2020-08-29 15:26:11 +02:00
|
|
|
package runner
|
|
|
|
|
|
|
|
|
|
import (
|
2022-11-29 13:18:44 +01:00
|
|
|
"bytes"
|
2022-05-08 08:52:21 +02:00
|
|
|
"path/filepath"
|
2024-05-04 21:11:39 +02:00
|
|
|
"sort"
|
2020-08-29 15:26:11 +02:00
|
|
|
"strings"
|
|
|
|
|
|
2022-11-29 13:18:44 +01:00
|
|
|
"github.com/alecthomas/chroma/quick"
|
2024-05-04 21:11:39 +02:00
|
|
|
jsoniter "github.com/json-iterator/go"
|
2022-11-29 13:18:44 +01:00
|
|
|
"github.com/logrusorgru/aurora"
|
2023-10-17 17:44:13 +05:30
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader"
|
2022-11-29 13:18:44 +01:00
|
|
|
|
2020-08-29 15:26:11 +02:00
|
|
|
"github.com/projectdiscovery/gologger"
|
2023-10-17 17:44:13 +05:30
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/templates"
|
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
2020-08-29 15:26:11 +02:00
|
|
|
)
|
|
|
|
|
|
2022-09-20 16:33:57 -05:00
|
|
|
// log available templates for verbose (-vv)
|
2020-08-29 23:02:45 +02:00
|
|
|
func (r *Runner) logAvailableTemplate(tplPath string) {
|
2024-03-13 02:27:15 +01:00
|
|
|
t, err := r.parser.ParseTemplate(tplPath, r.catalog)
|
|
|
|
|
tpl, ok := t.(*templates.Template)
|
|
|
|
|
if !ok {
|
|
|
|
|
panic("not a template")
|
|
|
|
|
}
|
2020-12-29 15:38:14 +05:30
|
|
|
if err != nil {
|
|
|
|
|
gologger.Error().Msgf("Could not parse file '%s': %s\n", tplPath, err)
|
2021-01-14 13:21:21 +05:30
|
|
|
} else {
|
2024-03-13 02:27:15 +01:00
|
|
|
r.verboseTemplate(tpl)
|
2020-08-29 23:02:45 +02:00
|
|
|
}
|
2020-08-29 15:26:11 +02:00
|
|
|
}
|
|
|
|
|
|
2022-11-29 13:18:44 +01:00
|
|
|
// log available templates for verbose (-vv)
|
|
|
|
|
func (r *Runner) verboseTemplate(tpl *templates.Template) {
|
|
|
|
|
gologger.Print().Msgf("%s\n", templates.TemplateLogMessage(tpl.ID,
|
|
|
|
|
types.ToString(tpl.Info.Name),
|
|
|
|
|
tpl.Info.Authors.ToSlice(),
|
|
|
|
|
tpl.Info.SeverityHolder.Severity))
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-20 16:33:57 -05:00
|
|
|
func (r *Runner) listAvailableStoreTemplates(store *loader.Store) {
|
2020-12-29 15:38:14 +05:30
|
|
|
gologger.Print().Msgf(
|
2023-04-19 21:58:48 +05:30
|
|
|
"\nListing available %v nuclei templates for %v",
|
|
|
|
|
config.DefaultConfig.TemplateVersion,
|
|
|
|
|
config.DefaultConfig.TemplatesDirectory,
|
2020-08-30 13:25:34 +02:00
|
|
|
)
|
2022-11-29 13:18:44 +01:00
|
|
|
for _, tpl := range store.Templates() {
|
|
|
|
|
if hasExtraFlags(r.options) {
|
|
|
|
|
if r.options.TemplateDisplay {
|
|
|
|
|
colorize := !r.options.NoColor
|
|
|
|
|
path := tpl.Path
|
2023-08-26 02:33:45 +05:30
|
|
|
tplBody, err := store.ReadTemplateFromURI(path, true)
|
2022-11-29 13:18:44 +01:00
|
|
|
if err != nil {
|
|
|
|
|
gologger.Error().Msgf("Could not read the template %s: %s", path, err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if colorize {
|
|
|
|
|
path = aurora.Cyan(tpl.Path).String()
|
|
|
|
|
tplBody, err = r.highlightTemplate(&tplBody)
|
|
|
|
|
if err != nil {
|
2023-08-01 14:33:43 -04:00
|
|
|
gologger.Error().Msgf("Could not highlight the template %s: %s", tpl.Path, err)
|
2022-11-29 13:18:44 +01:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
gologger.Silent().Msgf("Template: %s\n\n%s", path, tplBody)
|
|
|
|
|
} else {
|
2023-04-19 21:58:48 +05:30
|
|
|
gologger.Silent().Msgf("%s\n", strings.TrimPrefix(tpl.Path, config.DefaultConfig.TemplatesDirectory+string(filepath.Separator)))
|
2022-11-29 13:18:44 +01:00
|
|
|
}
|
2022-09-20 16:33:57 -05:00
|
|
|
} else {
|
2022-11-29 13:18:44 +01:00
|
|
|
r.verboseTemplate(tpl)
|
2022-09-20 16:33:57 -05:00
|
|
|
}
|
2020-08-29 15:26:11 +02:00
|
|
|
}
|
|
|
|
|
}
|
2022-11-29 13:18:44 +01:00
|
|
|
|
2024-05-04 21:11:39 +02:00
|
|
|
func (r *Runner) listAvailableStoreTags(store *loader.Store) {
|
|
|
|
|
gologger.Print().Msgf(
|
|
|
|
|
"\nListing available %v nuclei tags for %v",
|
|
|
|
|
config.DefaultConfig.TemplateVersion,
|
|
|
|
|
config.DefaultConfig.TemplatesDirectory,
|
|
|
|
|
)
|
|
|
|
|
tagsMap := make(map[string]int)
|
|
|
|
|
for _, tpl := range store.Templates() {
|
|
|
|
|
for _, tag := range tpl.Info.Tags.ToSlice() {
|
|
|
|
|
tagsMap[tag]++
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
type kv struct {
|
|
|
|
|
Key string `json:"tag"`
|
|
|
|
|
Value int `json:"count"`
|
|
|
|
|
}
|
|
|
|
|
var tagsList []kv
|
|
|
|
|
for k, v := range tagsMap {
|
|
|
|
|
tagsList = append(tagsList, kv{k, v})
|
|
|
|
|
}
|
|
|
|
|
sort.Slice(tagsList, func(i, j int) bool {
|
|
|
|
|
return tagsList[i].Value > tagsList[j].Value
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
for _, tag := range tagsList {
|
|
|
|
|
if r.options.JSONL {
|
|
|
|
|
marshalled, _ := jsoniter.Marshal(tag)
|
|
|
|
|
gologger.Silent().Msgf("%s\n", string(marshalled))
|
|
|
|
|
} else {
|
|
|
|
|
gologger.Silent().Msgf("%s (%d)\n", tag.Key, tag.Value)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-29 13:18:44 +01:00
|
|
|
func (r *Runner) highlightTemplate(body *[]byte) ([]byte, error) {
|
|
|
|
|
var buf bytes.Buffer
|
2023-08-01 14:33:43 -04:00
|
|
|
// YAML lexer, true color terminal formatter and monokai style
|
2022-11-29 13:18:44 +01:00
|
|
|
err := quick.Highlight(&buf, string(*body), "yaml", "terminal16m", "monokai")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return buf.Bytes(), nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func hasExtraFlags(options *types.Options) bool {
|
|
|
|
|
return options.Templates != nil || options.Authors != nil ||
|
|
|
|
|
options.Tags != nil || len(options.ExcludeTags) > 3 ||
|
|
|
|
|
options.IncludeTags != nil || options.IncludeIds != nil ||
|
|
|
|
|
options.ExcludeIds != nil || options.IncludeTemplates != nil ||
|
|
|
|
|
options.ExcludedTemplates != nil || options.ExcludeMatchers != nil ||
|
|
|
|
|
options.Severities != nil || options.ExcludeSeverities != nil ||
|
|
|
|
|
options.Protocols != nil || options.ExcludeProtocols != nil ||
|
|
|
|
|
options.IncludeConditions != nil || options.TemplateList
|
|
|
|
|
}
|
