Moved collaborator to internal

2020-12-22 04:11:07 +05:30 · 2020-12-22 04:11:07 +05:30 · de5f7e6ee6
parent 5cbfa8eaba
commit de5f7e6ee6
5 changed files with 136 additions and 132 deletions
--- a/v2/internal/collaborator/collaborator.go
+++ b/v2/internal/collaborator/collaborator.go
@ -0,0 +1,72 @@
+package collaborator
+
+import (
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/projectdiscovery/collaborator"
+)
+
+var (
+	// PollSeconds is the seconds to poll at.
+	PollSeconds = 5
+	// DefaultMaxBufferLimit is the default request buffer limit
+	DefaultMaxBufferLimit = 150
+	// DefaultPollInterval is the default poll interval for burp collabortor polling.
+	DefaultPollInterval time.Duration = time.Second * time.Duration(PollSeconds)
+	// DefaultCollaborator is the default burp collaborator instance
+	DefaultCollaborator = &Collaborator{Collab: collaborator.NewBurpCollaborator()}
+)
+
+// Collaborator is a client for recording burp collaborator interactions
+type Collaborator struct {
+	sync.RWMutex
+	options *Options // unused
+	Collab  *collaborator.BurpCollaborator
+}
+
+// Options contains configuration options for collaborator client
+type Options struct {
+	BIID           string
+	PollInterval   time.Duration
+	MaxBufferLimit int
+}
+
+// New creates a new collaborator client
+func New(options *Options) *Collaborator {
+	collab := collaborator.NewBurpCollaborator()
+	collab.AddBIID(options.BIID)
+	collab.MaxBufferLimit = options.MaxBufferLimit
+	return &Collaborator{Collab: collab, options: options}
+}
+
+// Poll initiates collaborator polling if any BIIDs were provided
+func (b *Collaborator) Poll() {
+	// if no valid biids were provided just return
+	if len(b.Collab.BIIDs) > 0 {
+		go b.Collab.PollEach(DefaultPollInterval)
+	}
+}
+
+// Has checks if a collabrator hit was found for a URL
+func (b *Collaborator) Has(s string) bool {
+	for _, r := range b.Collab.RespBuffer {
+		for i := 0; i < len(r.Responses); i++ {
+			// search in dns - http - smtp
+			b.RLock()
+			found := strings.Contains(r.Responses[i].Data.RawRequestDecoded, s) ||
+				strings.Contains(r.Responses[i].Data.RequestDecoded, s) ||
+				strings.Contains(r.Responses[i].Data.MessageDecoded, s)
+			b.RUnlock()
+
+			if found {
+				b.Lock()
+				r.Responses = append(r.Responses[:i], r.Responses[i+1:]...)
+				b.Unlock()
+				return true
+			}
+		}
+	}
+	return false
+}
--- a/v2/pkg/collaborator/collaborator.go
+++ b/v2/pkg/collaborator/collaborator.go
@ -1,64 +0,0 @@
-package collaborator
-
-import (
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/projectdiscovery/collaborator"
-)
-
-const (
-	PollSeconds           = 5
-	DefaultMaxBufferLimit = 150
-)
-
-var DefaultPollInterval time.Duration = time.Second * time.Duration(PollSeconds)
-
-var DefaultCollaborator BurpCollaborator = BurpCollaborator{Collab: collaborator.NewBurpCollaborator()}
-
-type BurpCollaborator struct {
-	sync.RWMutex
-	options *Options // unused
-	Collab  *collaborator.BurpCollaborator
-}
-
-type Options struct {
-	BIID           string
-	PollInterval   time.Duration
-	MaxBufferLimit int
-}
-
-func New(options *Options) *BurpCollaborator {
-	collab := collaborator.NewBurpCollaborator()
-	collab.AddBIID(options.BIID)
-	collab.MaxBufferLimit = options.MaxBufferLimit
-	return &BurpCollaborator{Collab: collab, options: options}
-}
-
-func (b *BurpCollaborator) Poll() {
-	// if no valid biids were provided just return
-	if len(b.Collab.BIIDs) > 0 {
-		go b.Collab.PollEach(DefaultPollInterval)
-	}
-}
-
-func (b *BurpCollaborator) Has(s string) (found bool) {
-	foundAt := 0
-	for _, r := range b.Collab.RespBuffer {
-		for i := 0; i < len(r.Responses); i++ {
-			// search in dns - http - smtp
-			b.RLock()
-			found = strings.Contains(r.Responses[i].Data.RawRequestDecoded, s) || strings.Contains(r.Responses[i].Data.RequestDecoded, s) || strings.Contains(r.Responses[i].Data.MessageDecoded, s)
-			b.RUnlock()
-			if found {
-				b.Lock()
-				r.Responses = removeMatch(r.Responses, foundAt)
-				b.Unlock()
-				break
-			}
-		}
-	}
-
-	return
-}
--- a/v2/pkg/collaborator/util.go
+++ b/v2/pkg/collaborator/util.go
@ -1,9 +0,0 @@
-package collaborator
-
-import (
-	"github.com/projectdiscovery/collaborator"
-)
-
-func removeMatch(responses []collaborator.BurpResponse, index int) []collaborator.BurpResponse {
-	return append(responses[:index], responses[index+1:]...)
-}
--- a/v2/pkg/protocols/http/http.go
+++ b/v2/pkg/protocols/http/http.go
@ -1 +1,65 @@
 package http
+
+import (
+	"github.com/projectdiscovery/nuclei/v2/pkg/operators/extractors"
+	"github.com/projectdiscovery/nuclei/v2/pkg/operators/matchers"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/generators"
+)
+
+// Request contains a http request to be made from a template
+type Request struct {
+	// Path contains the path/s for the request
+	Path []string `yaml:"path"`
+	// Matchers contains the detection mechanism for the request to identify
+	// whether the request was successful
+	Matchers []*matchers.Matcher `yaml:"matchers,omitempty"`
+	// Extractors contains the extraction mechanism for the request to identify
+	// and extract parts of the response.
+	Extractors []*extractors.Extractor `yaml:"extractors,omitempty"`
+	// Raw contains raw requests
+	Raw  []string `yaml:"raw,omitempty"`
+	Name string   `yaml:"Name,omitempty"`
+	// AttackType is the attack type
+	// Sniper, PitchFork and ClusterBomb. Default is Sniper
+	AttackType string `yaml:"attack,omitempty"`
+	// Method is the request method, whether GET, POST, PUT, etc
+	Method string `yaml:"method"`
+	// Body is an optional parameter which contains the request body for POST methods, etc
+	Body string `yaml:"body,omitempty"`
+	// MatchersCondition is the condition of the matchers
+	// whether to use AND or OR. Default is OR.
+	MatchersCondition string `yaml:"matchers-condition,omitempty"`
+	// attackType is internal attack type
+	attackType generators.Type
+	// Path contains the path/s for the request variables
+	Payloads map[string]interface{} `yaml:"payloads,omitempty"`
+	// Headers contains headers to send with the request
+	Headers map[string]string `yaml:"headers,omitempty"`
+	// matchersCondition is internal condition for the matchers.
+	matchersCondition matchers.ConditionType
+	// MaxRedirects is the maximum number of redirects that should be followed.
+	MaxRedirects                  int `yaml:"max-redirects,omitempty"`
+	PipelineConcurrentConnections int `yaml:"pipeline-concurrent-connections,omitempty"`
+	PipelineRequestsPerConnection int `yaml:"pipeline-requests-per-connection,omitempty"`
+	Threads                       int `yaml:"threads,omitempty"`
+	// Internal Finite State Machine keeping track of scan process
+	gsfm *GeneratorFSM
+	// CookieReuse is an optional setting that makes cookies shared within requests
+	CookieReuse bool `yaml:"cookie-reuse,omitempty"`
+	// Redirects specifies whether redirects should be followed.
+	Redirects bool `yaml:"redirects,omitempty"`
+	// Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining (race conditions/billions requests)
+	// All requests must be indempotent (GET/POST)
+	Pipeline bool `yaml:"pipeline,omitempty"`
+	// Specify in order to skip request RFC normalization
+	Unsafe bool `yaml:"unsafe,omitempty"`
+	// DisableAutoHostname Enable/Disable Host header for unsafe raw requests
+	DisableAutoHostname bool `yaml:"disable-automatic-host-header,omitempty"`
+	// DisableAutoContentLength Enable/Disable Content-Length header for unsafe raw requests
+	DisableAutoContentLength bool `yaml:"disable-automatic-content-length-header,omitempty"`
+	// Race determines if all the request have to be attempted at the same time
+	// The minimum number fof requests is determined by threads
+	Race bool `yaml:"race,omitempty"`
+	// Number of same request to send in race condition attack
+	RaceNumberRequests int `yaml:"race_count,omitempty"`
+}
--- a/v2/pkg/requests/bulk-http-request.go
+++ b/v2/pkg/requests/bulk-http-request.go
@ -13,7 +13,6 @@ import (
 	"time"

 	"github.com/Knetic/govaluate"
-	"github.com/projectdiscovery/nuclei/v2/pkg/extractors"
 	"github.com/projectdiscovery/nuclei/v2/pkg/generators"
 	"github.com/projectdiscovery/nuclei/v2/pkg/matchers"
 	"github.com/projectdiscovery/nuclei/v2/pkg/syncedreadcloser"
@ -28,64 +27,6 @@ const (

 var urlWithPortRgx = regexp.MustCompile(`{{BaseURL}}:(\d+)`)

-// BulkHTTPRequest contains a request to be made from a template
-type BulkHTTPRequest struct {
-	// Path contains the path/s for the request
-	Path []string `yaml:"path"`
-	// Matchers contains the detection mechanism for the request to identify
-	// whether the request was successful
-	Matchers []*matchers.Matcher `yaml:"matchers,omitempty"`
-	// Extractors contains the extraction mechanism for the request to identify
-	// and extract parts of the response.
-	Extractors []*extractors.Extractor `yaml:"extractors,omitempty"`
-	// Raw contains raw requests
-	Raw  []string `yaml:"raw,omitempty"`
-	Name string   `yaml:"Name,omitempty"`
-	// AttackType is the attack type
-	// Sniper, PitchFork and ClusterBomb. Default is Sniper
-	AttackType string `yaml:"attack,omitempty"`
-	// Method is the request method, whether GET, POST, PUT, etc
-	Method string `yaml:"method"`
-	// Body is an optional parameter which contains the request body for POST methods, etc
-	Body string `yaml:"body,omitempty"`
-	// MatchersCondition is the condition of the matchers
-	// whether to use AND or OR. Default is OR.
-	MatchersCondition string `yaml:"matchers-condition,omitempty"`
-	// attackType is internal attack type
-	attackType generators.Type
-	// Path contains the path/s for the request variables
-	Payloads map[string]interface{} `yaml:"payloads,omitempty"`
-	// Headers contains headers to send with the request
-	Headers map[string]string `yaml:"headers,omitempty"`
-	// matchersCondition is internal condition for the matchers.
-	matchersCondition matchers.ConditionType
-	// MaxRedirects is the maximum number of redirects that should be followed.
-	MaxRedirects                  int `yaml:"max-redirects,omitempty"`
-	PipelineConcurrentConnections int `yaml:"pipeline-concurrent-connections,omitempty"`
-	PipelineRequestsPerConnection int `yaml:"pipeline-requests-per-connection,omitempty"`
-	Threads                       int `yaml:"threads,omitempty"`
-	// Internal Finite State Machine keeping track of scan process
-	gsfm *GeneratorFSM
-	// CookieReuse is an optional setting that makes cookies shared within requests
-	CookieReuse bool `yaml:"cookie-reuse,omitempty"`
-	// Redirects specifies whether redirects should be followed.
-	Redirects bool `yaml:"redirects,omitempty"`
-	// Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining (race conditions/billions requests)
-	// All requests must be indempotent (GET/POST)
-	Pipeline bool `yaml:"pipeline,omitempty"`
-	// Specify in order to skip request RFC normalization
-	Unsafe bool `yaml:"unsafe,omitempty"`
-	// DisableAutoHostname Enable/Disable Host header for unsafe raw requests
-	DisableAutoHostname bool `yaml:"disable-automatic-host-header,omitempty"`
-	// DisableAutoContentLength Enable/Disable Content-Length header for unsafe raw requests
-	DisableAutoContentLength bool `yaml:"disable-automatic-content-length-header,omitempty"`
-	// Race determines if all the request have to be attempted at the same time
-	// The minimum number fof requests is determined by threads
-	Race bool `yaml:"race,omitempty"`
-	// Number of same request to send in race condition attack
-	RaceNumberRequests int `yaml:"race_count,omitempty"`
-}
-
 // GetMatchersCondition returns the condition for the matcher
 func (r *BulkHTTPRequest) GetMatchersCondition() matchers.ConditionType {
 	return r.matchersCondition