daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

additional dsl functions (#2550) 

* additional dsl functions

* avoid conversion at each iteration
dev
Sami 2022-09-08 03:55:34 -05:00 committed by GitHub
parent 7ce03bcc5b
commit f3eb0daa39
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 95 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
integration_tests/http/dsl-functions.yaml
View File

@ -17,76 +17,78 @@ requests:
05: {{compare_versions('v1.0.0', '>v0.0.1', '<v1.0.1')}} 05: {{compare_versions('v1.0.0', '>v0.0.1', '<v1.0.1')}}
06: {{concat("Hello", "world")}} 06: {{concat("Hello", "world")}}
07: {{contains("Hello", "lo")}} 07: {{contains("Hello", "lo")}}
08: {{date_time("%Y-%M-%D")}} 08: {{contains_all("Hello everyone", "lo", "every")}}
09: {{date_time("%Y-%M-%D", unix_time())}} 09: {{contains_any("Hello everyone", "abc", "llo")}}
10: {{date_time("%H-%m")}} 10: {{date_time("%Y-%M-%D")}}
11: {{date_time("02-01-2006 15:04")}} 11: {{date_time("%Y-%M-%D", unix_time())}}
12: {{date_time("02-01-2006 15:04", unix_time())}} 12: {{date_time("%H-%m")}}
13: {{dec_to_hex(11111)}} 13: {{date_time("02-01-2006 15:04")}}
14: {{generate_java_gadget("commons-collections3.1", "wget http://{{interactsh-url}}", "base64")}} 14: {{date_time("02-01-2006 15:04", unix_time())}}
15: {{gzip("Hello")}} 15: {{dec_to_hex(11111)}}
16: {{gzip_decode(hex_decode("1f8b08000000000000fff248cdc9c907040000ffff8289d1f705000000"))}} 16: {{generate_java_gadget("commons-collections3.1", "wget http://{{interactsh-url}}", "base64")}}
17: {{hex_decode("6161")}} 17: {{gzip("Hello")}}
18: {{hex_encode("aa")}} 18: {{gzip_decode(hex_decode("1f8b08000000000000fff248cdc9c907040000ffff8289d1f705000000"))}}
19: {{hmac("sha1", "test", "scrt")}} 19: {{hex_decode("6161")}}
20: {{hmac("sha256", "test", "scrt")}} 20: {{hex_encode("aa")}}
21: {{hmac("sha512", "test", "scrt")}} 21: {{hmac("sha1", "test", "scrt")}}
22: {{html_escape("<body>test</body>")}} 22: {{hmac("sha256", "test", "scrt")}}
23: {{html_unescape("&lt;body&gt;test&lt;/body&gt;")}} 23: {{hmac("sha512", "test", "scrt")}}
24: {{join("_", "hello", "world")}} 24: {{html_escape("<body>test</body>")}}
25: {{len("Hello")}} 25: {{html_unescape("&lt;body&gt;test&lt;/body&gt;")}}
26: {{len(5555)}} 26: {{join("_", "hello", "world")}}
27: {{md5("Hello")}} 27: {{len("Hello")}}
28: {{md5(1234)}} 28: {{len(5555)}}
29: {{mmh3("Hello")}} 29: {{md5("Hello")}}
30: {{print_debug(1+2, "Hello")}} 30: {{md5(1234)}}
31: {{rand_base(5, "abc")}} 31: {{mmh3("Hello")}}
32: {{rand_base(5, "")}} 32: {{print_debug(1+2, "Hello")}}
33: {{rand_base(5)}} 33: {{rand_base(5, "abc")}}
34: {{rand_char("abc")}} 34: {{rand_base(5, "")}}
35: {{rand_char("")}} 35: {{rand_base(5)}}
36: {{rand_char()}} 36: {{rand_char("abc")}}
37: {{rand_int(1, 10)}} 37: {{rand_char("")}}
38: {{rand_int(10)}} 38: {{rand_char()}}
39: {{rand_int()}} 39: {{rand_int(1, 10)}}
40: {{rand_ip("192.168.0.0/24")}} 40: {{rand_int(10)}}
41: {{rand_ip("2002:c0a8::/24")}} 41: {{rand_int()}}
42: {{rand_ip("192.168.0.0/24","10.0.100.0/24")}} 42: {{rand_ip("192.168.0.0/24")}}
43: {{rand_text_alpha(10, "abc")}} 43: {{rand_ip("2002:c0a8::/24")}}
44: {{rand_text_alpha(10, "")}} 44: {{rand_ip("192.168.0.0/24","10.0.100.0/24")}}
45: {{rand_text_alpha(10)}} 45: {{rand_text_alpha(10, "abc")}}
46: {{rand_text_alphanumeric(10, "ab12")}} 46: {{rand_text_alpha(10, "")}}
47: {{rand_text_alphanumeric(10)}} 47: {{rand_text_alpha(10)}}
48: {{rand_text_numeric(10, 123)}} 48: {{rand_text_alphanumeric(10, "ab12")}}
49: {{rand_text_numeric(10)}} 49: {{rand_text_alphanumeric(10)}}
50: {{regex("H([a-z]+)o", "Hello")}} 50: {{rand_text_numeric(10, 123)}}
51: {{remove_bad_chars("abcd", "bc")}} 51: {{rand_text_numeric(10)}}
52: {{repeat("a", 5)}} 52: {{regex("H([a-z]+)o", "Hello")}}
53: {{replace("Hello", "He", "Ha")}} 53: {{remove_bad_chars("abcd", "bc")}}
54: {{replace_regex("He123llo", "(\\d+)", "")}} 54: {{repeat("a", 5)}}
55: {{reverse("abc")}} 55: {{replace("Hello", "He", "Ha")}}
56: {{sha1("Hello")}} 56: {{replace_regex("He123llo", "(\\d+)", "")}}
57: {{sha256("Hello")}} 57: {{reverse("abc")}}
58: {{sha512("Hello")}} 58: {{sha1("Hello")}}
59: {{to_lower("HELLO")}} 59: {{sha256("Hello")}}
60: {{to_upper("hello")}} 60: {{sha512("Hello")}}
61: {{trim("aaaHelloddd", "ad")}} 61: {{to_lower("HELLO")}}
62: {{trim_left("aaaHelloddd", "ad")}} 62: {{to_upper("hello")}}
63: {{trim_prefix("aaHelloaa", "aa")}} 63: {{trim("aaaHelloddd", "ad")}}
64: {{trim_right("aaaHelloddd", "ad")}} 64: {{trim_left("aaaHelloddd", "ad")}}
65: {{trim_space(" Hello ")}} 65: {{trim_prefix("aaHelloaa", "aa")}}
66: {{trim_suffix("aaHelloaa", "aa")}} 66: {{trim_right("aaaHelloddd", "ad")}}
67: {{unix_time(10)}} 67: {{trim_space(" Hello ")}}
68: {{url_decode("https:%2F%2Fprojectdiscovery.io%3Ftest=1")}} 68: {{trim_suffix("aaHelloaa", "aa")}}
69: {{url_encode("https://projectdiscovery.io/test?a=1")}} 69: {{unix_time(10)}}
70: {{wait_for(1)}} 70: {{url_decode("https:%2F%2Fprojectdiscovery.io%3Ftest=1")}}
71: {{zlib("Hello")}} 71: {{url_encode("https://projectdiscovery.io/test?a=1")}}
72: {{zlib_decode(hex_decode("789cf248cdc9c907040000ffff058c01f5"))}} 72: {{wait_for(1)}}
73: {{hex_encode(aes_gcm("AES256Key-32Characters1234567890", "exampleplaintext"))}} 73: {{zlib("Hello")}}
74: {{starts_with("Hello", "He")}} 74: {{zlib_decode(hex_decode("789cf248cdc9c907040000ffff058c01f5"))}}
75: {{ends_with("Hello", "lo")}} 75: {{hex_encode(aes_gcm("AES256Key-32Characters1234567890", "exampleplaintext"))}}
76: {{line_starts_with("Hi\nHello", "He")}} 76: {{starts_with("Hello", "He")}}
77: {{line_ends_with("Hello\nHi", "lo")}} 77: {{ends_with("Hello", "lo")}}
78: {{line_starts_with("Hi\nHello", "He")}}
79: {{line_ends_with("Hello\nHi", "lo")}}
extractors: extractors:
- type: regex - type: regex

2
v2/cmd/integration-test/http.go
View File

@ -258,7 +258,7 @@ func (h *httpDSLFunctions) Execute(filePath string) error {
} }
totalExtracted := strings.Split(submatch[1], ",") totalExtracted := strings.Split(submatch[1], ",")
numberOfDslFunctions := 77 numberOfDslFunctions := 79
if len(totalExtracted) != numberOfDslFunctions { if len(totalExtracted) != numberOfDslFunctions {
return errors.New("incorrect number of results") return errors.New("incorrect number of results")
} }

22
v2/pkg/operators/common/dsl/dsl.go
View File

@ -269,6 +269,28 @@ func init() {
"contains": makeDslFunction(2, func(args ...interface{}) (interface{}, error) { "contains": makeDslFunction(2, func(args ...interface{}) (interface{}, error) {
return strings.Contains(types.ToString(args[0]), types.ToString(args[1])), nil return strings.Contains(types.ToString(args[0]), types.ToString(args[1])), nil
}), }),
"contains_all":makeDslWithOptionalArgsFunction(
"(body interface{}, substrs ...string) bool",
func(arguments ...interface{}) (interface{}, error) {
body := types.ToString(arguments[0])
for _, value := range arguments[1:] {
if !strings.Contains(body, types.ToString(value)) {
return false, nil
}
}
return true, nil
}),
"contains_any":makeDslWithOptionalArgsFunction(
"(body interface{}, substrs ...string) bool",
func(arguments ...interface{}) (interface{}, error) {
body := types.ToString(arguments[0])
for _, value := range arguments[1:] {
if strings.Contains(body, types.ToString(value)) {
return true, nil
}
}
return false, nil
}),
"starts_with": makeDslWithOptionalArgsFunction( "starts_with": makeDslWithOptionalArgsFunction(
"(str string, prefix ...string) bool", "(str string, prefix ...string) bool",
func(args ...interface{}) (interface{}, error) { func(args ...interface{}) (interface{}, error) {