daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Argument checks for presence and validity

dev
kchason 2021-10-20 11:32:09 -04:00
parent e2052dedc1
commit 9c77f15012
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
v2/cmd/nuclei/main.go
View File

@ -105,9 +105,9 @@ on extensive configurability, massive extensibility and ease of use.`)
flagSet.BoolVar(&options.SystemResolvers, "system-resolvers", false, "use system DNS resolving as error fallback"),
flagSet.BoolVar(&options.OfflineHTTP, "passive", false, "enable passive HTTP response processing mode"),
flagSet.BoolVar(&options.EnvironmentVariables, "env-vars", false, "enable environment variables support"),
flagSet.StringVar(&options.ClientCertFile, "client-cert", "cc", "client certificate file (PEM-encoded) used for authenticating against scanned hosts"),
flagSet.StringVar(&options.ClientKeyFile, "client-key", "ck", "client key file (PEM-encoded) used for authenticating against scanned hosts"),
flagSet.StringVar(&options.ClientCAFile, "client-ca", "ca", "client certificate authority file (PEM-encoded) used for authenticating against scanned hosts"),
flagSet.StringVarP(&options.ClientCertFile, "client-cert", "cc", "", "client certificate file (PEM-encoded) used for authenticating against scanned hosts"),
flagSet.StringVarP(&options.ClientKeyFile, "client-key", "ck", "", "client key file (PEM-encoded) used for authenticating against scanned hosts"),
flagSet.StringVarP(&options.ClientCAFile, "client-ca", "ca", "", "client certificate authority file (PEM-encoded) used for authenticating against scanned hosts"),
)
createGroup(flagSet, "interactsh", "interactsh",

19
v2/internal/runner/options.go
View File

@ -98,6 +98,14 @@ func validateOptions(options *types.Options) error {
validateTemplatePaths(options.TemplatesDirectory, options.Templates, options.Workflows)
}
// Verify if any of the client certificate options were set since it requires all three to work properly
if len(options.ClientCertFile) > 0 || len(options.ClientKeyFile) > 0 || len(options.ClientCAFile) > 0 {
if len(options.ClientCertFile) == 0 || len(options.ClientKeyFile) == 0 || len(options.ClientCAFile) == 0 {
return errors.New("if a client certification option is provided, then all three must be provided")
}
validateCertificatePaths([]string{options.ClientCertFile, options.ClientKeyFile, options.ClientCAFile})
}
return nil
}
@ -174,3 +182,14 @@ func validateTemplatePaths(templatesDirectory string, templatePaths, workflowPat
}
}
}
func validateCertificatePaths(certificatePaths []string) {
for _, certificatePath := range certificatePaths {
if _, err := os.Stat(certificatePath); os.IsNotExist(err) {
// The provided path to the PEM certificate does not exist for the client authentication. As this is
// required for successful authentication, log and return an error
gologger.Fatal().Msgf("The given path (%s) to the certificate does not exist!", certificatePath)
break
}
}
}