From 825f417b53ceec3e7b31a2524521b4091458dc4c Mon Sep 17 00:00:00 2001 From: TheSecEng Date: Tue, 3 Aug 2021 22:47:09 -0700 Subject: [PATCH] fixes - Rename Targets -> TargetsFilePath - Rename Target -> Targets - Implement target checks (empty, dupe) - Update documentation --- README.md | 2 +- README_CN.md | 4 ++-- v2/cmd/nuclei/main.go | 4 ++-- v2/internal/runner/runner.go | 24 ++++++++++++++++++------ v2/internal/testutils/testutils.go | 4 ++-- v2/pkg/types/types.go | 6 +++--- 6 files changed, 28 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 1e6a3874..28b2f066 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,7 @@ Usage: Flags: TARGET: - -u, -target string target URLs/hosts to scan + -u, -target string[] target URLs/hosts to scan -l, -list string path to file containing a list of target URLs/hosts to scan (one per line) TEMPLATES: diff --git a/README_CN.md b/README_CN.md index f89fe5c9..04138acd 100644 --- a/README_CN.md +++ b/README_CN.md @@ -97,7 +97,7 @@ nuclei -h |burp-collaborator-biid|使用burp-collaborator插件|nuclei -burp-collaborator-biid XXXX| |c|并行的最大模板数量(默认10)|nuclei -c 10| |l|对URL列表进行测试|nuclei -l urls.txt| -|target|对目标进行测试|nuclei -target hxxps://example.com| +|target|对目标进行测试|nuclei -target hxxps://example.com -target hxxps://example2.com| |t|要检测的模板种类|nuclei -t git-core.yaml -t cves/| |no-color|输出不显示颜色|nuclei -no-color| |no-meta|不显示匹配的元数据|nuclei -no-meta| @@ -250,4 +250,4 @@ nano ~/nuclei-templates/.nuclei-ignore -------- -Nuclei是由[projectdiscovery](https://projectdiscovery.io)团队用🖤制作的,当然社区也贡献了很多,通过 **[Thanks.md](https://github.com/projectdiscovery/nuclei/blob/master/THANKS.md)**文件以获取更多详细信息。 \ No newline at end of file +Nuclei是由[projectdiscovery](https://projectdiscovery.io)团队用🖤制作的,当然社区也贡献了很多,通过 **[Thanks.md](https://github.com/projectdiscovery/nuclei/blob/master/THANKS.md)**文件以获取更多详细信息。 diff --git a/v2/cmd/nuclei/main.go b/v2/cmd/nuclei/main.go index bc70f3b1..15543bda 100644 --- a/v2/cmd/nuclei/main.go +++ b/v2/cmd/nuclei/main.go @@ -42,8 +42,8 @@ func readConfig() { on extensive configurability, massive extensibility and ease of use.`) createGroup(flagSet, "input", "Target", - flagSet.StringSliceVarP(&options.Target, "target", "u", []string{}, "target URLs/hosts to scan"), - flagSet.StringVarP(&options.Targets, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"), + flagSet.StringSliceVarP(&options.Targets, "target", "u", []string{}, "target URLs/hosts to scan"), + flagSet.StringVarP(&options.TargetsFilePath, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"), ) createGroup(flagSet, "templates", "Templates", diff --git a/v2/internal/runner/runner.go b/v2/internal/runner/runner.go index 6acbdf92..48e2336e 100644 --- a/v2/internal/runner/runner.go +++ b/v2/internal/runner/runner.go @@ -125,7 +125,7 @@ func New(options *types.Options) (*Runner, error) { os.Exit(0) } - if (len(options.Templates) == 0 || !options.NewTemplates || (options.Targets == "" && !options.Stdin && len(options.Target) == 0)) && options.UpdateTemplates { + if (len(options.Templates) == 0 || !options.NewTemplates || (options.TargetsFilePath == "" && !options.Stdin && len(options.Targets) == 0)) && options.UpdateTemplates { os.Exit(0) } hm, err := hybrid.New(hybrid.DefaultDiskOptions) @@ -138,11 +138,21 @@ func New(options *types.Options) (*Runner, error) { dupeCount := 0 // Handle single target - if len(options.Target) != 0 { - for _, target := range options.Target { + if len(options.Targets) != 0 { + for _, target := range options.Targets { + url := strings.TrimSpace(target) + if url == "" { + continue + } + + if _, ok := runner.hostMap.Get(url); ok { + dupeCount++ + continue + } + runner.inputCount++ // nolint:errcheck // ignoring error - runner.hostMap.Set(target, nil) + runner.hostMap.Set(url, nil) } } @@ -154,10 +164,12 @@ func New(options *types.Options) (*Runner, error) { if url == "" { continue } + if _, ok := runner.hostMap.Get(url); ok { dupeCount++ continue } + runner.inputCount++ // nolint:errcheck // ignoring error runner.hostMap.Set(url, nil) @@ -165,8 +177,8 @@ func New(options *types.Options) (*Runner, error) { } // Handle taget file - if options.Targets != "" { - input, inputErr := os.Open(options.Targets) + if options.TargetsFilePath != "" { + input, inputErr := os.Open(options.TargetsFilePath) if inputErr != nil { return nil, errors.Wrap(inputErr, "could not open targets file") } diff --git a/v2/internal/testutils/testutils.go b/v2/internal/testutils/testutils.go index d8305044..b6f1bf07 100644 --- a/v2/internal/testutils/testutils.go +++ b/v2/internal/testutils/testutils.go @@ -45,8 +45,8 @@ var DefaultOptions = &types.Options{ RateLimit: 150, ProjectPath: "", Severity: []string{}, - Target: []string{}, - Targets: "", + Targets: []string{}, + TargetsFilePath: "", Output: "", ProxyURL: "", ProxySocksURL: "", diff --git a/v2/pkg/types/types.go b/v2/pkg/types/types.go index f049b813..73cb4c91 100644 --- a/v2/pkg/types/types.go +++ b/v2/pkg/types/types.go @@ -32,10 +32,10 @@ type Options struct { ProjectPath string // InteractshURL is the URL for the interactsh server. InteractshURL string - // Target is a single URL/Domain to scan using a template - Target goflags.StringSlice + // Target URLs/Domains to scan using a template + Targets goflags.StringSlice // Targets specifies the targets to scan using templates. - Targets string + TargetsFilePath string // Output is the file to write found results to. Output string // ProxyURL is the URL for the proxy server