mirror of https://github.com/daffainfo/nuclei.git
pass exclude list to layer 4 fast dialer
parent
2d3906cafc
commit
80d347d3f1
|
@ -18,12 +18,12 @@ import (
|
||||||
"github.com/projectdiscovery/gologger"
|
"github.com/projectdiscovery/gologger"
|
||||||
"github.com/projectdiscovery/hmap/filekv"
|
"github.com/projectdiscovery/hmap/filekv"
|
||||||
"github.com/projectdiscovery/hmap/store/hybrid"
|
"github.com/projectdiscovery/hmap/store/hybrid"
|
||||||
"github.com/projectdiscovery/mapcidr"
|
|
||||||
"github.com/projectdiscovery/mapcidr/asn"
|
"github.com/projectdiscovery/mapcidr/asn"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/uncover"
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/uncover"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
||||||
|
"github.com/projectdiscovery/nuclei/v3/pkg/utils/expand"
|
||||||
uncoverlib "github.com/projectdiscovery/uncover"
|
uncoverlib "github.com/projectdiscovery/uncover"
|
||||||
fileutil "github.com/projectdiscovery/utils/file"
|
fileutil "github.com/projectdiscovery/utils/file"
|
||||||
iputil "github.com/projectdiscovery/utils/ip"
|
iputil "github.com/projectdiscovery/utils/ip"
|
||||||
|
@ -121,10 +121,10 @@ func (i *Input) initializeInputSources(opts *Options) error {
|
||||||
for _, target := range options.Targets {
|
for _, target := range options.Targets {
|
||||||
switch {
|
switch {
|
||||||
case iputil.IsCIDR(target):
|
case iputil.IsCIDR(target):
|
||||||
ips := i.expandCIDRInputValue(target)
|
ips := expand.CIDR(target)
|
||||||
i.addTargets(ips)
|
i.addTargets(ips)
|
||||||
case asn.IsASN(target):
|
case asn.IsASN(target):
|
||||||
ips := i.expandASNInputValue(target)
|
ips := expand.ASN(target)
|
||||||
i.addTargets(ips)
|
i.addTargets(ips)
|
||||||
default:
|
default:
|
||||||
i.Set(target)
|
i.Set(target)
|
||||||
|
@ -174,10 +174,10 @@ func (i *Input) initializeInputSources(opts *Options) error {
|
||||||
for _, target := range options.ExcludeTargets {
|
for _, target := range options.ExcludeTargets {
|
||||||
switch {
|
switch {
|
||||||
case iputil.IsCIDR(target):
|
case iputil.IsCIDR(target):
|
||||||
ips := i.expandCIDRInputValue(target)
|
ips := expand.CIDR(target)
|
||||||
i.removeTargets(ips)
|
i.removeTargets(ips)
|
||||||
case asn.IsASN(target):
|
case asn.IsASN(target):
|
||||||
ips := i.expandASNInputValue(target)
|
ips := expand.ASN(target)
|
||||||
i.removeTargets(ips)
|
i.removeTargets(ips)
|
||||||
default:
|
default:
|
||||||
i.Del(target)
|
i.Del(target)
|
||||||
|
@ -195,10 +195,10 @@ func (i *Input) scanInputFromReader(reader io.Reader) {
|
||||||
item := scanner.Text()
|
item := scanner.Text()
|
||||||
switch {
|
switch {
|
||||||
case iputil.IsCIDR(item):
|
case iputil.IsCIDR(item):
|
||||||
ips := i.expandCIDRInputValue(item)
|
ips := expand.CIDR(item)
|
||||||
i.addTargets(ips)
|
i.addTargets(ips)
|
||||||
case asn.IsASN(item):
|
case asn.IsASN(item):
|
||||||
ips := i.expandASNInputValue(item)
|
ips := expand.ASN(item)
|
||||||
i.addTargets(ips)
|
i.addTargets(ips)
|
||||||
default:
|
default:
|
||||||
i.Set(item)
|
i.Set(item)
|
||||||
|
@ -489,26 +489,6 @@ func (i *Input) Scan(callback func(value *contextargs.MetaInput) bool) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// expandCIDRInputValue expands CIDR and stores expanded IPs
|
|
||||||
func (i *Input) expandCIDRInputValue(value string) []string {
|
|
||||||
var ips []string
|
|
||||||
ipsCh, _ := mapcidr.IPAddressesAsStream(value)
|
|
||||||
for ip := range ipsCh {
|
|
||||||
ips = append(ips, ip)
|
|
||||||
}
|
|
||||||
return ips
|
|
||||||
}
|
|
||||||
|
|
||||||
// expandASNInputValue expands CIDRs for given ASN and stores expanded IPs
|
|
||||||
func (i *Input) expandASNInputValue(value string) []string {
|
|
||||||
var ips []string
|
|
||||||
cidrs, _ := asn.GetCIDRsForASNNum(value)
|
|
||||||
for _, cidr := range cidrs {
|
|
||||||
ips = append(ips, i.expandCIDRInputValue(cidr.String())...)
|
|
||||||
}
|
|
||||||
return ips
|
|
||||||
}
|
|
||||||
|
|
||||||
func (i *Input) addTargets(targets []string) {
|
func (i *Input) addTargets(targets []string) {
|
||||||
for _, target := range targets {
|
for _, target := range targets {
|
||||||
i.Set(target)
|
i.Set(target)
|
||||||
|
|
|
@ -12,10 +12,11 @@ import (
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
||||||
|
"github.com/projectdiscovery/nuclei/v3/pkg/utils/expand"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
func Test_expandCIDRInputValue(t *testing.T) {
|
func Test_expandCIDR(t *testing.T) {
|
||||||
tests := []struct {
|
tests := []struct {
|
||||||
cidr string
|
cidr string
|
||||||
expected []string
|
expected []string
|
||||||
|
@ -33,7 +34,7 @@ func Test_expandCIDRInputValue(t *testing.T) {
|
||||||
require.Nil(t, err, "could not create temporary input file")
|
require.Nil(t, err, "could not create temporary input file")
|
||||||
input := &Input{hostMap: hm}
|
input := &Input{hostMap: hm}
|
||||||
|
|
||||||
ips := input.expandCIDRInputValue(tt.cidr)
|
ips := expand.CIDR(tt.cidr)
|
||||||
input.addTargets(ips)
|
input.addTargets(ips)
|
||||||
// scan
|
// scan
|
||||||
got := []string{}
|
got := []string{}
|
||||||
|
@ -170,7 +171,7 @@ func Test_expandASNInputValue(t *testing.T) {
|
||||||
require.Nil(t, err, "could not create temporary input file")
|
require.Nil(t, err, "could not create temporary input file")
|
||||||
input := &Input{hostMap: hm}
|
input := &Input{hostMap: hm}
|
||||||
// get the IP addresses for ASN number
|
// get the IP addresses for ASN number
|
||||||
ips := input.expandASNInputValue(tt.asn)
|
ips := expand.ASN(tt.asn)
|
||||||
input.addTargets(ips)
|
input.addTargets(ips)
|
||||||
// scan the hmap
|
// scan the hmap
|
||||||
got := []string{}
|
got := []string{}
|
||||||
|
|
|
@ -9,8 +9,10 @@ import (
|
||||||
"golang.org/x/net/proxy"
|
"golang.org/x/net/proxy"
|
||||||
|
|
||||||
"github.com/projectdiscovery/fastdialer/fastdialer"
|
"github.com/projectdiscovery/fastdialer/fastdialer"
|
||||||
|
"github.com/projectdiscovery/mapcidr/asn"
|
||||||
"github.com/projectdiscovery/networkpolicy"
|
"github.com/projectdiscovery/networkpolicy"
|
||||||
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
||||||
|
"github.com/projectdiscovery/nuclei/v3/pkg/utils/expand"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Dialer is a shared fastdialer instance for host DNS resolution
|
// Dialer is a shared fastdialer instance for host DNS resolution
|
||||||
|
@ -102,6 +104,15 @@ func Init(options *types.Options) error {
|
||||||
if options.RestrictLocalNetworkAccess {
|
if options.RestrictLocalNetworkAccess {
|
||||||
opts.Deny = append(networkpolicy.DefaultIPv4DenylistRanges, networkpolicy.DefaultIPv6DenylistRanges...)
|
opts.Deny = append(networkpolicy.DefaultIPv4DenylistRanges, networkpolicy.DefaultIPv6DenylistRanges...)
|
||||||
}
|
}
|
||||||
|
for _, excludeTarget := range options.ExcludeTargets {
|
||||||
|
switch {
|
||||||
|
case asn.IsASN(excludeTarget):
|
||||||
|
opts.Deny = append(opts.Deny, expand.ASN(excludeTarget)...)
|
||||||
|
default:
|
||||||
|
opts.Deny = append(opts.Deny, excludeTarget)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
opts.WithDialerHistory = true
|
opts.WithDialerHistory = true
|
||||||
opts.SNIName = options.SNI
|
opts.SNIName = options.SNI
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
package expand
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/projectdiscovery/mapcidr"
|
||||||
|
"github.com/projectdiscovery/mapcidr/asn"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Expands CIDR to IPs
|
||||||
|
func CIDR(value string) []string {
|
||||||
|
var ips []string
|
||||||
|
ipsCh, _ := mapcidr.IPAddressesAsStream(value)
|
||||||
|
for ip := range ipsCh {
|
||||||
|
ips = append(ips, ip)
|
||||||
|
}
|
||||||
|
return ips
|
||||||
|
}
|
||||||
|
|
||||||
|
// Expand ASN to IPs
|
||||||
|
func ASN(value string) []string {
|
||||||
|
var ips []string
|
||||||
|
cidrs, _ := asn.GetCIDRsForASNNum(value)
|
||||||
|
for _, cidr := range cidrs {
|
||||||
|
ips = append(ips, CIDR(cidr.String())...)
|
||||||
|
}
|
||||||
|
return ips
|
||||||
|
}
|
Loading…
Reference in New Issue