mirror of https://github.com/daffainfo/nuclei.git
Merge remote-tracking branch 'origin/client-cert-auth' into client-cert-auth
# Conflicts: # v2/pkg/protocols/headless/engine/http_client.godev
commit
c3503922c9
|
@ -0,0 +1,19 @@
|
|||
id: interactsh-integration-test
|
||||
|
||||
info:
|
||||
name: Interactsh Integration Test
|
||||
author: pdteam
|
||||
severity: info
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}"
|
||||
headers:
|
||||
url: 'http://{{interactsh-url}}'
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
part: interactsh_protocol # Confirms the HTTP Interaction
|
||||
words:
|
||||
- "http"
|
|
@ -31,9 +31,36 @@ var httpTestcases = map[string]testutils.TestCase{
|
|||
"http/raw-unsafe-request.yaml": &httpRawUnsafeRequest{},
|
||||
"http/request-condition.yaml": &httpRequestCondition{},
|
||||
"http/request-condition-new.yaml": &httpRequestCondition{},
|
||||
"http/interactsh.yaml": &httpInteractshRequest{},
|
||||
"http/self-contained.yaml": &httpRequestSelContained{},
|
||||
}
|
||||
|
||||
type httpInteractshRequest struct{}
|
||||
|
||||
// Executes executes a test case and returns an error if occurred
|
||||
func (h *httpInteractshRequest) Execute(filePath string) error {
|
||||
router := httprouter.New()
|
||||
router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
|
||||
value := r.Header.Get("url")
|
||||
if value != "" {
|
||||
if resp, _ := http.DefaultClient.Get(value); resp != nil {
|
||||
resp.Body.Close()
|
||||
}
|
||||
}
|
||||
}))
|
||||
ts := httptest.NewServer(router)
|
||||
defer ts.Close()
|
||||
|
||||
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if len(results) != 1 {
|
||||
return errIncorrectResultsCount(results)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type httpGetHeaders struct{}
|
||||
|
||||
// Execute executes a test case and returns an error if occurred
|
||||
|
|
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/utils"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/http/cookiejar"
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
|
@ -58,5 +59,17 @@ func newhttpClient(options *types.Options) *http.Client {
|
|||
}
|
||||
}
|
||||
|
||||
return &http.Client{Transport: transport, Timeout: time.Duration(options.Timeout*3) * time.Second}
|
||||
jar, _ := cookiejar.New(nil)
|
||||
|
||||
httpclient := &http.Client{
|
||||
Transport: transport,
|
||||
Timeout: time.Duration(options.Timeout*3) * time.Second,
|
||||
Jar: jar,
|
||||
CheckRedirect: func(req *http.Request, via []*http.Request) error {
|
||||
// the browser should follow redirects not us
|
||||
return http.ErrUseLastResponse
|
||||
},
|
||||
}
|
||||
|
||||
return httpclient
|
||||
}
|
||||
|
|
|
@ -8,6 +8,9 @@ import (
|
|||
|
||||
// routingRuleHandler handles proxy rule for actions related to request/response modification
|
||||
func (p *Page) routingRuleHandler(ctx *rod.Hijack) {
|
||||
// usually browsers don't use chunked transfer encoding so we set the content-length nevertheless
|
||||
ctx.Request.Req().ContentLength = int64(len(ctx.Request.Body()))
|
||||
|
||||
for _, rule := range p.rules {
|
||||
if rule.Part != "request" {
|
||||
continue
|
||||
|
|
Loading…
Reference in New Issue