-token
# project-name is the name of the project.
project-name: test-project-name

38
integration_tests/test-issue-tracker-config2.yaml
View File

@ -5,47 +5,47 @@ allow-list:
deny-list:
severity: low
# github contains configuration options for github issue tracker
github:
# base-url is the optional self-hosted github application url
base-url: https://localhost:8443/github
# username is the username of the github user
# GitHub contains configuration options for GitHub issue tracker
GitHub:
# base-url is the optional self-hosted GitHub application url
base-url: https://localhost:8443/GitHub
# username is the username of the GitHub user
username: test-username
# owner is the owner name of the repository for issues.
owner: test-owner
# token is the token for github account.
# token is the token for GitHub account.
token: test-token
# project-name is the name of the repository.
project-name: test-project
# issue-label is the label of the created issue type
issue-label: bug
# gitlab contains configuration options for gitlab issue tracker
gitlab:
# base-url is the optional self-hosted gitlab application url
base-url: https://localhost:8443/gitlab
# username is the username of the gitlab user
# GitLab contains configuration options for GitLab issue tracker
GitLab:
# base-url is the optional self-hosted GitLab application url
base-url: https://localhost:8443/GitLab
# username is the username of the GitLab user
username: test-username
# token is the token for gitlab account.
# token is the token for GitLab account.
token: test-token
# project-name is the name/id of the project(repository).
project-name: "1234"
# issue-label is the label of the created issue type
issue-label: bug
# jira contains configuration options for jira issue tracker
jira:
# Jira contains configuration options for Jira issue tracker
Jira:
# cloud is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
cloud: true
# update-existing is the boolean which tells if the existing, opened issue should be updated or new one should be created
update-existing: false
# URL is the jira application url
url: https://localhost/jira
# account-id is the account-id of the jira user or username in case of on-prem Jira
# URL is the Jira application url
url: https://localhost/Jira
# account-id is the account-id of the Jira user or username in case of on-prem Jira
account-id: test-account-id
# email is the email of the user for jira instance
# email is the email of the user for Jira instance
email: test@test.com
# token is the token for jira instance or password in case of on-prem Jira
# token is the token for Jira instance or password in case of on-prem Jira
token: test-token
# project-name is the name of the project.
project-name: test-project-name

13
v2/cmd/cve-annotate/main.go
View File

@ -10,6 +10,7 @@ import (
"strings"
"github.com/Ice3man543/nvd"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
)
@ -116,26 +117,26 @@ func getCVEData(client *nvd.Client, filePath, data string) {
}
if !strings.Contains(infoBlockClean, "classification") && (cvssScore != 0 && cvssMetrics != "") {
changed = true
newInfoBlock = newInfoBlock + fmt.Sprintf("\n classification:\n cvss-metrics: %s\n cvss-score: %.2f\n cve-id: %s", cvssMetrics, cvssScore, cveName)
newInfoBlock += fmt.Sprintf("\n classification:\n cvss-metrics: %s\n cvss-score: %.2f\n cve-id: %s", cvssMetrics, cvssScore, cveName)
if len(cweID) > 0 && (cweID[0] != "NVD-CWE-Other" && cweID[0] != "NVD-CWE-noinfo") {
newInfoBlock = newInfoBlock + fmt.Sprintf("\n cwe-id: %s", strings.Join(cweID, ","))
newInfoBlock += fmt.Sprintf("\n cwe-id: %s", strings.Join(cweID, ","))
}
}
// If there is no description field, fill the description from CVE information
if !strings.Contains(infoBlockClean, "description:") && len(cveItem.CVE.Description.DescriptionData) > 0 {
changed = true
newInfoBlock = newInfoBlock + fmt.Sprintf("\n description: %s", fmt.Sprintf("%q", cveItem.CVE.Description.DescriptionData[0].Value))
newInfoBlock += fmt.Sprintf("\n description: %s", fmt.Sprintf("%q", cveItem.CVE.Description.DescriptionData[0].Value))
}
if !strings.Contains(infoBlockClean, "reference:") && len(cveItem.CVE.References.ReferenceData) > 0 {
changed = true
newInfoBlock = newInfoBlock + "\n reference:"
newInfoBlock += "\n reference:"
for _, reference := range cveItem.CVE.References.ReferenceData {
newInfoBlock = newInfoBlock + fmt.Sprintf("\n - %s", reference.URL)
newInfoBlock += fmt.Sprintf("\n - %s", reference.URL)
}
}
newTemplate := strings.ReplaceAll(data, infoBlockClean, newInfoBlock)
if changed {
_ = ioutil.WriteFile(filePath, []byte(newTemplate), 0777)
_ = ioutil.WriteFile(filePath, []byte(newTemplate), 0644)
fmt.Printf("Wrote updated template to %s\n", filePath)
}
}

7
v2/cmd/docgen/docgen.go
View File

@ -10,10 +10,11 @@ import (
"strings"
"github.com/alecthomas/jsonschema"
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
)
var pathRegex = regexp.MustCompile(`github.com/projectdiscovery/nuclei/v2/(?:internal|pkg)/(?:.*/)?([A-Za-z\.]+)`)
var pathRegex = regexp.MustCompile(`github\.com/projectdiscovery/nuclei/v2/(?:internal|pkg)/(?:.*/)?([A-Za-z.]+)`)
func main() {
// Generate yaml syntax documentation
@ -21,7 +22,7 @@ func main() {
if err != nil {
log.Fatalf("Could not encode docs: %s\n", err)
}
err = ioutil.WriteFile(os.Args[1], data, 0777)
err = ioutil.WriteFile(os.Args[1], data, 0644)
if err != nil {
log.Fatalf("Could not write docs: %s\n", err)
}
@ -43,7 +44,7 @@ func main() {
for _, match := range pathRegex.FindAllStringSubmatch(schema, -1) {
schema = strings.ReplaceAll(schema, match[0], match[1])
}
err = ioutil.WriteFile(os.Args[2], []byte(schema), 0777)
err = ioutil.WriteFile(os.Args[2], []byte(schema), 0644)
if err != nil {
log.Fatalf("Could not write jsonschema: %s\n", err)
}

6
v2/cmd/integration-test/http.go
View File

@ -40,17 +40,17 @@ var httpTestcases = map[string]testutils.TestCase{
type httpInteractshRequest struct{}
// Executes executes a test case and returns an error if occurred
// Execute executes a test case and returns an error if occurred
func (h *httpInteractshRequest) Execute(filePath string) error {
router := httprouter.New()
router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
value := r.Header.Get("url")
if value != "" {
if resp, _ := http.DefaultClient.Get(value); resp != nil {
resp.Body.Close()
}
}
}))
})
ts := httptest.NewServer(router)
defer ts.Close()

1
v2/cmd/integration-test/integration-test.go
View File

@ -6,6 +6,7 @@ import (
"strings"
"github.com/logrusorgru/aurora"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
)

17
v2/cmd/integration-test/loader.go
View File

@ -8,6 +8,7 @@ import (
"strings"
"github.com/julienschmidt/httprouter"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
)
@ -24,14 +25,14 @@ type remoteTemplateList struct{}
func (h *remoteTemplateList) Execute(templateList string) error {
router := httprouter.New()
router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
fmt.Fprintf(w, "This is test matcher text")
if strings.EqualFold(r.Header.Get("test"), "nuclei") {
fmt.Fprintf(w, "This is test headers matcher text")
}
}))
})
router.GET("/template_list", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
router.GET("/template_list", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
file, err := os.ReadFile(templateList)
if err != nil {
w.WriteHeader(500)
@ -40,7 +41,7 @@ func (h *remoteTemplateList) Execute(templateList string) error {
if err != nil {
w.WriteHeader(500)
}
}))
})
ts := httptest.NewServer(router)
defer ts.Close()
@ -60,14 +61,14 @@ type remoteWorkflowList struct{}
func (h *remoteWorkflowList) Execute(workflowList string) error {
router := httprouter.New()
router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
fmt.Fprintf(w, "This is test matcher text")
if strings.EqualFold(r.Header.Get("test"), "nuclei") {
fmt.Fprintf(w, "This is test headers matcher text")
}
}))
})
router.GET("/workflow_list", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
router.GET("/workflow_list", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
file, err := os.ReadFile(workflowList)
if err != nil {
w.WriteHeader(500)
@ -76,7 +77,7 @@ func (h *remoteWorkflowList) Execute(workflowList string) error {
if err != nil {
w.WriteHeader(500)
}
}))
})
ts := httptest.NewServer(router)
defer ts.Close()

3
v2/cmd/integration-test/websocket.go
View File

@ -5,6 +5,7 @@ import (
"strings"
"github.com/gobwas/ws/wsutil"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
)
@ -22,7 +23,7 @@ func (h *websocketBasic) Execute(filePath string) error {
connHandler := func(conn net.Conn) {
for {
msg, op, _ := wsutil.ReadClientData(conn)
if string(msg) != string("hello") {
if string(msg) != "hello" {
return
}
_ = wsutil.WriteServerMessage(conn, op, []byte("world"))

36
v2/cmd/nuclei/issue-tracker-config.yaml
View File

@ -5,51 +5,51 @@
#deny-list:
# severity: info, low, medium
# github contains configuration options for github issue tracker
#github:
# # base-url (optional) is the self-hosted github application url
# GitHub contains configuration options for GitHub issue tracker
#GitHub:
# # base-url (optional) is the self-hosted GitHub application url
# base-url: ""
# # username is the username of the github user
# # username is the username of the GitHub user
# username: ""
# # owner is the owner name of the repository for issues.
# owner: ""
# # token is the token for github account.
# # token is the token for GitHub account.
# token: ""
# # project-name is the name of the repository.
# project-name: ""
# # issue-label (optional) is the label of the created issue type
# issue-label: ""
# # severity-as-label (optional) sets the sevetiry as the label of the created issue type
# # severity-as-label (optional) sets the severity as the label of the created issue type
# severity-as-label: false
# gitlab contains configuration options for gitlab issue tracker
#gitlab:
# # base-url (optional) is the self-hosted gitlab application url
# GitLab contains configuration options for GitLab issue tracker
#GitLab:
# # base-url (optional) is the self-hosted GitLab application url
# base-url: ""
# # username is the username of the gitlab user
# # username is the username of the GitLab user
# username: ""
# # token is the token for gitlab account.
# # token is the token for GitLab account.
# token: ""
# # project-id is the ID of the repository.
# project-id: ""
# # issue-label (optional) is the label of the created issue type
# issue-label: ""
# # severity-as-label (optional) sets the sevetiry as the label of the created issue type
# # severity-as-label (optional) sets the severity as the label of the created issue type
# severity-as-label: false
# jira contains configuration options for jira issue tracker
#jira:
# Jira contains configuration options for Jira issue tracker
#Jira:
# # cloud (optional) is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
# cloud: true
# # update-existing (optional) is the boolean which tells if the existing, opened issue should be updated or new one should be created
# update-existing: false
# # URL is the jira application url
# # URL is the Jira application URL
# url: ""
# # account-id is the account-id of the jira user or username in case of on-prem Jira
# # account-id is the account-id of the Jira user or username in case of on-prem Jira
# account-id: ""
# # email is the email of the user for jira instance
# # email is the email of the user for Jira instance
# email: ""
# # token is the token for jira instance or password in case of on-prem Jira
# # token is the token for Jira instance or password in case of on-prem Jira
# token: ""
# # project-name is the name of the project.
# project-name: ""

2
v2/cmd/nuclei/main.go
View File

@ -110,7 +110,7 @@ on extensive configurability, massive extensibility and ease of use.`)
flagSet.IntVar(&options.InteractionsCacheSize, "interactions-cache-size", 5000, "number of requests to keep in the interactions cache"),
flagSet.IntVar(&options.InteractionsEviction, "interactions-eviction", 60, "number of seconds to wait before evicting requests from cache"),
flagSet.IntVar(&options.InteractionsPollDuration, "interactions-poll-duration", 5, "number of seconds to wait before each interaction poll request"),
flagSet.IntVar(&options.InteractionsCooldownPeriod, "interactions-cooldown-period", 5, "extra time for interaction polling before exiting"),
flagSet.IntVar(&options.InteractionsCoolDownPeriod, "interactions-cooldown-period", 5, "extra time for interaction polling before exiting"),
flagSet.BoolVarP(&options.NoInteractsh, "no-interactsh", "ni", false, "disable interactsh server for OAST testing, exclude OAST based templates"),
)

14
v2/internal/runner/options.go
View File

@ -9,6 +9,7 @@ import (
"github.com/pkg/errors"
"github.com/go-playground/validator/v10"
"github.com/projectdiscovery/fileutil"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/gologger/formatter"
@ -66,15 +67,14 @@ func ParseOptions(options *types.Options) {
// hasStdin returns true if we have stdin input
func hasStdin() bool {
stat, err := os.Stdin.Stat()
fi, err := os.Stdin.Stat()
if err != nil {
return false
}
isPipedFromChrDev := (stat.Mode() & os.ModeCharDevice) == 0
isPipedFromFIFO := (stat.Mode() & os.ModeNamedPipe) != 0
return isPipedFromChrDev || isPipedFromFIFO
if fi.Mode()&os.ModeNamedPipe == 0 {
return false
}
return true
}
// validateOptions validates the configuration options passed
@ -93,7 +93,7 @@ func validateOptions(options *types.Options) error {
if options.Verbose && options.Silent {
return errors.New("both verbose and silent mode specified")
}
//loading the proxy server list from file or cli and test the connectivity
// loading the proxy server list from file or cli and test the connectivity
if err := loadProxyServers(options); err != nil {
return err
}

4
v2/internal/runner/proxy.go
View File

@ -28,7 +28,7 @@ func loadProxyServers(options *types.Options) error {
} else if fileutil.FileExists(p) {
file, err := os.Open(p)
if err != nil {
return fmt.Errorf("could not open proxy file: %s", err)
return fmt.Errorf("could not open proxy file: %w", err)
}
defer file.Close()
scanner := bufio.NewScanner(file)
@ -117,7 +117,7 @@ func validateProxyURL(proxy string) (url.URL, error) {
return url.URL{}, errors.New("invalid proxy format (It should be http[s]/socks5://[username:password@]host:port)")
}
//isSupportedProtocol checks given protocols are supported
// isSupportedProtocol checks given protocols are supported
func isSupportedProtocol(value string) bool {
return value == types.HTTP || value == types.HTTPS || value == types.SOCKS5
}

2
v2/internal/runner/runner.go
View File

@ -151,7 +151,7 @@ func New(options *types.Options) (*Runner, error) {
opts.Authorization = options.InteractshToken
opts.CacheSize = int64(options.InteractionsCacheSize)
opts.Eviction = time.Duration(options.InteractionsEviction) * time.Second
opts.ColldownPeriod = time.Duration(options.InteractionsCooldownPeriod) * time.Second
opts.ColldownPeriod = time.Duration(options.InteractionsCoolDownPeriod) * time.Second
opts.PollDuration = time.Duration(options.InteractionsPollDuration) * time.Second
opts.NoInteractsh = runner.options.NoInteractsh

129
v2/internal/runner/update.go
View File

@ -54,7 +54,7 @@ func (r *Runner) updateTemplates() error { // TODO this method does more than ju
return err
}
configDir := filepath.Join(home, ".config", "nuclei")
_ = os.MkdirAll(configDir, os.ModePerm)
_ = os.MkdirAll(configDir, 0755)
if err := r.readInternalConfigurationFile(home, configDir); err != nil {
return errors.Wrap(err, "could not read configuration file")
@ -242,12 +242,12 @@ func (r *Runner) getLatestReleaseFromGithub(latestTag string) (*github.Repositor
func (r *Runner) downloadReleaseAndUnzip(ctx context.Context, version, downloadURL string) (*templateUpdateResults, error) {
req, err := http.NewRequestWithContext(ctx, http.MethodGet, downloadURL, nil)
if err != nil {
return nil, fmt.Errorf("failed to create HTTP request to %s: %s", downloadURL, err)
return nil, fmt.Errorf("failed to create HTTP request to %s: %w", downloadURL, err)
}
res, err := http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("failed to download a release file from %s: %s", downloadURL, err)
return nil, fmt.Errorf("failed to download a release file from %s: %w", downloadURL, err)
}
defer res.Body.Close()
if res.StatusCode != http.StatusOK {
@ -256,23 +256,23 @@ func (r *Runner) downloadReleaseAndUnzip(ctx context.Context, version, downloadU
buf, err := ioutil.ReadAll(res.Body)
if err != nil {
return nil, fmt.Errorf("failed to create buffer for zip file: %s", err)
return nil, fmt.Errorf("failed to create buffer for zip file: %w", err)
}
reader := bytes.NewReader(buf)
zipReader, err := zip.NewReader(reader, reader.Size())
if err != nil {
return nil, fmt.Errorf("failed to uncompress zip file: %s", err)
return nil, fmt.Errorf("failed to uncompress zip file: %w", err)
}
// Create the template folder if it doesn't exist
if err := os.MkdirAll(r.templatesConfig.TemplatesDirectory, os.ModePerm); err != nil {
return nil, fmt.Errorf("failed to create template base folder: %s", err)
if err := os.MkdirAll(r.templatesConfig.TemplatesDirectory, 0755); err != nil {
return nil, fmt.Errorf("failed to create template base folder: %w", err)
}
results, err := r.compareAndWriteTemplates(zipReader)
if err != nil {
return nil, fmt.Errorf("failed to write templates: %s", err)
return nil, fmt.Errorf("failed to write templates: %w", err)
}
if r.options.Verbose {
@ -291,7 +291,7 @@ func (r *Runner) downloadReleaseAndUnzip(ctx context.Context, version, downloadU
buffer.WriteString("\n")
}
if err := ioutil.WriteFile(additionsFile, buffer.Bytes(), os.ModePerm); err != nil {
if err := ioutil.WriteFile(additionsFile, buffer.Bytes(), 0644); err != nil {
return nil, errors.Wrap(err, "could not write new additions file")
}
return results, err
@ -316,60 +316,42 @@ func (r *Runner) compareAndWriteTemplates(zipReader *zip.Reader) (*templateUpdat
// If the path isn't found in new update after being read from the previous checksum,
// it is removed. This allows us fine-grained control over the download process
// as well as solves a long problem with nuclei-template updates.
checksumFile := filepath.Join(r.templatesConfig.TemplatesDirectory, ".checksum")
configuredTemplateDirectory := r.templatesConfig.TemplatesDirectory
checksumFile := filepath.Join(configuredTemplateDirectory, ".checksum")
templateChecksumsMap, _ := createTemplateChecksumsMap(checksumFile)
for _, zipTemplateFile := range zipReader.File {
directory, name := filepath.Split(zipTemplateFile.Name)
if name == "" {
templateAbsolutePath, skipFile, err := calculateTemplateAbsolutePath(zipTemplateFile.Name, configuredTemplateDirectory)
if err != nil {
return nil, err
}
if skipFile {
continue
}
paths := strings.Split(directory, string(os.PathSeparator))
finalPath := filepath.Join(paths[1:]...)
if strings.HasPrefix(name, ".") || strings.HasPrefix(finalPath, ".") || strings.EqualFold(name, "README.md") {
continue
}
results.totalCount++
templateDirectory := filepath.Join(r.templatesConfig.TemplatesDirectory, finalPath)
if err := os.MkdirAll(templateDirectory, os.ModePerm); err != nil {
return nil, fmt.Errorf("failed to create template folder %s : %s", templateDirectory, err)
}
templatePath := filepath.Join(templateDirectory, name)
isAddition := false
if _, statErr := os.Stat(templatePath); os.IsNotExist(statErr) {
if _, statErr := os.Stat(templateAbsolutePath); os.IsNotExist(statErr) {
isAddition = true
}
templateFile, err := os.OpenFile(templatePath, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0777)
newTemplateChecksum, err := writeUnZippedTemplateFile(templateAbsolutePath, zipTemplateFile)
if err != nil {
templateFile.Close()
return nil, fmt.Errorf("could not create uncompressed file: %s", err)
return nil, err
}
zipTemplateFileReader, err := zipTemplateFile.Open()
oldTemplateChecksum, checksumOk := templateChecksumsMap[templateAbsolutePath]
relativeTemplatePath, err := filepath.Rel(configuredTemplateDirectory, templateAbsolutePath)
if err != nil {
templateFile.Close()
return nil, fmt.Errorf("could not open archive to extract file: %s", err)
return nil, fmt.Errorf("could not calculate relative path for template: %s. %w", templateAbsolutePath, err)
}
hasher := md5.New()
// Save file and also read into hasher for md5
if _, err := io.Copy(templateFile, io.TeeReader(zipTemplateFileReader, hasher)); err != nil {
templateFile.Close()
return nil, fmt.Errorf("could not write template file: %s", err)
}
templateFile.Close()
oldChecksum, checksumOK := templateChecksumsMap[templatePath]
checksum := hex.EncodeToString(hasher.Sum(nil))
if isAddition {
results.additions = append(results.additions, filepath.Join(finalPath, name))
} else if checksumOK && oldChecksum[0] != checksum {
results.modifications = append(results.modifications, filepath.Join(finalPath, name))
results.additions = append(results.additions, relativeTemplatePath)
} else if checksumOk && oldTemplateChecksum[0] != newTemplateChecksum {
results.modifications = append(results.modifications, relativeTemplatePath)
}
results.checksums[templatePath] = checksum
results.checksums[templateAbsolutePath] = newTemplateChecksum
results.totalCount++
}
// If we don't find the previous file in the newly downloaded list,
@ -378,12 +360,63 @@ func (r *Runner) compareAndWriteTemplates(zipReader *zip.Reader) (*templateUpdat
_, ok := results.checksums[templatePath]
if !ok && templateChecksums[0] == templateChecksums[1] {
_ = os.Remove(templatePath)
results.deletions = append(results.deletions, strings.TrimPrefix(strings.TrimPrefix(templatePath, r.templatesConfig.TemplatesDirectory), string(os.PathSeparator)))
results.deletions = append(results.deletions, strings.TrimPrefix(strings.TrimPrefix(templatePath, configuredTemplateDirectory), string(os.PathSeparator)))
}
}
return results, nil
}
func writeUnZippedTemplateFile(templateAbsolutePath string, zipTemplateFile *zip.File) (string, error) {
templateFile, err := os.OpenFile(templateAbsolutePath, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
return "", fmt.Errorf("could not create template file: %w", err)
}
zipTemplateFileReader, err := zipTemplateFile.Open()
if err != nil {
_ = templateFile.Close()
return "", fmt.Errorf("could not open archive to extract file: %w", err)
}
md5Hash := md5.New()
// Save file and also read into hash.Hash for md5
if _, err := io.Copy(templateFile, io.TeeReader(zipTemplateFileReader, md5Hash)); err != nil {
_ = templateFile.Close()
return "", fmt.Errorf("could not write template file: %w", err)
}
if err := templateFile.Close(); err != nil {
return "", fmt.Errorf("could not close file newly created template file: %w", err)
}
checksum := hex.EncodeToString(md5Hash.Sum(nil))
return checksum, nil
}
func calculateTemplateAbsolutePath(zipFilePath, configuredTemplateDirectory string) (string, bool, error) {
directory, fileName := filepath.Split(zipFilePath)
if strings.TrimSpace(fileName) == "" || strings.HasPrefix(fileName, ".") || strings.EqualFold(fileName, "README.md") {
return "", true, nil
}
directoryPathChunks := strings.Split(directory, string(os.PathSeparator))
relativeDirectoryPathWithoutZipRoot := filepath.Join(directoryPathChunks[1:]...)
if strings.HasPrefix(relativeDirectoryPathWithoutZipRoot, ".") {
return "", true, nil
}
templateDirectory := filepath.Join(configuredTemplateDirectory, relativeDirectoryPathWithoutZipRoot)
if err := os.MkdirAll(templateDirectory, 0755); err != nil {
return "", false, fmt.Errorf("failed to create template folder: %s. %w", templateDirectory, err)
}
return filepath.Join(templateDirectory, fileName), false, nil
}
// createTemplateChecksumsMap reads the previous checksum file from the disk.
// Creates a map of template paths and their previous and currently calculated checksums as values.
func createTemplateChecksumsMap(checksumsFilePath string) (map[string][2]string, error) {

48
v2/internal/runner/update_test.go
View File

@ -12,10 +12,11 @@ import (
"strings"
"testing"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
"github.com/stretchr/testify/require"
)
func TestDownloadReleaseAndUnzipAddition(t *testing.T) {
@ -25,7 +26,7 @@ func TestDownloadReleaseAndUnzipAddition(t *testing.T) {
require.Nil(t, err, "could not create temp directory")
defer os.RemoveAll(baseTemplates)
err = ioutil.WriteFile(filepath.Join(baseTemplates, "base.yaml"), []byte("id: test"), 0777)
err = ioutil.WriteFile(filepath.Join(baseTemplates, "base.yaml"), []byte("id: test"), os.ModePerm)
require.Nil(t, err, "could not create write base file")
err = zipFromDirectory("base.zip", baseTemplates)
@ -50,9 +51,9 @@ func TestDownloadReleaseAndUnzipAddition(t *testing.T) {
require.Nil(t, err, "could not create temp directory")
defer os.RemoveAll(newTempDir)
err = ioutil.WriteFile(filepath.Join(newTempDir, "base.yaml"), []byte("id: test"), 0777)
err = ioutil.WriteFile(filepath.Join(newTempDir, "base.yaml"), []byte("id: test"), os.ModePerm)
require.Nil(t, err, "could not create base file")
err = ioutil.WriteFile(filepath.Join(newTempDir, "new.yaml"), []byte("id: test"), 0777)
err = ioutil.WriteFile(filepath.Join(newTempDir, "new.yaml"), []byte("id: test"), os.ModePerm)
require.Nil(t, err, "could not create new file")
err = zipFromDirectory("new.zip", newTempDir)
@ -77,7 +78,7 @@ func TestDownloadReleaseAndUnzipDeletion(t *testing.T) {
require.Nil(t, err, "could not create temp directory")
defer os.RemoveAll(baseTemplates)
err = ioutil.WriteFile(filepath.Join(baseTemplates, "base.yaml"), []byte("id: test"), 0777)
err = ioutil.WriteFile(filepath.Join(baseTemplates, "base.yaml"), []byte("id: test"), os.ModePerm)
require.Nil(t, err, "could not create write base file")
err = zipFromDirectory("base.zip", baseTemplates)
@ -118,6 +119,43 @@ func TestDownloadReleaseAndUnzipDeletion(t *testing.T) {
require.Equal(t, "base.yaml", results.deletions[0], "could not get correct new deletions")
}
func TestCalculateTemplateAbsolutePath(t *testing.T) {
configuredTemplateDirectory := filepath.Join(os.TempDir(), "templates")
defer os.RemoveAll(configuredTemplateDirectory)
t.Run("positive scenarios", func(t *testing.T) {
zipFilePathsExpectedPathsMap := map[string]string{
"nuclei-templates/cve/test.yaml": filepath.Join(configuredTemplateDirectory, "cve/test.yaml"),
"nuclei-templates/cve/test/test.yaml": filepath.Join(configuredTemplateDirectory, "cve/test/test.yaml"),
}
for filePathFromZip, expectedTemplateAbsPath := range zipFilePathsExpectedPathsMap {
calculatedTemplateAbsPath, skipFile, err := calculateTemplateAbsolutePath(filePathFromZip, configuredTemplateDirectory)
require.Nil(t, err)
require.Equal(t, expectedTemplateAbsPath, calculatedTemplateAbsPath)
require.False(t, skipFile)
}
})
t.Run("negative scenarios", func(t *testing.T) {
filePathsFromZip := []string{
"./../nuclei-templates/../cve/test.yaml",
"nuclei-templates/../cve/test.yaml",
"nuclei-templates/cve/../test.yaml",
"nuclei-templates/././../cve/test.yaml",
"nuclei-templates/.././../cve/test.yaml",
"nuclei-templates/.././../cve/../test.yaml",
}
for _, filePathFromZip := range filePathsFromZip {
calculatedTemplateAbsPath, skipFile, err := calculateTemplateAbsolutePath(filePathFromZip, configuredTemplateDirectory)
require.Nil(t, err)
require.True(t, skipFile)
require.Equal(t, "", calculatedTemplateAbsPath)
}
})
}
func zipFromDirectory(zipPath, directory string) error {
file, err := os.Create(zipPath)
if err != nil {

6
v2/pkg/catalog/config/config.go
View File

@ -34,7 +34,7 @@ func getConfigDetails() (string, error) {
return "", errors.Wrap(err, "could not get home directory")
}
configDir := filepath.Join(homeDir, ".config", "nuclei")
_ = os.MkdirAll(configDir, os.ModePerm)
_ = os.MkdirAll(configDir, 0755)
templatesConfigFile := filepath.Join(configDir, nucleiConfigFilename)
return templatesConfigFile, nil
}
@ -67,7 +67,7 @@ func WriteConfiguration(config *Config) error {
if err != nil {
return err
}
file, err := os.OpenFile(templatesConfigFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0777)
file, err := os.OpenFile(templatesConfigFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
if err != nil {
return err
}
@ -112,7 +112,7 @@ func getIgnoreFilePath() string {
home, err := os.UserHomeDir()
if err == nil {
configDir := filepath.Join(home, ".config", "nuclei")
_ = os.MkdirAll(configDir, os.ModePerm)
_ = os.MkdirAll(configDir, 0755)
defIgnoreFilePath = filepath.Join(configDir, nucleiIgnoreFile)
return defIgnoreFilePath

3
v2/pkg/catalog/find.go
View File

@ -7,6 +7,7 @@ import (
"github.com/karrick/godirwalk"
"github.com/pkg/errors"
"github.com/projectdiscovery/gologger"
)
@ -79,7 +80,7 @@ func (c *Catalog) GetTemplatePath(target string) ([]string, error) {
}
// convertPathToAbsolute resolves the paths provided to absolute paths
// before doing any operations on them regardless of them being blob, folders, files, etc.
// before doing any operations on them regardless of them being BLOB, folders, files, etc.
func (c *Catalog) convertPathToAbsolute(t string) (string, error) {
if strings.Contains(t, "*") {
file := filepath.Base(t)

6
v2/pkg/catalog/loader/filter/tag_filter.go
View File

@ -230,9 +230,9 @@ func splitCommaTrim(value string) []string {
if !strings.Contains(value, ",") {
return []string{strings.ToLower(value)}
}
splitted := strings.Split(value, ",")
final := make([]string, len(splitted))
for i, value := range splitted {
split := strings.Split(value, ",")
final := make([]string, len(split))
for i, value := range split {
final[i] = strings.ToLower(strings.TrimSpace(value))
}
return final

6
v2/pkg/catalog/loader/loader.go
View File

@ -98,8 +98,8 @@ func New(config *Config) (*Store, error) {
finalWorkflows: config.Workflows,
}
urlbasedTemplatesProvided := len(config.TemplateURLs) > 0 || len(config.WorkflowURLs) > 0
if urlbasedTemplatesProvided {
urlBasedTemplatesProvided := len(config.TemplateURLs) > 0 || len(config.WorkflowURLs) > 0
if urlBasedTemplatesProvided {
remoteTemplates, remoteWorkflows, err := getRemoteTemplatesAndWorkflows(config.TemplateURLs, config.WorkflowURLs)
if err != nil {
return store, err
@ -109,7 +109,7 @@ func New(config *Config) (*Store, error) {
}
// Handle a case with no templates or workflows, where we use base directory
if len(store.finalTemplates) == 0 && len(store.finalWorkflows) == 0 && !urlbasedTemplatesProvided {
if len(store.finalTemplates) == 0 && len(store.finalWorkflows) == 0 && !urlBasedTemplatesProvided {
store.finalTemplates = []string{config.TemplatesDirectory}
}

33
v2/pkg/core/execute.go
View File

@ -1,11 +1,12 @@
package core
import (
"github.com/remeh/sizedwaitgroup"
"go.uber.org/atomic"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
"github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
"github.com/remeh/sizedwaitgroup"
"go.uber.org/atomic"
)
// Execute takes a list of templates/workflows that have been compiled
@ -17,7 +18,7 @@ func (e *Engine) Execute(templates []*templates.Template, target InputProvider)
return e.ExecuteWithOpts(templates, target, false)
}
// ExecuteWithOpts is execute with the full options
// ExecuteWithOpts executes with the full options
func (e *Engine) ExecuteWithOpts(templatesList []*templates.Template, target InputProvider, noCluster bool) *atomic.Bool {
var finalTemplates []*templates.Template
if !noCluster {
@ -38,15 +39,17 @@ func (e *Engine) ExecuteWithOpts(templatesList []*templates.Template, target Inp
}
wg.Add()
switch {
case template.SelfContained:
// Self Contained requests are executed here separately
e.executeSelfContainedTemplateWithInput(template, results)
default:
// All other request types are executed here
e.executeModelWithInput(templateType, template, target, results)
}
wg.Done()
go func(tpl *templates.Template) {
switch {
case tpl.SelfContained:
// Self Contained requests are executed here separately
e.executeSelfContainedTemplateWithInput(tpl, results)
default:
// All other request types are executed here
e.executeModelWithInput(templateType, tpl, target, results)
}
wg.Done()
}(template)
}
e.workPool.Wait()
return results
@ -71,9 +74,9 @@ func (e *Engine) executeModelWithInput(templateType types.ProtocolType, template
return
}
wg.Waitgroup.Add()
wg.WaitGroup.Add()
go func(value string) {
defer wg.Waitgroup.Done()
defer wg.WaitGroup.Done()
var match bool
var err error
@ -89,5 +92,5 @@ func (e *Engine) executeModelWithInput(templateType types.ProtocolType, template
results.CAS(false, match)
}(scannedValue)
})
wg.Waitgroup.Wait()
wg.WaitGroup.Wait()
}

1
v2/pkg/core/inputs/hybrid/hmap.go
View File

@ -9,6 +9,7 @@ import (
"strings"
"github.com/pkg/errors"
"github.com/projectdiscovery/filekv"
"github.com/projectdiscovery/fileutil"
"github.com/projectdiscovery/gologger"

5
v2/pkg/core/workflow_execute.go
View File

@ -1,11 +1,12 @@
package core
import (
"github.com/remeh/sizedwaitgroup"
"go.uber.org/atomic"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/projectdiscovery/nuclei/v2/pkg/workflows"
"github.com/remeh/sizedwaitgroup"
"go.uber.org/atomic"
)
// executeWorkflow runs a workflow on an input and returns true or false

17
v2/pkg/core/workpool.go
View File

@ -1,12 +1,13 @@
package core
import (
"github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
"github.com/remeh/sizedwaitgroup"
"github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
)
// WorkPool implements an execution pool for executing different
// types of task with different concurreny requirements.
// types of task with different concurrency requirements.
//
// It also allows Configuration of such requirements. This is used
// for per-module like separate headless concurrency etc.
@ -16,7 +17,7 @@ type WorkPool struct {
config WorkPoolConfig
}
// WorkPoolConfig is the configuration for workpool
// WorkPoolConfig is the configuration for work pool
type WorkPoolConfig struct {
// InputConcurrency is the concurrency for inputs values.
InputConcurrency int
@ -40,18 +41,18 @@ func NewWorkPool(config WorkPoolConfig) *WorkPool {
}
}
// Wait waits for all the workpool waitgroups to finish
// Wait waits for all the work pool wait groups to finish
func (w *WorkPool) Wait() {
w.Default.Wait()
w.Headless.Wait()
}
// InputWorkPool is a workpool per-input
// InputWorkPool is a work pool per-input
type InputWorkPool struct {
Waitgroup *sizedwaitgroup.SizedWaitGroup
WaitGroup *sizedwaitgroup.SizedWaitGroup
}
// InputPool returns a workpool for an input type
// InputPool returns a work pool for an input type
func (w *WorkPool) InputPool(templateType types.ProtocolType) *InputWorkPool {
var count int
if templateType == types.HeadlessProtocol {
@ -60,5 +61,5 @@ func (w *WorkPool) InputPool(templateType types.ProtocolType) *InputWorkPool {
count = w.config.InputConcurrency
}
swg := sizedwaitgroup.New(count)
return &InputWorkPool{Waitgroup: &swg}
return &InputWorkPool{WaitGroup: &swg}
}

1
v2/pkg/model/model_test.go
View File

@ -72,6 +72,7 @@ func TestUnmarshal(t *testing.T) {
}
assertUnmarshalledTemplateInfo := func(t *testing.T, yamlPayload string) Info {
t.Helper()
info := Info{}
err := yaml.Unmarshal([]byte(yamlPayload), &info)
assert.Nil(t, err)

2
v2/pkg/model/types/severity/severities.go
View File

@ -43,7 +43,7 @@ func (severities *Severities) UnmarshalYAML(unmarshal func(interface{}) error) e
}
func (severities Severities) String() string {
var stringSeverities []string
var stringSeverities = make([]string, 0, len(severities))
for _, severity := range severities {
stringSeverities = append(stringSeverities, severity.String())
}

1
v2/pkg/model/types/severity/severity_holder.go
View File

@ -6,7 +6,6 @@ import (
"github.com/alecthomas/jsonschema"
)
//nolint:exported,revive //prefer to be explicit about the name, and make it refactor-safe
// Holder holds a Severity type. Required for un/marshalling purposes
type Holder struct {
Severity Severity

2
v2/pkg/model/types/severity/severity_test.go
View File

@ -30,6 +30,7 @@ func TestGetSupportedSeverities(t *testing.T) {
}
func testUnmarshal(t *testing.T, unmarshaller func(data []byte, v interface{}) error, payloadCreator func(value string) string) {
t.Helper()
payloads := [...]string{
payloadCreator("Info"),
payloadCreator("info"),
@ -48,6 +49,7 @@ func testUnmarshal(t *testing.T, unmarshaller func(data []byte, v interface{}) e
}
func testUnmarshalFail(t *testing.T, unmarshaller func(data []byte, v interface{}) error, payloadCreator func(value string) string) {
t.Helper()
assert.Panics(t, func() { unmarshal(payloadCreator("invalid"), unmarshaller) })
}

7
v2/pkg/model/types/stringslice/stringslice.go
View File

@ -80,11 +80,12 @@ func marshalStringToSlice(unmarshal func(interface{}) error) ([]string, error) {
}
var result []string
if len(marshalledValuesAsSlice) > 0 {
switch {
case len(marshalledValuesAsSlice) > 0:
result = marshalledValuesAsSlice
} else if utils.IsNotBlank(marshalledValueAsString) {
case utils.IsNotBlank(marshalledValueAsString):
result = strings.Split(marshalledValueAsString, ",")
} else {
default:
result = []string{}
}

3
v2/pkg/operators/common/dsl/dsl.go
View File

@ -19,10 +19,11 @@ import (
"time"
"github.com/Knetic/govaluate"
"github.com/spaolacci/murmur3"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/deserialization"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
"github.com/spaolacci/murmur3"
)
const (

3
v2/pkg/operators/common/dsl/dsl_test.go
View File

@ -8,8 +8,9 @@ import (
"time"
"github.com/Knetic/govaluate"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
)
func TestDSLURLEncodeDecode(t *testing.T) {

3
v2/pkg/operators/extractors/extract.go
View File

@ -1,9 +1,8 @@
package extractors
import (
"strings"
"encoding/json"
"strings"
"github.com/antchfx/htmlquery"

1
v2/pkg/operators/extractors/extractor_types.go
View File

@ -20,7 +20,6 @@ const (
XPathExtractor
// JSONExtractor extracts responses with json
JSONExtractor
//limit
limit
)

49
v2/pkg/operators/matchers/compile.go
View File

@ -12,74 +12,73 @@ import (
)
// CompileMatchers performs the initial setup operation on a matcher
func (m *Matcher) CompileMatchers() error {
func (matcher *Matcher) CompileMatchers() error {
var ok bool
// Support hexadecimal encoding for matchers too.
if m.Encoding == "hex" {
for i, word := range m.Words {
if matcher.Encoding == "hex" {
for i, word := range matcher.Words {
if decoded, err := hex.DecodeString(word); err == nil && len(decoded) > 0 {
m.Words[i] = string(decoded)
matcher.Words[i] = string(decoded)
}
}
}
// Set up the matcher type
computedType, err := toMatcherTypes(m.GetType().String())
computedType, err := toMatcherTypes(matcher.GetType().String())
if err != nil {
return fmt.Errorf("unknown matcher type specified: %s", m.Type)
return fmt.Errorf("unknown matcher type specified: %s", matcher.Type)
}
m.matcherType = computedType
matcher.matcherType = computedType
// By default, match on body if user hasn't provided any specific items
if m.Part == "" {
m.Part = "body"
if matcher.Part == "" {
matcher.Part = "body"
}
// Compile the regexes
for _, regex := range m.Regex {
for _, regex := range matcher.Regex {
compiled, err := regexp.Compile(regex)
if err != nil {
return fmt.Errorf("could not compile regex: %s", regex)
}
m.regexCompiled = append(m.regexCompiled, compiled)
matcher.regexCompiled = append(matcher.regexCompiled, compiled)
}
// Compile and validate binary Values in matcher
for _, value := range m.Binary {
for _, value := range matcher.Binary {
if decoded, err := hex.DecodeString(value); err != nil {
return fmt.Errorf("could not hex decode binary: %s", value)
} else {
m.binaryDecoded = append(m.binaryDecoded, string(decoded))
matcher.binaryDecoded = append(matcher.binaryDecoded, string(decoded))
}
}
// Compile the dsl expressions
for _, expr := range m.DSL {
for _, expr := range matcher.DSL {
compiled, err := govaluate.NewEvaluableExpressionWithFunctions(expr, dsl.HelperFunctions())
if err != nil {
return fmt.Errorf("could not compile dsl: %s", expr)
}
m.dslCompiled = append(m.dslCompiled, compiled)
matcher.dslCompiled = append(matcher.dslCompiled, compiled)
}
// Set up the condition type, if any.
if m.Condition != "" {
m.condition, ok = ConditionTypes[m.Condition]
if matcher.Condition != "" {
matcher.condition, ok = ConditionTypes[matcher.Condition]
if !ok {
return fmt.Errorf("unknown condition specified: %s", m.Condition)
return fmt.Errorf("unknown condition specified: %s", matcher.Condition)
}
} else {
m.condition = ORCondition
matcher.condition = ORCondition
}
if m.CaseInsensitive {
if m.GetType() != WordsMatcher {
return fmt.Errorf("case-insensitive flag is supported only for 'word' matchers (not '%s')", m.Type)
if matcher.CaseInsensitive {
if matcher.GetType() != WordsMatcher {
return fmt.Errorf("case-insensitive flag is supported only for 'word' matchers (not '%s')", matcher.Type)
}
for i := range m.Words {
m.Words[i] = strings.ToLower(m.Words[i])
for i := range matcher.Words {
matcher.Words[i] = strings.ToLower(matcher.Words[i])
}
}
return nil

50
v2/pkg/operators/matchers/match.go
View File

@ -7,11 +7,11 @@ import (
)
// MatchStatusCode matches a status code check against a corpus
func (m *Matcher) MatchStatusCode(statusCode int) bool {
func (matcher *Matcher) MatchStatusCode(statusCode int) bool {
// Iterate over all the status codes accepted as valid
//
// Status codes don't support AND conditions.
for _, status := range m.Status {
for _, status := range matcher.Status {
// Continue if the status codes don't match
if statusCode != status {
continue
@ -23,11 +23,11 @@ func (m *Matcher) MatchStatusCode(statusCode int) bool {
}
// MatchSize matches a size check against a corpus
func (m *Matcher) MatchSize(length int) bool {
func (matcher *Matcher) MatchSize(length int) bool {
// Iterate over all the sizes accepted as valid
//
// Sizes codes don't support AND conditions.
for _, size := range m.Size {
for _, size := range matcher.Size {
// Continue if the size doesn't match
if length != size {
continue
@ -39,14 +39,14 @@ func (m *Matcher) MatchSize(length int) bool {
}
// MatchWords matches a word check against a corpus.
func (m *Matcher) MatchWords(corpus string, dynamicValues map[string]interface{}) (bool, []string) {
if m.CaseInsensitive {
func (matcher *Matcher) MatchWords(corpus string, dynamicValues map[string]interface{}) (bool, []string) {
if matcher.CaseInsensitive {
corpus = strings.ToLower(corpus)
}
var matchedWords []string
// Iterate over all the words accepted as valid
for i, word := range m.Words {
for i, word := range matcher.Words {
if dynamicValues == nil {
dynamicValues = make(map[string]interface{})
}
@ -60,7 +60,7 @@ func (m *Matcher) MatchWords(corpus string, dynamicValues map[string]interface{}
if !strings.Contains(corpus, word) {
// If we are in an AND request and a match failed,
// return false as the AND condition fails on any single mismatch.
if m.condition == ANDCondition {
if matcher.condition == ANDCondition {
return false, []string{}
}
// Continue with the flow since it's an OR Condition.
@ -68,14 +68,14 @@ func (m *Matcher) MatchWords(corpus string, dynamicValues map[string]interface{}
}
// If the condition was an OR, return on the first match.
if m.condition == ORCondition {
if matcher.condition == ORCondition {
return true, []string{word}
}
matchedWords = append(matchedWords, word)
// If we are at the end of the words, return with true
if len(m.Words)-1 == i {
if len(matcher.Words)-1 == i {
return true, matchedWords
}
}
@ -83,15 +83,15 @@ func (m *Matcher) MatchWords(corpus string, dynamicValues map[string]interface{}
}
// MatchRegex matches a regex check against a corpus
func (m *Matcher) MatchRegex(corpus string) (bool, []string) {
func (matcher *Matcher) MatchRegex(corpus string) (bool, []string) {
var matchedRegexes []string
// Iterate over all the regexes accepted as valid
for i, regex := range m.regexCompiled {
for i, regex := range matcher.regexCompiled {
// Continue if the regex doesn't match
if !regex.MatchString(corpus) {
// If we are in an AND request and a match failed,
// return false as the AND condition fails on any single mismatch.
if m.condition == ANDCondition {
if matcher.condition == ANDCondition {
return false, []string{}
}
// Continue with the flow since it's an OR Condition.
@ -100,14 +100,14 @@ func (m *Matcher) MatchRegex(corpus string) (bool, []string) {
currentMatches := regex.FindAllString(corpus, -1)
// If the condition was an OR, return on the first match.
if m.condition == ORCondition {
if matcher.condition == ORCondition {
return true, currentMatches
}
matchedRegexes = append(matchedRegexes, currentMatches...)
// If we are at the end of the regex, return with true
if len(m.regexCompiled)-1 == i {
if len(matcher.regexCompiled)-1 == i {
return true, matchedRegexes
}
}
@ -115,14 +115,14 @@ func (m *Matcher) MatchRegex(corpus string) (bool, []string) {
}
// MatchBinary matches a binary check against a corpus
func (m *Matcher) MatchBinary(corpus string) (bool, []string) {
func (matcher *Matcher) MatchBinary(corpus string) (bool, []string) {
var matchedBinary []string
// Iterate over all the words accepted as valid
for i, binary := range m.binaryDecoded {
for i, binary := range matcher.binaryDecoded {
if !strings.Contains(corpus, binary) {
// If we are in an AND request and a match failed,
// return false as the AND condition fails on any single mismatch.
if m.condition == ANDCondition {
if matcher.condition == ANDCondition {
return false, []string{}
}
// Continue with the flow since it's an OR Condition.
@ -130,14 +130,14 @@ func (m *Matcher) MatchBinary(corpus string) (bool, []string) {
}
// If the condition was an OR, return on the first match.
if m.condition == ORCondition {
if matcher.condition == ORCondition {
return true, []string{binary}
}
matchedBinary = append(matchedBinary, binary)
// If we are at the end of the words, return with true
if len(m.Binary)-1 == i {
if len(matcher.Binary)-1 == i {
return true, matchedBinary
}
}
@ -145,9 +145,9 @@ func (m *Matcher) MatchBinary(corpus string) (bool, []string) {
}
// MatchDSL matches on a generic map result
func (m *Matcher) MatchDSL(data map[string]interface{}) bool {
func (matcher *Matcher) MatchDSL(data map[string]interface{}) bool {
// Iterate over all the expressions accepted as valid
for i, expression := range m.dslCompiled {
for i, expression := range matcher.dslCompiled {
result, err := expression.Evaluate(data)
if err != nil {
continue
@ -160,7 +160,7 @@ func (m *Matcher) MatchDSL(data map[string]interface{}) bool {
if !ok || !bResult {
// If we are in an AND request and a match failed,
// return false as the AND condition fails on any single mismatch.
if m.condition == ANDCondition {
if matcher.condition == ANDCondition {
return false
}
// Continue with the flow since it's an OR Condition.
@ -168,12 +168,12 @@ func (m *Matcher) MatchDSL(data map[string]interface{}) bool {
}
// If the condition was an OR, return on the first match.
if m.condition == ORCondition {
if matcher.condition == ORCondition {
return true
}
// If we are at the end of the dsl, return with true
if len(m.dslCompiled)-1 == i {
if len(matcher.dslCompiled)-1 == i {
return true
}
}

12
v2/pkg/operators/matchers/matchers.go
View File

@ -62,7 +62,7 @@ type Matcher struct {
// description: |
// Words contains word patterns required to be present in the response part.
// examples:
// - name: Match for outlook mail protection domain
// - name: Match for Outlook mail protection domain
// value: >
// []string{"mail.protection.outlook.com"}
// - name: Match for application/json in response headers
@ -120,7 +120,6 @@ type Matcher struct {
dslCompiled []*govaluate.EvaluableExpression
}
// ConditionType is the type of condition for matcher
type ConditionType int
@ -138,18 +137,17 @@ var ConditionTypes = map[string]ConditionType{
}
// Result reverts the results of the match if the matcher is of type negative.
func (m *Matcher) Result(data bool) bool {
if m.Negative {
func (matcher *Matcher) Result(data bool) bool {
if matcher.Negative {
return !data
}
return data
}
// ResultWithMatchedSnippet returns true and the matched snippet, or false and an empty string
func (m *Matcher) ResultWithMatchedSnippet(data bool, matchedSnippet []string) (bool, []string) {
if m.Negative {
func (matcher *Matcher) ResultWithMatchedSnippet(data bool, matchedSnippet []string) (bool, []string) {
if matcher.Negative {
return !data, []string{}
}
return data, matchedSnippet
}

5
v2/pkg/operators/matchers/matchers_types.go
View File

@ -24,7 +24,6 @@ const (
SizeMatcher
// DSLMatcher matches based upon dsl syntax
DSLMatcher
//limit
limit
)
@ -39,8 +38,8 @@ var MatcherTypes = map[MatcherType]string{
}
//GetType returns the type of the matcher
func (e *Matcher) GetType() MatcherType {
return e.Type.MatcherType
func (matcher *Matcher) GetType() MatcherType {
return matcher.Type.MatcherType
}
// GetSupportedMatcherTypes returns list of supported types

3
v2/pkg/parsers/parser_test.go
View File

@ -5,11 +5,12 @@ import (
"fmt"
"testing"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader/filter"
"github.com/projectdiscovery/nuclei/v2/pkg/model"
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
"github.com/projectdiscovery/nuclei/v2/pkg/templates"
"github.com/stretchr/testify/require"
)
func TestLoadTemplate(t *testing.T) {

28
v2/pkg/projectfile/httputil.go
View File

@ -79,23 +79,6 @@ func newInternalResponse() *InternalResponse {
}
}
// Unused
// func toInternalRequest(req *http.Request, target string, body []byte) *InternalRequest {
// intReq := newInternalRquest()
// intReq.Target = target
// intReq.HTTPMajor = req.ProtoMajor
// intReq.HTTPMinor = req.ProtoMinor
// for k, v := range req.Header {
// intReq.Headers[k] = v
// }
// intReq.Headers = req.Header
// intReq.Method = req.Method
// intReq.Body = body
// return intReq
// }
func toInternalResponse(resp *http.Response, body []byte) *InternalResponse {
intResp := newInternalResponse()
@ -125,14 +108,3 @@ func fromInternalResponse(intResp *InternalResponse) *http.Response {
Body: ioutil.NopCloser(bytes.NewReader(intResp.Body)),
}
}
// Unused
// func fromInternalRequest(intReq *InternalRequest) *http.Request {
// return &http.Request{
// ProtoMinor: intReq.HTTPMinor,
// ProtoMajor: intReq.HTTPMajor,
// Header: intReq.Headers,
// ContentLength: int64(len(intReq.Body)),
// Body: ioutil.NopCloser(bytes.NewReader(intReq.Body)),
// }
// }

16
v2/pkg/projectfile/project.go
View File

@ -42,13 +42,13 @@ func (pf *ProjectFile) Get(req []byte) (*http.Response, error) {
return nil, fmt.Errorf("not found")
}
var httprecord HTTPRecord
httprecord.Response = newInternalResponse()
if err := unmarshal(data, &httprecord); err != nil {
var httpRecord HTTPRecord
httpRecord.Response = newInternalResponse()
if err := unmarshal(data, &httpRecord); err != nil {
return nil, err
}
return fromInternalResponse(httprecord.Response), nil
return fromInternalResponse(httpRecord.Response), nil
}
func (pf *ProjectFile) Set(req []byte, resp *http.Response, data []byte) error {
@ -57,10 +57,10 @@ func (pf *ProjectFile) Set(req []byte, resp *http.Response, data []byte) error {
return err
}
var httprecord HTTPRecord
httprecord.Request = req
httprecord.Response = toInternalResponse(resp, data)
data, err = marshal(httprecord)
var httpRecord HTTPRecord
httpRecord.Request = req
httpRecord.Response = toInternalResponse(resp, data)
data, err = marshal(httpRecord)
if err != nil {
return err
}

3
v2/pkg/protocols/common/expressions/expressions.go
View File

@ -4,12 +4,13 @@ import (
"regexp"
"github.com/Knetic/govaluate"
"github.com/projectdiscovery/nuclei/v2/pkg/operators/common/dsl"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/generators"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer"
)
var templateExpressionRegex = regexp.MustCompile(`(?m)\{\{[^}]+\}\}["'\)\}]*`)
var templateExpressionRegex = regexp.MustCompile(`(?m){{[^}]+}}["')}]*`)
// Evaluate checks if the match contains a dynamic variable, for each
// found one we will check if it's an expression and can

2
v2/pkg/protocols/common/expressions/variables.go
View File

@ -6,7 +6,7 @@ import (
"strings"
)
var unresolvedVariablesRegex = regexp.MustCompile(`(?:%7[B|b]|\{){2}([^}]+)(?:%7[D|d]|\}){2}["'\)\}]*`)
var unresolvedVariablesRegex = regexp.MustCompile(`(?:%7[B|b]|{){2}([^}]+)(?:%7[D|d]|}){2}["')}]*`)
// ContainsUnresolvedVariables returns an error with variable names if the passed
// input contains unresolved {{<pattern-here>}} variables.

8
v2/pkg/protocols/common/generators/attack_types.go
View File

@ -13,12 +13,12 @@ type AttackType int
// Supported values for the ProtocolType
const (
// BatteringRamAttack replaces same payload into all of the defined payload positions at once.
// BatteringRamAttack replaces same payload in all the defined payload positions at once
BatteringRamAttack AttackType = iota + 1
// PitchForkAttack replaces variables with positional value from multiple wordlists
PitchForkAttack
// ClusterbombAttack replaces variables with all possible combinations of values
ClusterbombAttack
// ClusterBombAttack replaces variables with all possible combinations of values
ClusterBombAttack
limit
)
@ -26,7 +26,7 @@ const (
var attackTypeMappings = map[AttackType]string{
BatteringRamAttack: "batteringram",
PitchForkAttack: "pitchfork",
ClusterbombAttack: "clusterbomb",
ClusterBombAttack: "clusterbomb",
}
func GetSupportedAttackTypes() []AttackType {

7
v2/pkg/protocols/common/generators/generators.go
View File

@ -4,6 +4,7 @@ package generators
import (
"github.com/pkg/errors"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
)
@ -110,7 +111,7 @@ func (i *Iterator) Total() int {
count = len(p.values)
}
}
case ClusterbombAttack:
case ClusterBombAttack:
count = 1
for _, p := range i.payloads {
count *= len(p.values)
@ -126,7 +127,7 @@ func (i *Iterator) Value() (map[string]interface{}, bool) {
return i.batteringRamValue()
case PitchForkAttack:
return i.pitchforkValue()
case ClusterbombAttack:
case ClusterBombAttack:
return i.clusterbombValue()
default:
return i.batteringRamValue()
@ -183,7 +184,7 @@ func (i *Iterator) clusterbombValue() (map[string]interface{}, bool) {
signalNext = false
}
if !p.next() {
// No more inputs in this inputprovider
// No more inputs in this input provider
if index == i.msbIterator {
// Reset all previous wordlists and increment the msb counter
i.msbIterator++

5
v2/pkg/protocols/common/generators/generators_test.go
View File

@ -3,8 +3,9 @@ package generators
import (
"testing"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
)
func TestBatteringRamGenerator(t *testing.T) {
@ -53,7 +54,7 @@ func TestClusterbombGenerator(t *testing.T) {
passwords := []string{"admin", "password", "token"}
catalogInstance := catalog.New("")
generator, err := New(map[string]interface{}{"username": usernames, "password": passwords}, ClusterbombAttack, "", catalogInstance)
generator, err := New(map[string]interface{}{"username": usernames, "password": passwords}, ClusterBombAttack, "", catalogInstance)
require.Nil(t, err, "could not create generator")
iterator := generator.NewIterator()

2
v2/pkg/protocols/common/generators/load.go
View File

@ -53,7 +53,7 @@ func loadPayloadsFromFile(filepath string) ([]string, error) {
}
lines = append(lines, text)
}
if err := scanner.Err(); err != nil && err != io.EOF {
if err := scanner.Err(); err != nil && !errors.Is(err, io.EOF) {
return lines, scanner.Err()
}
return lines, nil

16
v2/pkg/protocols/common/generators/validate.go
View File

@ -13,15 +13,15 @@ import (
// validate validates the payloads if any.
func (g *PayloadGenerator) validate(payloads map[string]interface{}, templatePath string) error {
for name, payload := range payloads {
switch pt := payload.(type) {
switch payloadType := payload.(type) {
case string:
// check if it's a multiline string list
if len(strings.Split(pt, "\n")) != 1 {
if len(strings.Split(payloadType, "\n")) != 1 {
return errors.New("invalid number of lines in payload")
}
// check if it's a worldlist file and try to load it
if fileExists(pt) {
if fileExists(payloadType) {
continue
}
@ -29,18 +29,18 @@ func (g *PayloadGenerator) validate(payloads map[string]interface{}, templatePat
pathTokens := strings.Split(templatePath, string(os.PathSeparator))
for i := range pathTokens {
tpath := filepath.Join(filepath.Join(pathTokens[:i]...), pt)
if fileExists(tpath) {
payloads[name] = tpath
payloadPath := filepath.Join(filepath.Join(pathTokens[:i]...), payloadType)
if fileExists(payloadPath) {
payloads[name] = payloadPath
changed = true
break
}
}
if !changed {
return fmt.Errorf("the %s file for payload %s does not exist or does not contain enough elements", pt, name)
return fmt.Errorf("the %s file for payload %s does not exist or does not contain enough elements", payloadType, name)
}
case interface{}:
loadedPayloads := types.ToStringSlice(pt)
loadedPayloads := types.ToStringSlice(payloadType)
if len(loadedPayloads) == 0 {
return fmt.Errorf("the payload %s does not contain enough elements", name)
}

10
v2/pkg/protocols/common/hosterrorscache/hosterrorscache.go
View File

@ -7,6 +7,7 @@ import (
"strings"
"github.com/bluele/gcache"
"github.com/projectdiscovery/gologger"
)
@ -16,7 +17,7 @@ import (
// It uses an LRU cache internally for skipping unresponsive hosts
// that remain so for a duration.
type Cache struct {
MaxHostError int
MaxHostError int
verbose bool
failedTargets gcache.Cache
}
@ -24,11 +25,11 @@ type Cache struct {
const DefaultMaxHostsCount = 10000
// New returns a new host max errors cache
func New(MaxHostError, maxHostsCount int) *Cache {
func New(maxHostError, maxHostsCount int) *Cache {
gc := gcache.New(maxHostsCount).
ARC().
Build()
return &Cache{failedTargets: gc, MaxHostError: MaxHostError}
return &Cache{failedTargets: gc, MaxHostError: maxHostError}
}
// SetVerbose sets the cache to log at verbose level
@ -46,7 +47,6 @@ func (c *Cache) normalizeCacheValue(value string) string {
finalValue := value
if strings.HasPrefix(value, "http") {
if parsed, err := url.Parse(value); err == nil {
hostname := parsed.Host
finalPort := parsed.Port()
if finalPort == "" {
@ -64,7 +64,7 @@ func (c *Cache) normalizeCacheValue(value string) string {
}
// ErrUnresponsiveHost is returned when a host is unresponsive
//var ErrUnresponsiveHost = errors.New("skipping as host is unresponsive")
// var ErrUnresponsiveHost = errors.New("skipping as host is unresponsive")
// Check returns true if a host should be skipped as it has been
// unresponsive for a certain number of times.

6
v2/pkg/protocols/common/hosterrorscache/hosterrorscache_test.go
View File

@ -11,15 +11,15 @@ func TestCacheCheckMarkFailed(t *testing.T) {
cache.MarkFailed("http://example.com:80")
if value, err := cache.failedTargets.Get("http://example.com:80"); err == nil && value != nil {
require.Equal(t, 1, value, "could not get correct markfailed")
require.Equal(t, 1, value, "could not get correct number of marked failed hosts")
}
cache.MarkFailed("example.com:80")
if value, err := cache.failedTargets.Get("example.com:80"); err == nil && value != nil {
require.Equal(t, 2, value, "could not get correct markfailed")
require.Equal(t, 2, value, "could not get correct number of marked failed hosts")
}
cache.MarkFailed("example.com")
if value, err := cache.failedTargets.Get("example.com"); err == nil && value != nil {
require.Equal(t, 1, value, "could not get correct markfailed")
require.Equal(t, 1, value, "could not get correct number of marked failed hosts")
}
for i := 0; i < 3; i++ {
cache.MarkFailed("test")

1
v2/pkg/protocols/common/protocolinit/init.go
View File

@ -2,6 +2,7 @@ package protocolinit
import (
"github.com/corpix/uarand"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/dns/dnsclientpool"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/httpclientpool"

1
v2/pkg/protocols/common/protocolstate/state.go
View File

@ -2,6 +2,7 @@ package protocolstate
import (
"github.com/pkg/errors"
"github.com/projectdiscovery/fastdialer/fastdialer"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
)

1
v2/pkg/protocols/dns/dns_types.go
View File

@ -21,7 +21,6 @@ const (
MX
TXT
AAAA
//limit
limit
)

2
v2/pkg/protocols/dns/dnsclientpool/clientpool.go
View File

@ -23,7 +23,7 @@ var defaultResolvers = []string{
"8.8.4.4:53", // Google
}
// Init initializes the clientpool implementation
// Init initializes the client pool implementation
func Init(options *types.Options) error {
// Don't create clients if already created in the past.
if normalClient != nil {

10
v2/pkg/protocols/dns/operators.go
View File

@ -76,7 +76,7 @@ func (request *Request) getMatchPart(part string, data output.InternalEvent) (in
}
// responseToDSLMap converts a DNS response to a map for use in DSL matching
func (request *Request) responseToDSLMap(req, resp *dns.Msg, host, matched string, tracedata *retryabledns.TraceData) output.InternalEvent {
func (request *Request) responseToDSLMap(req, resp *dns.Msg, host, matched string, traceData *retryabledns.TraceData) output.InternalEvent {
return output.InternalEvent{
"host": host,
"matched": matched,
@ -91,7 +91,7 @@ func (request *Request) responseToDSLMap(req, resp *dns.Msg, host, matched strin
"template-info": request.options.TemplateInfo,
"template-path": request.options.TemplatePath,
"type": request.Type().String(),
"trace": traceToString(tracedata, false),
"trace": traceToString(traceData, false),
}
}
@ -133,10 +133,10 @@ func questionToString(resourceRecords []dns.Question) string {
return buffer.String()
}
func traceToString(tracedata *retryabledns.TraceData, withSteps bool) string {
func traceToString(traceData *retryabledns.TraceData, withSteps bool) string {
buffer := &bytes.Buffer{}
if tracedata != nil {
for i, dnsRecord := range tracedata.DNSData {
if traceData != nil {
for i, dnsRecord := range traceData.DNSData {
if withSteps {
buffer.WriteString(fmt.Sprintf("request %d to resolver %s:\n", i, strings.Join(dnsRecord.Resolver, ",")))
}

18
v2/pkg/protocols/dns/request.go
View File

@ -12,8 +12,8 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/eventcreator"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/responsehighlighter"
"github.com/projectdiscovery/retryabledns"
templateTypes "github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
"github.com/projectdiscovery/retryabledns"
)
var _ protocols.Request = &Request{}
@ -74,15 +74,15 @@ func (request *Request) ExecuteWithResults(input string, metadata /*TODO review
gologger.Verbose().Msgf("[%s] Sent DNS request to %s\n", request.options.TemplateID, domain)
// perform trace if necessary
var tracedata *retryabledns.TraceData
var traceData *retryabledns.TraceData
if request.Trace {
tracedata, err = request.dnsClient.Trace(domain, request.question, request.TraceMaxRecursion)
traceData, err = request.dnsClient.Trace(domain, request.question, request.TraceMaxRecursion)
if err != nil {
request.options.Output.Request(request.options.TemplatePath, domain, "dns", err)
}
}
outputEvent := request.responseToDSLMap(compiledRequest, response, input, input, tracedata)
outputEvent := request.responseToDSLMap(compiledRequest, response, input, input, traceData)
for k, v := range previous {
outputEvent[k] = v
}
@ -92,7 +92,7 @@ func (request *Request) ExecuteWithResults(input string, metadata /*TODO review
dumpResponse(event, request.options, response.String(), domain)
if request.Trace {
dumpTraceData(event, request.options, traceToString(tracedata, true), domain)
dumpTraceData(event, request.options, traceToString(traceData, true), domain)
}
callback(event)
@ -112,15 +112,15 @@ func dumpResponse(event *output.InternalWrappedEvent, requestOptions *protocols.
}
}
func dumpTraceData(event *output.InternalWrappedEvent, requestOptions *protocols.ExecuterOptions, tracedata, domain string) {
func dumpTraceData(event *output.InternalWrappedEvent, requestOptions *protocols.ExecuterOptions, traceData, domain string) {
cliOptions := requestOptions.Options
if cliOptions.Debug || cliOptions.DebugResponse {
hexDump := false
if responsehighlighter.HasBinaryContent(tracedata) {
if responsehighlighter.HasBinaryContent(traceData) {
hexDump = true
tracedata = hex.Dump([]byte(tracedata))
traceData = hex.Dump([]byte(traceData))
}
highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, tracedata, cliOptions.NoColor, hexDump)
highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, traceData, cliOptions.NoColor, hexDump)
gologger.Debug().Msgf("[%s] Dumped DNS Trace data for %s\n\n%s", requestOptions.TemplateID, domain, highlightedResponse)
}
}

2
v2/pkg/protocols/file/find_test.go
View File

@ -44,7 +44,7 @@ func TestFindInputPaths(t *testing.T) {
"test.js": "TEST",
}
for k, v := range files {
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), 0777)
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), os.ModePerm)
require.Nil(t, err, "could not write temporary file")
}
expected := []string{"config.yaml", "final.yaml", "test.js"}

2
v2/pkg/protocols/file/request_test.go
View File

@ -57,7 +57,7 @@ func TestFileExecuteWithResults(t *testing.T) {
"config.yaml": "TEST\r\n1.1.1.1\r\n",
}
for k, v := range files {
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), 0777)
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), os.ModePerm)
require.Nil(t, err, "could not write temporary file")
}

10
v2/pkg/protocols/headless/engine/engine.go
View File

@ -21,7 +21,7 @@ import (
type Browser struct {
customAgent string
tempDir string
previouspids map[int32]struct{} // track already running pids
previousPIDs map[int32]struct{} // track already running PIDs
engine *rod.Browser
httpclient *http.Client
options *types.Options
@ -33,7 +33,7 @@ func New(options *types.Options) (*Browser, error) {
if err != nil {
return nil, errors.Wrap(err, "could not create temporary directory")
}
previouspids := findChromeProcesses()
previousPIDs := findChromeProcesses()
chromeLauncher := launcher.New().
Leakless(false).
@ -89,7 +89,7 @@ func New(options *types.Options) (*Browser, error) {
customAgent = uarand.GetRandom()
}
httpclient, err := newhttpClient(options)
httpclient, err := newHttpClient(options)
if err != nil {
return nil, err
}
@ -101,7 +101,7 @@ func New(options *types.Options) (*Browser, error) {
httpclient: httpclient,
options: options,
}
engine.previouspids = previouspids
engine.previousPIDs = previousPIDs
return engine, nil
}
@ -123,7 +123,7 @@ func (b *Browser) killChromeProcesses() {
continue
}
// skip chrome processes that were already running
if _, ok := b.previouspids[process.Pid]; ok {
if _, ok := b.previousPIDs[process.Pid]; ok {
continue
}
_ = process.Kill()

7
v2/pkg/protocols/headless/engine/http_client.go
View File

@ -12,13 +12,14 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
"golang.org/x/net/proxy"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate"
"github.com/projectdiscovery/nuclei/v2/pkg/types"
"golang.org/x/net/proxy"
)
// newhttpClient creates a new http client for headless communication with a timeout
func newhttpClient(options *types.Options) (*http.Client, error) {
// newHttpClient creates a new http client for headless communication with a timeout
func newHttpClient(options *types.Options) (*http.Client, error) {
dialer := protocolstate.Dialer
// Set the base TLS configuration definition

12
v2/pkg/protocols/headless/engine/page_actions.go
View File

@ -399,12 +399,12 @@ func (p *Page) SelectInputElement(act *Action, out map[string]string /*TODO revi
return errors.Wrap(err, "could not scroll into view")
}
selectedbool := false
selectedBool := false
if act.GetArg("selected") == "true" {
selectedbool = true
selectedBool = true
}
by := act.GetArg("selector")
if err := element.Select([]string{value}, selectedbool, selectorBy(by)); err != nil {
if err := element.Select([]string{value}, selectedBool, selectorBy(by)); err != nil {
return errors.Wrap(err, "could not select input")
}
return nil
@ -509,7 +509,7 @@ func (p *Page) WaitEvent(act *Action, out map[string]string /*TODO review unused
protoEvent := &protoEvent{event: event}
// Uses another instance in order to be able to chain the timeout only to the wait operation
pagec := p.page
pageCopy := p.page
timeout := act.GetArg("timeout")
if timeout != "" {
ts, err := strconv.Atoi(timeout)
@ -517,11 +517,11 @@ func (p *Page) WaitEvent(act *Action, out map[string]string /*TODO review unused
return errors.Wrap(err, "could not get timeout")
}
if ts > 0 {
pagec = p.page.Timeout(time.Duration(ts) * time.Second)
pageCopy = p.page.Timeout(time.Duration(ts) * time.Second)
}
}
// Just wait the event to happen
pagec.WaitEvent(protoEvent)()
pageCopy.WaitEvent(protoEvent)()
return nil
}

118
v2/pkg/protocols/headless/engine/page_actions_test.go
View File

@ -28,7 +28,7 @@ func TestActionNavigate(t *testing.T) {
</body>
</html>`
actions := []*Action{{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}}, {ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}}}
actions := []*Action{{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}}, {ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}}}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
require.Nil(t, err, "could not run page actions")
@ -50,9 +50,9 @@ func TestActionScript(t *testing.T) {
t.Run("run-and-results", func(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionScript)}, Name: "test", Data: map[string]string{"code": "window.test"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionScript}, Name: "test", Data: map[string]string{"code": "window.test"}},
}
testHeadlessSimpleResponse(t, response, actions, timeout, func(page *Page, err error, out map[string]string) {
@ -64,10 +64,10 @@ func TestActionScript(t *testing.T) {
t.Run("hook", func(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionScript)}, Data: map[string]string{"code": "window.test = 'some-data';", "hook": "true"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionScript)}, Name: "test", Data: map[string]string{"code": "window.test"}},
{ActionType: ActionTypeHolder{ActionType: ActionScript}, Data: map[string]string{"code": "window.test = 'some-data';", "hook": "true"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionScript}, Name: "test", Data: map[string]string{"code": "window.test"}},
}
testHeadlessSimpleResponse(t, response, actions, timeout, func(page *Page, err error, out map[string]string) {
require.Nil(t, err, "could not run page actions")
@ -88,9 +88,9 @@ func TestActionClick(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionClick)}, Data: map[string]string{"selector": "button"}}, // Use css selector for clicking
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionClick}, Data: map[string]string{"selector": "button"}}, // Use css selector for clicking
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -121,9 +121,9 @@ func TestActionRightClick(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionRightClick)}, Data: map[string]string{"selector": "button"}}, // Use css selector for clicking
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionRightClick}, Data: map[string]string{"selector": "button"}}, // Use css selector for clicking
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -146,9 +146,9 @@ func TestActionTextInput(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionTextInput)}, Data: map[string]string{"selector": "input", "value": "test"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionTextInput}, Data: map[string]string{"selector": "input", "value": "test"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -163,9 +163,9 @@ func TestActionTextInput(t *testing.T) {
func TestActionHeadersChange(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionSetHeader)}, Data: map[string]string{"part": "request", "key": "Test", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionSetHeader}, Data: map[string]string{"part": "request", "key": "Test", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
}
handler := func(w http.ResponseWriter, r *http.Request) {
@ -190,9 +190,9 @@ func TestActionScreenshot(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionScreenshot)}, Data: map[string]string{"to": "test"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionScreenshot}, Data: map[string]string{"to": "test"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -215,9 +215,9 @@ func TestActionTimeInput(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionTimeInput)}, Data: map[string]string{"selector": "input", "value": "2006-01-02T15:04:05Z"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionTimeInput}, Data: map[string]string{"selector": "input", "value": "2006-01-02T15:04:05Z"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -243,9 +243,9 @@ func TestActionSelectInput(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionSelectInput)}, Data: map[string]string{"by": "x", "xpath": "//select[@id='test']", "value": "Test2", "selected": "true"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionSelectInput}, Data: map[string]string{"by": "x", "xpath": "//select[@id='test']", "value": "Test2", "selected": "true"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -266,9 +266,9 @@ func TestActionFilesInput(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionFilesInput)}, Data: map[string]string{"selector": "input", "value": "test1.pdf"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionFilesInput}, Data: map[string]string{"selector": "input", "value": "test1.pdf"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -292,8 +292,8 @@ func TestActionWaitLoad(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -317,8 +317,8 @@ func TestActionGetResource(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionGetResource)}, Data: map[string]string{"by": "x", "xpath": "//img[@id='test']"}, Name: "src"},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionGetResource}, Data: map[string]string{"by": "x", "xpath": "//img[@id='test']"}, Name: "src"},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -337,8 +337,8 @@ func TestActionExtract(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionExtract)}, Data: map[string]string{"by": "x", "xpath": "//button[@id='test']"}, Name: "extract"},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionExtract}, Data: map[string]string{"by": "x", "xpath": "//button[@id='test']"}, Name: "extract"},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -356,8 +356,8 @@ func TestActionSetMethod(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionSetMethod)}, Data: map[string]string{"part": "x", "method": "SET"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionSetMethod}, Data: map[string]string{"part": "x", "method": "SET"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -368,9 +368,9 @@ func TestActionSetMethod(t *testing.T) {
func TestActionAddHeader(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionAddHeader)}, Data: map[string]string{"part": "request", "key": "Test", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionAddHeader}, Data: map[string]string{"part": "request", "key": "Test", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
}
handler := func(w http.ResponseWriter, r *http.Request) {
@ -387,11 +387,11 @@ func TestActionAddHeader(t *testing.T) {
func TestActionDeleteHeader(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionAddHeader)}, Data: map[string]string{"part": "request", "key": "Test1", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionAddHeader)}, Data: map[string]string{"part": "request", "key": "Test2", "value": "World"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionDeleteHeader)}, Data: map[string]string{"part": "request", "key": "Test2"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionAddHeader}, Data: map[string]string{"part": "request", "key": "Test1", "value": "Hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionAddHeader}, Data: map[string]string{"part": "request", "key": "Test2", "value": "World"}},
{ActionType: ActionTypeHolder{ActionType: ActionDeleteHeader}, Data: map[string]string{"part": "request", "key": "Test2"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
}
handler := func(w http.ResponseWriter, r *http.Request) {
@ -408,9 +408,9 @@ func TestActionDeleteHeader(t *testing.T) {
func TestActionSetBody(t *testing.T) {
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionSetBody)}, Data: map[string]string{"part": "request", "body": "hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionSetBody}, Data: map[string]string{"part": "request", "body": "hello"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
}
handler := func(w http.ResponseWriter, r *http.Request) {
@ -436,10 +436,10 @@ func TestActionKeyboard(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitLoad)}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionClick)}, Data: map[string]string{"selector": "input"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionKeyboard)}, Data: map[string]string{"keys": "Test2"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitLoad}},
{ActionType: ActionTypeHolder{ActionType: ActionClick}, Data: map[string]string{"selector": "input"}},
{ActionType: ActionTypeHolder{ActionType: ActionKeyboard}, Data: map[string]string{"keys": "Test2"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -462,8 +462,8 @@ func TestActionSleep(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionSleep)}, Data: map[string]string{"duration": "2"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionSleep}, Data: map[string]string{"duration": "2"}},
}
testHeadlessSimpleResponse(t, response, actions, 20*time.Second, func(page *Page, err error, out map[string]string) {
@ -485,8 +485,8 @@ func TestActionWaitVisible(t *testing.T) {
</html>`
actions := []*Action{
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionNavigate)}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionType(ActionWaitVisible)}, Data: map[string]string{"by": "x", "xpath": "//button[@id='test']"}},
{ActionType: ActionTypeHolder{ActionType: ActionNavigate}, Data: map[string]string{"url": "{{BaseURL}}"}},
{ActionType: ActionTypeHolder{ActionType: ActionWaitVisible}, Data: map[string]string{"by": "x", "xpath": "//button[@id='test']"}},
}
t.Run("wait for an element being visible", func(t *testing.T) {

23
v2/pkg/protocols/headless/engine/rules.go
View File

@ -8,7 +8,7 @@ import (
// routingRuleHandler handles proxy rule for actions related to request/response modification
func (p *Page) routingRuleHandler(ctx *rod.Hijack) {
// usually browsers don't use chunked transfer encoding so we set the content-length nevertheless
// usually browsers don't use chunked transfer encoding, so we set the content-length nevertheless
ctx.Request.Req().ContentLength = int64(len(ctx.Request.Body()))
for _, rule := range p.rules {
@ -16,15 +16,16 @@ func (p *Page) routingRuleHandler(ctx *rod.Hijack) {
continue
}
if rule.Action == ActionSetMethod {
switch rule.Action {
case ActionSetMethod:
ctx.Request.Req().Method = rule.Args["method"]
} else if rule.Action == ActionAddHeader {
case ActionAddHeader:
ctx.Request.Req().Header.Add(rule.Args["key"], rule.Args["value"])
} else if rule.Action == ActionSetHeader {
case ActionSetHeader:
ctx.Request.Req().Header.Set(rule.Args["key"], rule.Args["value"])
} else if rule.Action == ActionDeleteHeader {
case ActionDeleteHeader:
ctx.Request.Req().Header.Del(rule.Args["key"])
} else if rule.Action == ActionSetBody {
case ActionSetBody:
body := rule.Args["body"]
ctx.Request.Req().ContentLength = int64(len(body))
ctx.Request.SetBody(body)
@ -36,13 +37,15 @@ func (p *Page) routingRuleHandler(ctx *rod.Hijack) {
if rule.Part != "response" {
continue
}
if rule.Action == ActionAddHeader {
switch rule.Action {
case ActionAddHeader:
ctx.Response.Headers().Add(rule.Args["key"], rule.Args["value"])
} else if rule.Action == ActionSetHeader {
case ActionSetHeader:
ctx.Response.Headers().Set(rule.Args["key"], rule.Args["value"])
} else if rule.Action == ActionDeleteHeader {
case ActionDeleteHeader:
ctx.Response.Headers().Del(rule.Args["key"])
} else if rule.Action == ActionSetBody {
case ActionSetBody:
body := rule.Args["body"]
ctx.Response.Headers().Set("Content-Length", fmt.Sprintf("%d", len(body)))
ctx.Response.SetBody(rule.Args["body"])

10
v2/pkg/protocols/http/build_request.go
View File

@ -114,7 +114,7 @@ func (r *requestGenerator) makeSelfContainedRequest(data string, payloads, dynam
reader := bufio.NewReader(strings.NewReader(data))
s, err := reader.ReadString('\n')
if err != nil {
return nil, fmt.Errorf("could not read request: %s", err)
return nil, fmt.Errorf("could not read request: %w", err)
}
parts := strings.Split(s, " ")
@ -123,7 +123,7 @@ func (r *requestGenerator) makeSelfContainedRequest(data string, payloads, dynam
}
parsed, err := url.Parse(parts[1])
if err != nil {
return nil, fmt.Errorf("could not parse request URL: %s", err)
return nil, fmt.Errorf("could not parse request URL: %w", err)
}
values := generators.MergeMaps(
generators.MergeMaps(dynamicValues, generateVariables(parsed, false)),
@ -297,10 +297,12 @@ func (r *requestGenerator) fillRequest(req *http.Request, values map[string]inte
}
req.Body = ioutil.NopCloser(strings.NewReader(body))
}
setHeader(req, "User-Agent", uarand.GetRandom())
if !r.request.Unsafe {
setHeader(req, "User-Agent", uarand.GetRandom())
}
// Only set these headers on non-raw requests
if len(r.request.Raw) == 0 {
if len(r.request.Raw) == 0 && !r.request.Unsafe {
setHeader(req, "Accept", "*/*")
setHeader(req, "Accept-Language", "en")
}

9
v2/pkg/protocols/http/build_request_test.go
View File

@ -5,12 +5,13 @@ import (
"testing"
"time"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/model"
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/generators"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/interactsh"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
"github.com/stretchr/testify/require"
)
func TestBaseURLWithTemplatePrefs(t *testing.T) {
@ -138,7 +139,7 @@ func TestMakeRequestFromRawWithPayloads(t *testing.T) {
"username": []string{"admin"},
"password": []string{"admin", "guest", "password", "test", "12345", "123456"},
},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterbombAttack},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
Raw: []string{`GET /manager/html HTTP/1.1
Host: {{Hostname}}
User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)
@ -179,7 +180,7 @@ func TestMakeRequestFromRawPayloadExpressions(t *testing.T) {
"username": []string{"admin"},
"password": []string{"admin", "guest", "password", "test", "12345", "123456"},
},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterbombAttack},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
Raw: []string{`GET /manager/html HTTP/1.1
Host: {{Hostname}}
User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)
@ -233,7 +234,7 @@ func TestMakeRequestFromModelUniqueInteractsh(t *testing.T) {
ServerURL: options.InteractshURL,
CacheSize: int64(options.InteractionsCacheSize),
Eviction: time.Duration(options.InteractionsEviction) * time.Second,
ColldownPeriod: time.Duration(options.InteractionsCooldownPeriod) * time.Second,
ColldownPeriod: time.Duration(options.InteractionsCoolDownPeriod) * time.Second,
PollDuration: time.Duration(options.InteractionsPollDuration) * time.Second,
})
require.Nil(t, err, "could not create interactsh client")

6
v2/pkg/protocols/http/http.go
View File

@ -41,12 +41,12 @@ type Request struct {
// Name is the optional name of the request.
//
// If a name is specified, all the named request in a template can be matched upon
// in a combined manner allowing multirequest based matchers.
// in a combined manner allowing multi-request based matchers.
Name string `yaml:"name,omitempty" jsonschema:"title=name for the http request,description=Optional name for the HTTP Request"`
// description: |
// Attack is the type of payload combinations to perform.
//
// batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
// batteringram is inserts the same payload into all defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
// permutations and combinations for all payloads.
// values:
// - "batteringram"
@ -137,7 +137,7 @@ type Request struct {
dynamicValues map[string]interface{}
// description: |
// SelfContained specifies if the request is self contained.
// SelfContained specifies if the request is self-contained.
SelfContained bool `yaml:"-" json:"-"`
// description: |

1
v2/pkg/protocols/http/http_method_types.go
View File

@ -22,7 +22,6 @@ const (
HTTPTrace
HTTPPatch
HTTPPurge
//limit
limit
)

2
v2/pkg/protocols/http/http_test.go
View File

@ -23,7 +23,7 @@ func TestHTTPCompile(t *testing.T) {
"username": []string{"admin"},
"password": []string{"admin", "guest", "password", "test", "12345", "123456"},
},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterbombAttack},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
Raw: []string{`GET /manager/html HTTP/1.1
Host: {{Hostname}}
User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)

24
v2/pkg/protocols/http/httpclientpool/clientpool.go
View File

@ -30,7 +30,7 @@ var (
// Dialer is a copy of the fastdialer from protocolstate
Dialer *fastdialer.Dialer
rawhttpClient *rawhttp.Client
rawHttpClient *rawhttp.Client
poolMutex *sync.RWMutex
normalClient *retryablehttp.Client
clientPool map[string]*retryablehttp.Client
@ -98,12 +98,12 @@ func (c *Configuration) HasStandardOptions() bool {
// GetRawHTTP returns the rawhttp request client
func GetRawHTTP(options *types.Options) *rawhttp.Client {
if rawhttpClient == nil {
rawhttpOptions := rawhttp.DefaultOptions
rawhttpOptions.Timeout = time.Duration(options.Timeout) * time.Second
rawhttpClient = rawhttp.NewClient(rawhttpOptions)
if rawHttpClient == nil {
rawHttpOptions := rawhttp.DefaultOptions
rawHttpOptions.Timeout = time.Duration(options.Timeout) * time.Second
rawHttpClient = rawhttp.NewClient(rawHttpOptions)
}
return rawhttpClient
return rawHttpClient
}
// Get creates or gets a client for the protocol based on custom configuration
@ -138,7 +138,7 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
}
// Multiple Host
retryablehttpOptions := retryablehttp.DefaultOptionsSpraying
retryableHttpOptions := retryablehttp.DefaultOptionsSpraying
disableKeepAlives := true
maxIdleConns := 0
maxConnsPerHost := 0
@ -146,14 +146,14 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
if configuration.Threads > 0 {
// Single host
retryablehttpOptions = retryablehttp.DefaultOptionsSingle
retryableHttpOptions = retryablehttp.DefaultOptionsSingle
disableKeepAlives = false
maxIdleConnsPerHost = 500
maxConnsPerHost = 500
}
retryablehttpOptions.RetryWaitMax = 10 * time.Second
retryablehttpOptions.RetryMax = options.Retries
retryableHttpOptions.RetryWaitMax = 10 * time.Second
retryableHttpOptions.RetryMax = options.Retries
followRedirects := configuration.FollowRedirects
maxRedirects := configuration.MaxRedirects
@ -185,7 +185,7 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
if proxyURL != nil {
// Attempts to overwrite the dial function with the socks proxied version
if proxyURL.Scheme == types.SOCKS5 {
var proxyAuth *proxy.Auth = &proxy.Auth{}
var proxyAuth = &proxy.Auth{}
proxyAuth.User = proxyURL.User.Username()
proxyAuth.Password, _ = proxyURL.User.Password()
@ -213,7 +213,7 @@ func wrappedGet(options *types.Options, configuration *Configuration) (*retryabl
Transport: transport,
Timeout: time.Duration(options.Timeout) * time.Second,
CheckRedirect: makeCheckRedirectFunc(followRedirects, maxRedirects),
}, retryablehttpOptions)
}, retryableHttpOptions)
if jar != nil {
client.HTTPClient.Jar = jar
}

12
v2/pkg/protocols/http/race/syncedreadcloser.go
View File

@ -13,7 +13,7 @@ type SyncedReadCloser struct {
data []byte
p int64
length int64
opengate chan struct{}
openGate chan struct{}
enableBlocking bool
}
@ -29,7 +29,7 @@ func NewSyncedReadCloser(r io.ReadCloser) *SyncedReadCloser {
}
r.Close()
s.length = int64(len(s.data))
s.opengate = make(chan struct{})
s.openGate = make(chan struct{})
s.enableBlocking = true
return &s
}
@ -48,13 +48,13 @@ func (s *SyncedReadCloser) SetOpenGate(status bool) {
// OpenGate opens the gate allowing all requests to be completed
func (s *SyncedReadCloser) OpenGate() {
s.opengate <- struct{}{}
s.openGate <- struct{}{}
}
// OpenGateAfter schedules gate to be opened after a duration
func (s *SyncedReadCloser) OpenGateAfter(d time.Duration) {
time.AfterFunc(d, func() {
s.opengate <- struct{}{}
s.openGate <- struct{}{}
})
}
@ -84,7 +84,7 @@ func (s *SyncedReadCloser) Seek(offset int64, whence int) (int64, error) {
func (s *SyncedReadCloser) Read(p []byte) (n int, err error) {
// If the data fits in the buffer blocks awaiting the sync instruction
if s.p+int64(len(p)) >= s.length && s.enableBlocking {
<-s.opengate
<-s.openGate
}
n = copy(p, s.data[s.p:])
s.p += int64(n)
@ -94,7 +94,7 @@ func (s *SyncedReadCloser) Read(p []byte) (n int, err error) {
return n, err
}
// Close implements close method for io.ReadSeeker
// Close closes an io.ReadSeeker
func (s *SyncedReadCloser) Close() error {
return nil
}

14
v2/pkg/protocols/http/raw/raw.go
View File

@ -33,7 +33,7 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
parsedURL, err := url.Parse(baseURL)
if err != nil {
return nil, fmt.Errorf("could not parse request URL: %s", err)
return nil, fmt.Errorf("could not parse request URL: %w", err)
}
if unsafe {
@ -42,7 +42,7 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
reader := bufio.NewReader(strings.NewReader(request))
s, err := reader.ReadString('\n')
if err != nil {
return nil, fmt.Errorf("could not read request: %s", err)
return nil, fmt.Errorf("could not read request: %w", err)
}
parts := strings.Split(s, " ")
@ -57,7 +57,7 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
// Set the request Method
rawRequest.Method = parts[0]
var mutlipartRequest bool
var multiPartRequest bool
// Accepts all malformed headers
var key, value string
for {
@ -76,7 +76,7 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
value = p[1]
}
if strings.Contains(key, "Content-Type") && strings.Contains(value, "multipart/") {
mutlipartRequest = true
multiPartRequest = true
}
// in case of unsafe requests multiple headers should be accepted
@ -101,7 +101,7 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
if !unsafe && strings.HasPrefix(parts[1], "http") {
parsed, parseErr := url.Parse(parts[1])
if parseErr != nil {
return nil, fmt.Errorf("could not parse request URL: %s", parseErr)
return nil, fmt.Errorf("could not parse request URL: %w", parseErr)
}
rawRequest.Path = parsed.Path
@ -133,10 +133,10 @@ func Parse(request, baseURL string, unsafe bool) (*Request, error) {
// Set the request body
b, err := ioutil.ReadAll(reader)
if err != nil {
return nil, fmt.Errorf("could not read request body: %s", err)
return nil, fmt.Errorf("could not read request body: %w", err)
}
rawRequest.Data = string(b)
if !mutlipartRequest {
if !multiPartRequest {
rawRequest.Data = strings.TrimSuffix(rawRequest.Data, "\r\n")
}
return rawRequest, nil

24
v2/pkg/protocols/http/request.go
View File

@ -250,7 +250,8 @@ func (request *Request) ExecuteWithResults(reqURL string, dynamicValues, previou
reqURL = generatedHttpRequest.URL()
}
request.dynamicValues = generatedHttpRequest.dynamicValues
// Check if hosts just keep erroring
// Check if hosts keep erroring
if request.options.HostErrorsCache != nil && request.options.HostErrorsCache.Check(reqURL) {
return true, nil
}
@ -275,6 +276,7 @@ func (request *Request) ExecuteWithResults(reqURL string, dynamicValues, previou
callback(event)
}
}, requestCount)
// If a variable is unresolved, skip all further requests
if err == errStopExecution {
return true, nil
@ -345,7 +347,7 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
}
dumpedRequestString := string(dumpedRequest)
// Check if are there any unresolved variables. If yes, skip unless overriden by user.
// Check if are there any unresolved variables. If yes, skip unless overridden by user.
if varErr := expressions.ContainsUnresolvedVariables(dumpedRequestString); varErr != nil && !request.SkipVariablesCheck {
gologger.Warning().Msgf("[%s] Could not make http request for %s: %v\n", request.options.TemplateID, reqURL, varErr)
return errStopExecution
@ -356,7 +358,6 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
gologger.Print().Msgf("%s", dumpedRequestString)
}
}
var formedURL string
var hostname string
timeStart := time.Now()
@ -449,6 +450,7 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
}
var dumpedResponse []redirectedResponse
var gotData []byte
// If the status code is HTTP 101, we should not proceed with reading body.
if resp.StatusCode != http.StatusSwitchingProtocols {
var bodyReader io.Reader
@ -466,6 +468,7 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
return errors.Wrap(err, "could not read http body")
}
}
gotData = data
resp.Body.Close()
dumpedResponse, err = dumpResponseWithRedirectChain(resp, data)
@ -476,14 +479,17 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
dumpedResponse = []redirectedResponse{{fullResponse: dumpedResponseHeaders, headers: dumpedResponseHeaders}}
}
for _, response := range dumpedResponse {
// if nuclei-project is enabled store the response if not previously done
if request.options.ProjectFile != nil && !fromCache {
if err := request.options.ProjectFile.Set(dumpedRequest, resp, response.body); err != nil {
return errors.Wrap(err, "could not store in project file")
}
// if nuclei-project is enabled store the response if not previously done
if request.options.ProjectFile != nil && !fromCache {
if err := request.options.ProjectFile.Set(dumpedRequest, resp, gotData); err != nil {
return errors.Wrap(err, "could not store in project file")
}
}
for _, response := range dumpedResponse {
if response.resp == nil {
continue // Skip nil responses
}
matchedURL := reqURL
if generatedRequest.rawRequest != nil && generatedRequest.rawRequest.FullURL != "" {
matchedURL = generatedRequest.rawRequest.FullURL

7
v2/pkg/protocols/http/request_generator_test.go
View File

@ -3,9 +3,10 @@ package http
import (
"testing"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/generators"
"github.com/stretchr/testify/require"
)
func TestRequestGeneratorPaths(t *testing.T) {
@ -29,7 +30,7 @@ func TestRequestGeneratorClusterBombSingle(t *testing.T) {
req := &Request{
Payloads: map[string]interface{}{"username": []string{"admin", "tomcat", "manager"}, "password": []string{"password", "test", "secret"}},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterbombAttack},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
Raw: []string{`GET /{{username}}:{{password}} HTTP/1.1`},
}
catalogInstance := catalog.New("")
@ -53,7 +54,7 @@ func TestRequestGeneratorClusterBombMultipleRaw(t *testing.T) {
req := &Request{
Payloads: map[string]interface{}{"username": []string{"admin", "tomcat", "manager"}, "password": []string{"password", "test", "secret"}},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterbombAttack},
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
Raw: []string{`GET /{{username}}:{{password}} HTTP/1.1`, `GET /{{username}}@{{password}} HTTP/1.1`},
}
catalogInstance := catalog.New("")

13
v2/pkg/protocols/http/utils.go
View File

@ -11,11 +11,12 @@ import (
"strings"
"github.com/pkg/errors"
"golang.org/x/text/encoding/simplifiedchinese"
"golang.org/x/text/transform"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/generators"
"github.com/projectdiscovery/rawhttp"
"github.com/projectdiscovery/stringsutil"
"golang.org/x/text/encoding/simplifiedchinese"
"golang.org/x/text/transform"
)
type redirectedResponse struct {
@ -97,13 +98,13 @@ func normalizeResponseBody(resp *http.Response, response *redirectedResponse) er
// gb18030 supersedes gb2312
responseContentType := resp.Header.Get("Content-Type")
if isContentTypeGbk(responseContentType) {
response.fullResponse, err = decodegbk(response.fullResponse)
response.fullResponse, err = decodeGBK(response.fullResponse)
if err != nil {
return errors.Wrap(err, "could not gbk decode")
}
// the uncompressed body needs to be decoded to standard utf8
response.body, err = decodegbk(response.body)
response.body, err = decodeGBK(response.body)
if err != nil {
return errors.Wrap(err, "could not gbk decode")
}
@ -149,8 +150,8 @@ func handleDecompression(resp *http.Response, bodyOrig []byte) (bodyDec []byte,
return bodyDec, nil
}
// decodegbk converts GBK to UTF-8
func decodegbk(s []byte) ([]byte, error) {
// decodeGBK converts GBK to UTF-8
func decodeGBK(s []byte) ([]byte, error) {
I := bytes.NewReader(s)
O := transform.NewReader(I, simplifiedchinese.GBK.NewDecoder())
d, e := ioutil.ReadAll(O)

22
v2/pkg/protocols/network/network.go
View File

@ -1,7 +1,6 @@
package network
import (
"net"
"strings"
"github.com/pkg/errors"
@ -34,7 +33,7 @@ type Request struct {
// description: |
// Attack is the type of payload combinations to perform.
//
// Batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
// Batteringram is inserts the same payload into all defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
// permutations and combinations for all payloads.
// values:
// - "batteringram"
@ -68,7 +67,7 @@ type Request struct {
ReadAll bool `yaml:"read-all,omitempty" jsonschema:"title=read all response stream,description=Read all response stream till the server stops sending"`
// description: |
// SelfContained specifies if the request is self contained.
// SelfContained specifies if the request is self-contained.
SelfContained bool `yaml:"-" json:"-"`
// Operators for the current request go here.
@ -83,9 +82,8 @@ type Request struct {
}
type addressKV struct {
ip string
port string
tls bool
address string
tls bool
}
// Input is the input to send on the network
@ -110,7 +108,7 @@ type Input struct {
// Read is the number of bytes to read from socket.
//
// This can be used for protocols which expect an immediate response. You can
// read and write responses one after another and evetually perform matching
// read and write responses one after another and eventually perform matching
// on every data captured with `name` attribute.
//
// The [network docs](https://nuclei.projectdiscovery.io/templating-guide/protocols/network/) highlight more on how to do this.
@ -141,15 +139,7 @@ func (request *Request) Compile(options *protocols.ExecuterOptions) error {
shouldUseTLS = true
address = strings.TrimPrefix(address, "tls://")
}
if strings.Contains(address, ":") {
addressHost, addressPort, portErr := net.SplitHostPort(address)
if portErr != nil {
return errors.Wrap(portErr, "could not parse address")
}
request.addresses = append(request.addresses, addressKV{ip: addressHost, port: addressPort, tls: shouldUseTLS})
} else {
request.addresses = append(request.addresses, addressKV{ip: address, tls: shouldUseTLS})
}
request.addresses = append(request.addresses, addressKV{address: address, tls: shouldUseTLS})
}
// Pre-compile any input dsl functions before executing the request.
for _, input := range request.Inputs {

1
v2/pkg/protocols/network/network_input_types.go
View File

@ -14,7 +14,6 @@ type NetworkInputType int
const (
hexType NetworkInputType = iota + 1
textType
//limit
limit
)

15
v2/pkg/protocols/network/network_test.go
View File

@ -17,7 +17,7 @@ func TestNetworkCompileMake(t *testing.T) {
templateID := "testing-network"
request := &Request{
ID: templateID,
Address: []string{"{{Hostname}}", "{{Hostname}}:8082", "tls://{{Hostname}}:443"},
Address: []string{"tls://{{Host}}:443"},
ReadSize: 1024,
Inputs: []*Input{{Data: "test-data"}},
}
@ -28,17 +28,8 @@ func TestNetworkCompileMake(t *testing.T) {
err := request.Compile(executerOpts)
require.Nil(t, err, "could not compile network request")
require.Equal(t, 3, len(request.addresses), "could not get correct number of input address")
t.Run("check-host", func(t *testing.T) {
require.Equal(t, "{{Hostname}}", request.addresses[0].ip, "could not get correct host")
})
t.Run("check-host-with-port", func(t *testing.T) {
require.Equal(t, "{{Hostname}}", request.addresses[1].ip, "could not get correct host with port")
require.Equal(t, "8082", request.addresses[1].port, "could not get correct port for host")
})
require.Equal(t, 1, len(request.addresses), "could not get correct number of input address")
t.Run("check-tls-with-port", func(t *testing.T) {
require.Equal(t, "{{Hostname}}", request.addresses[2].ip, "could not get correct host with port")
require.Equal(t, "443", request.addresses[2].port, "could not get correct port for host")
require.True(t, request.addresses[2].tls, "could not get correct port for host")
require.True(t, request.addresses[0].tls, "could not get correct port for host")
})
}

45
v2/pkg/protocols/network/request.go
View File

@ -49,18 +49,10 @@ func (request *Request) ExecuteWithResults(input string, metadata /*TODO review
}
for _, kv := range request.addresses {
actualAddress := replacer.Replace(kv.ip, map[string]interface{}{"Hostname": address})
if kv.port != "" {
if strings.Contains(address, ":") {
actualAddress, _, _ = net.SplitHostPort(actualAddress)
}
actualAddress = net.JoinHostPort(actualAddress, kv.port)
}
if input != "" {
input = actualAddress
}
variables := generateNetworkVariables(address)
actualAddress := replacer.Replace(kv.address, variables)
if err := request.executeAddress(actualAddress, address, input, kv.tls, previous, callback); err != nil {
if err := request.executeAddress(variables, actualAddress, address, input, kv.tls, previous, callback); err != nil {
gologger.Verbose().Label("ERR").Msgf("Could not make network request for %s: %s\n", actualAddress, err)
continue
}
@ -69,7 +61,7 @@ func (request *Request) ExecuteWithResults(input string, metadata /*TODO review
}
// executeAddress executes the request for an address
func (request *Request) executeAddress(actualAddress, address, input string, shouldUseTLS bool, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
func (request *Request) executeAddress(variables map[string]interface{}, actualAddress, address, input string, shouldUseTLS bool, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
if !strings.Contains(actualAddress, ":") {
err := errors.New("no port provided in network protocol request")
request.options.Output.Request(request.options.TemplatePath, address, request.Type().String(), err)
@ -88,27 +80,27 @@ func (request *Request) executeAddress(actualAddress, address, input string, sho
break
}
value = generators.MergeMaps(value, payloads)
if err := request.executeRequestWithPayloads(actualAddress, address, input, shouldUseTLS, value, previous, callback); err != nil {
if err := request.executeRequestWithPayloads(variables, actualAddress, address, input, shouldUseTLS, value, previous, callback); err != nil {
return err
}
}
} else {
value := generators.MergeMaps(map[string]interface{}{}, payloads)
if err := request.executeRequestWithPayloads(actualAddress, address, input, shouldUseTLS, value, previous, callback); err != nil {
value := generators.CopyMap(payloads)
if err := request.executeRequestWithPayloads(variables, actualAddress, address, input, shouldUseTLS, value, previous, callback); err != nil {
return err
}
}
return nil
}
func (request *Request) executeRequestWithPayloads(actualAddress, address, input string, shouldUseTLS bool, payloads map[string]interface{}, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
func (request *Request) executeRequestWithPayloads(variables map[string]interface{}, actualAddress, address, input string, shouldUseTLS bool, payloads map[string]interface{}, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
var (
hostname string
conn net.Conn
err error
)
request.dynamicValues = generators.MergeMaps(payloads, map[string]interface{}{"Hostname": address})
request.dynamicValues = generators.MergeMaps(payloads, variables)
if host, _, splitErr := net.SplitHostPort(actualAddress); splitErr == nil {
hostname = host
@ -223,12 +215,12 @@ func (request *Request) executeRequestWithPayloads(actualAddress, address, input
<-t.C
}
}
read_socket:
readSocket:
for {
select {
case <-readInterval.C:
closeTimer(readInterval)
break read_socket
break readSocket
default:
buf := make([]byte, bufferSize)
nBuf, err := conn.Read(buf)
@ -328,3 +320,18 @@ func getAddress(toTest string) (string, error) {
}
return toTest, nil
}
func generateNetworkVariables(input string) map[string]interface{} {
if !strings.Contains(input, ":") {
return map[string]interface{}{"Hostname": input, "Host": input}
}
host, port, err := net.SplitHostPort(input)
if err != nil {
return map[string]interface{}{"Hostname": input}
}
return map[string]interface{}{
"Host": host,
"Port": port,
"Hostname": input,
}
}

9
v2/pkg/protocols/network/request_test.go
View File

@ -50,7 +50,7 @@ func TestNetworkExecuteWithResults(t *testing.T) {
parsed, err := url.Parse(ts.URL)
require.Nil(t, err, "could not parse url")
request.Address[0] = "{{Hostname}}:" + parsed.Port()
request.Address[0] = "{{Hostname}}"
request.Inputs = append(request.Inputs, &Input{Data: fmt.Sprintf("GET / HTTP/1.1\r\nHost: %s\r\n\r\n", parsed.Host)})
executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
@ -84,12 +84,7 @@ func TestNetworkExecuteWithResults(t *testing.T) {
})
require.Nil(t, err, "could not execute network request")
})
require.NotNil(t, finalEvent, "could not get event output from request")
require.Equal(t, 1, len(finalEvent.Results), "could not get correct number of results")
require.Equal(t, "test", finalEvent.Results[0].MatcherName, "could not get correct matcher name of results")
require.Equal(t, 1, len(finalEvent.Results[0].ExtractedResults), "could not get correct number of extracted results")
require.Equal(t, "<h1>Example Domain</h1>", finalEvent.Results[0].ExtractedResults[0], "could not get correct extracted results")
finalEvent = nil
require.Nil(t, finalEvent, "could not get event output from request")
request.Inputs[0].Type = NetworkInputTypeHolder{NetworkInputType: hexType}
request.Inputs[0].Data = hex.EncodeToString([]byte(fmt.Sprintf("GET / HTTP/1.1\r\nHost: %s\r\n\r\n", parsed.Host)))

2
v2/pkg/protocols/offlinehttp/find_test.go
View File

@ -40,7 +40,7 @@ func TestFindResponses(t *testing.T) {
"test.txt": "TEST",
}
for k, v := range files {
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), 0777)
err = ioutil.WriteFile(filepath.Join(tempDir, k), []byte(v), os.ModePerm)
require.Nil(t, err, "could not write temporary file")
}
expected := []string{"config.txt", "final.txt", "test.txt"}

2
v2/pkg/protocols/offlinehttp/read_response.go
View File

@ -8,7 +8,7 @@ import (
"strings"
)
var noMinor = regexp.MustCompile(`HTTP\/([0-9]) `)
var noMinor = regexp.MustCompile(`HTTP/([0-9]) `)
// readResponseFromString reads a raw http response from a string.
func readResponseFromString(data string) (*http.Response, error) {

4
v2/pkg/protocols/offlinehttp/read_response_test.go
View File

@ -159,7 +159,7 @@ Server: Google Frontend
t.Run("test-live-response-with-content-length", func(t *testing.T) {
var ts *httptest.Server
router := httprouter.New()
router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
router.GET("/", func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
w.Header().Add("Server", "Google Frontend")
fmt.Fprintf(w, "%s", `<!DOCTYPE html>
<html>
@ -172,7 +172,7 @@ Server: Google Frontend
<p>
</body>
</html>`)
}))
})
ts = httptest.NewServer(router)
defer ts.Close()

1
v2/pkg/protocols/protocols.go
View File

@ -4,6 +4,7 @@ import (
"go.uber.org/ratelimit"
"github.com/logrusorgru/aurora"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
"github.com/projectdiscovery/nuclei/v2/pkg/model"
"github.com/projectdiscovery/nuclei/v2/pkg/operators"

1
v2/pkg/protocols/ssl/ssl.go
View File

@ -10,6 +10,7 @@ import (
jsoniter "github.com/json-iterator/go"
"github.com/pkg/errors"
"github.com/projectdiscovery/cryptoutil"
"github.com/projectdiscovery/fastdialer/fastdialer"
"github.com/projectdiscovery/gologger"

3
v2/pkg/protocols/ssl/ssl_test.go
View File

@ -3,11 +3,12 @@ package ssl
import (
"testing"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/model"
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
"github.com/stretchr/testify/require"
)
func TestSSLProtocol(t *testing.T) {

3
v2/pkg/protocols/websocket/websocket.go
View File

@ -15,6 +15,7 @@ import (
"github.com/gobwas/ws"
"github.com/gobwas/ws/wsutil"
"github.com/pkg/errors"
"github.com/projectdiscovery/fastdialer/fastdialer"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
@ -299,7 +300,7 @@ func (request *Request) readWriteInputWebsocket(conn net.Conn, payloadValues map
requestOptions.Progress.IncrementFailedRequestsBy(1)
return nil, "", errors.Wrap(err, "could not write request to server")
}
// Only perform matching and writes in case we recieve
// Only perform matching and writes in case we receive
// text or binary opcode from the websocket server.
if opCode != ws.OpText && opCode != ws.OpBinary {
continue

3
v2/pkg/reporting/dedupe/dedupe_test.go
View File

@ -5,8 +5,9 @@ import (
"os"
"testing"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/stretchr/testify/require"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
)
func TestDedupeDuplicates(t *testing.T) {

8
v2/pkg/reporting/exporters/es/elasticsearch.go
View File

@ -3,20 +3,20 @@ package es
import (
"bytes"
"crypto/tls"
"encoding/base64"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"time"
"encoding/base64"
"encoding/json"
"github.com/pkg/errors"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate"
)
// Options contains necessary options required for elasticsearch communicaiton
// Options contains necessary options required for elasticsearch communication
type Options struct {
// IP for elasticsearch instance
IP string `yaml:"ip" validate:"required,ip"`

2
v2/pkg/reporting/exporters/markdown/markdown.go
View File

@ -32,7 +32,7 @@ func New(options *Options) (*Exporter, error) {
}
directory = dir
}
_ = os.MkdirAll(directory, os.ModePerm)
_ = os.MkdirAll(directory, 0755)
return &Exporter{options: options, directory: directory}, nil
}

18
v2/pkg/reporting/reporting.go
View File

@ -10,8 +10,8 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/model/types/stringslice"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/dedupe"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/markdown"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/es"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/markdown"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/exporters/sarif"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/trackers/github"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/trackers/gitlab"
@ -24,10 +24,10 @@ type Options struct {
AllowList *Filter `yaml:"allow-list"`
// DenyList contains a list of denied events for reporting module
DenyList *Filter `yaml:"deny-list"`
// Github contains configuration options for Github Issue Tracker
Github *github.Options `yaml:"github"`
// Gitlab contains configuration options for Gitlab Issue Tracker
Gitlab *gitlab.Options `yaml:"gitlab"`
// GitHub contains configuration options for GitHub Issue Tracker
GitHub *github.Options `yaml:"github"`
// GitLab contains configuration options for GitLab Issue Tracker
GitLab *gitlab.Options `yaml:"gitlab"`
// Jira contains configuration options for Jira Issue Tracker
Jira *jira.Options `yaml:"jira"`
// MarkdownExporter contains configuration options for Markdown Exporter Module
@ -107,15 +107,15 @@ type Client struct {
// New creates a new nuclei issue tracker reporting client
func New(options *Options, db string) (*Client, error) {
client := &Client{options: options}
if options.Github != nil {
tracker, err := github.New(options.Github)
if options.GitHub != nil {
tracker, err := github.New(options.GitHub)
if err != nil {
return nil, errors.Wrap(err, "could not create reporting client")
}
client.trackers = append(client.trackers, tracker)
}
if options.Gitlab != nil {
tracker, err := gitlab.New(options.Gitlab)
if options.GitLab != nil {
tracker, err := gitlab.New(options.GitLab)
if err != nil {
return nil, errors.Wrap(err, "could not create reporting client")
}

8
v2/pkg/reporting/trackers/github/github.go
View File

@ -21,15 +21,15 @@ type Integration struct {
options *Options
}
// Options contains the configuration options for github issue tracker client
// Options contains the configuration options for GitHub issue tracker client
type Options struct {
// BaseURL (optional) is the self-hosted github application url
// BaseURL (optional) is the self-hosted GitHub application url
BaseURL string `yaml:"base-url" validate:"omitempty,url"`
// Username is the username of the github user
Username string `yaml:"username" validate:"required"`
// Owner (manadatory) is the owner name of the repository for issues.
// Owner is the owner name of the repository for issues.
Owner string `yaml:"owner" validate:"required"`
// Token is the token for github account.
// Token is the token for GitHub account.
Token string `yaml:"token" validate:"required"`
// ProjectName is the name of the repository.
ProjectName string `yaml:"project-name" validate:"required"`

3
v2/pkg/reporting/trackers/gitlab/gitlab.go
View File

@ -3,9 +3,10 @@ package gitlab
import (
"fmt"
"github.com/xanzy/go-gitlab"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
"github.com/projectdiscovery/nuclei/v2/pkg/reporting/format"
"github.com/xanzy/go-gitlab"
)
// Integration is a client for an issue tracker integration

5
v2/pkg/reporting/trackers/jira/jira.go
View File

@ -7,6 +7,7 @@ import (
"strings"
"github.com/andygrunwald/go-jira"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
"github.com/projectdiscovery/nuclei/v2/pkg/output"
@ -103,7 +104,7 @@ func (i *Integration) CreateNewIssue(event *output.ResultEvent) error {
d, _ := ioutil.ReadAll(resp.Body)
data = string(d)
}
return fmt.Errorf("%s => %s", err, data)
return fmt.Errorf("%w => %s", err, data)
}
return nil
}
@ -140,7 +141,7 @@ func (i *Integration) FindExistingIssue(event *output.ResultEvent) (string, erro
d, _ := ioutil.ReadAll(resp.Body)
data = string(d)
}
return "", fmt.Errorf("%s => %s", err, data)
return "", fmt.Errorf("%w => %s", err, data)
}
switch resp.Total {

3
v2/pkg/templates/cluster.go
View File

@ -3,6 +3,8 @@ package templates
import (
"fmt"
"github.com/rs/xid"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/nuclei/v2/pkg/model"
"github.com/projectdiscovery/nuclei/v2/pkg/operators"
@ -10,7 +12,6 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/writer"
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http"
"github.com/rs/xid"
)
// Cluster clusters a list of templates into a lesser number if possible based

4
v2/pkg/templates/preprocessors.go
View File

@ -12,10 +12,10 @@ type Preprocessor interface {
Process(data []byte) []byte
}
var preprocessorRegex = regexp.MustCompile(`\{\{([a-z0-9_]+)\}\}`)
var preprocessorRegex = regexp.MustCompile(`{{([a-z0-9_]+)}}`)
// expandPreprocessors expands the pre-processors if any for a template data.
func (t *Template) expandPreprocessors(data []byte) []byte {
func (template *Template) expandPreprocessors(data []byte) []byte {
foundMap := make(map[string]struct{})
for _, expression := range preprocessorRegex.FindAllStringSubmatch(string(data), -1) {

18
v2/pkg/templates/templates.go
View File

@ -96,23 +96,23 @@ var TemplateProtocols = []string{
}
// Type returns the type of the template
func (t *Template) Type() types.ProtocolType {
func (template *Template) Type() types.ProtocolType {
switch {
case len(t.RequestsDNS) > 0:
case len(template.RequestsDNS) > 0:
return types.DNSProtocol
case len(t.RequestsFile) > 0:
case len(template.RequestsFile) > 0:
return types.FileProtocol
case len(t.RequestsHTTP) > 0:
case len(template.RequestsHTTP) > 0:
return types.HTTPProtocol
case len(t.RequestsHeadless) > 0:
case len(template.RequestsHeadless) > 0:
return types.HeadlessProtocol
case len(t.RequestsNetwork) > 0:
case len(template.RequestsNetwork) > 0:
return types.NetworkProtocol
case len(t.Workflow.Workflows) > 0:
case len(template.Workflow.Workflows) > 0:
return types.WorkflowProtocol
case len(t.RequestsSSL) > 0:
case len(template.RequestsSSL) > 0:
return types.SSLProtocol
case len(t.RequestsWebsocket) > 0:
case len(template.RequestsWebsocket) > 0:
return types.WebsocketProtocol
default:
return types.InvalidProtocol

Some files were not shown because too many files have changed in this diff Show More