nuclei/v2/pkg/executer/output_http.go

package executer

import (
	"net/http"
	"net/http/httputil"
	"strings"

	jsoniter "github.com/json-iterator/go"
	"github.com/projectdiscovery/gologger"
	"github.com/projectdiscovery/nuclei/v2/pkg/matchers"
	"github.com/projectdiscovery/nuclei/v2/pkg/requests"
)

// writeOutputHTTP writes http output to streams
func (e *HTTPExecuter) writeOutputHTTP(req *requests.HTTPRequest, resp *http.Response, body string, matcher *matchers.Matcher, extractorResults []string, meta map[string]interface{}) {
	var URL string
	if req.RawRequest != nil {
		URL = req.RawRequest.FullURL
	}
	if req.Request != nil {
		URL = req.Request.URL.String()
	}

	if e.jsonOutput {
		output := make(jsonOutput)

		output["matched"] = URL
		if !e.noMeta {
			output["template"] = e.template.ID
			output["type"] = "http"
			if len(meta) > 0 {
				output["meta"] = meta
			}
			for k, v := range e.template.Info {
				output[k] = v
			}
			if matcher != nil && len(matcher.Name) > 0 {
				output["matcher_name"] = matcher.Name
			}
			if len(extractorResults) > 0 {
				output["extracted_results"] = extractorResults
			}

			// TODO: URL should be an argument
			if e.jsonRequest {
				dumpedRequest, err := requests.Dump(req, URL)
				if err != nil {
					gologger.Warningf("could not dump request: %s\n", err)
				} else {
					output["request"] = string(dumpedRequest)
				}

				dumpedResponse, err := httputil.DumpResponse(resp, false)
				if err != nil {
					gologger.Warningf("could not dump response: %s\n", err)
				} else {
					output["response"] = string(dumpedResponse) + body
				}
			}
		}

		data, err := jsoniter.Marshal(output)
		if err != nil {
			gologger.Warningf("Could not marshal json output: %s\n", err)
		}
		gologger.Silentf("%s", string(data))

		if e.writer != nil {
			if err := e.writer.Write(data); err != nil {
				gologger.Errorf("Could not write output data: %s\n", err)
				return
			}
		}
		return
	}

	builder := &strings.Builder{}
	colorizer := e.colorizer

	if !e.noMeta {
		builder.WriteRune('[')
		builder.WriteString(colorizer.Colorizer.BrightGreen(e.template.ID).String())

		if matcher != nil && len(matcher.Name) > 0 {
			builder.WriteString(":")
			builder.WriteString(colorizer.Colorizer.BrightGreen(matcher.Name).Bold().String())
		}

		builder.WriteString("] [")
		builder.WriteString(colorizer.Colorizer.BrightBlue("http").String())
		builder.WriteString("] ")

		if e.template.Info["severity"] != "" {
			builder.WriteString("[")
			builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info["severity"]))
			builder.WriteString("] ")
		}
	}
	builder.WriteString(URL)

	// If any extractors, write the results
	if len(extractorResults) > 0 && !e.noMeta {
		builder.WriteString(" [")

		for i, result := range extractorResults {
			builder.WriteString(colorizer.Colorizer.BrightCyan(result).String())

			if i != len(extractorResults)-1 {
				builder.WriteRune(',')
			}
		}

		builder.WriteString("]")
	}

	// write meta if any
	if len(req.Meta) > 0 && !e.noMeta {
		builder.WriteString(" [")

		var metas []string

		for name, value := range req.Meta {
			metas = append(metas, colorizer.Colorizer.BrightYellow(name).Bold().String()+"="+colorizer.Colorizer.BrightYellow(value.(string)).String())
		}

		builder.WriteString(strings.Join(metas, ","))
		builder.WriteString("]")
	}

	builder.WriteRune('\n')

	// Write output to screen as well as any output file
	message := builder.String()
	gologger.Silentf("%s", message)

	if e.writer != nil {
		if e.coloredOutput {
			message = e.decolorizer.ReplaceAllString(message, "")
		}

		if err := e.writer.WriteString(message); err != nil {
			gologger.Errorf("Could not write output data: %s\n", err)
			return
		}
	}
}
typo global correction 2020-07-16 10:57:28 +02:00			`package executer`
Added executor + refactor 2020-04-26 05:50:33 +05:30
			`import (`
json-request option for request/response output in JSON matches 2020-07-15 13:38:45 +02:00			`"net/http"`
			`"net/http/httputil"`
Added executor + refactor 2020-04-26 05:50:33 +05:30			`"strings"`

Added json output support 2020-06-27 20:19:43 +05:30			`jsoniter "github.com/json-iterator/go"`
Finished executer for per-request execution 2020-04-26 06:33:59 +05:30			`"github.com/projectdiscovery/gologger"`
v2 update 2020-07-01 16:17:24 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/matchers"`
			`"github.com/projectdiscovery/nuclei/v2/pkg/requests"`
Added executor + refactor 2020-04-26 05:50:33 +05:30			`)`

Finished executer for per-request execution 2020-04-26 06:33:59 +05:30			`// writeOutputHTTP writes http output to streams`
adding payloads values to json output 2020-10-11 21:18:10 +02:00			`func (e HTTPExecuter) writeOutputHTTP(req requests.HTTPRequest, resp http.Response, body string, matcher matchers.Matcher, extractorResults []string, meta map[string]interface{}) {`
wip 2020-09-29 00:24:38 +02:00			`var URL string`
			`if req.RawRequest != nil {`
			`URL = req.RawRequest.FullURL`
			`}`
			`if req.Request != nil {`
			`URL = req.Request.URL.String()`
wip - partial implementation of full raw http 2020-09-28 02:17:35 +02:00			`}`
Added json output support 2020-06-27 20:19:43 +05:30
			`if e.jsonOutput {`
Added dynamic field in info key support 2020-10-19 11:37:58 +05:30			`output := make(jsonOutput)`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`output["matched"] = URL`
			`if !e.noMeta {`
			`output["template"] = e.template.ID`
			`output["type"] = "http"`
			`if len(meta) > 0 {`
			`output["meta"] = meta`
			`}`
			`for k, v := range e.template.Info {`
			`output[k] = v`
			`}`
			`if matcher != nil && len(matcher.Name) > 0 {`
			`output["matcher_name"] = matcher.Name`
			`}`
			`if len(extractorResults) > 0 {`
			`output["extracted_results"] = extractorResults`
json-request option for request/response output in JSON matches 2020-07-15 13:38:45 +02:00			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`// TODO: URL should be an argument`
			`if e.jsonRequest {`
			`dumpedRequest, err := requests.Dump(req, URL)`
			`if err != nil {`
			`gologger.Warningf("could not dump request: %s\n", err)`
			`} else {`
			`output["request"] = string(dumpedRequest)`
			`}`

			`dumpedResponse, err := httputil.DumpResponse(resp, false)`
			`if err != nil {`
			`gologger.Warningf("could not dump response: %s\n", err)`
			`} else {`
			`output["response"] = string(dumpedResponse) + body`
			`}`
json-request option for request/response output in JSON matches 2020-07-15 13:38:45 +02:00			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added json output support 2020-06-27 20:19:43 +05:30			`data, err := jsoniter.Marshal(output)`
			`if err != nil {`
			`gologger.Warningf("Could not marshal json output: %s\n", err)`
			`}`
			`gologger.Silentf("%s", string(data))`

			`if e.writer != nil {`
Fixed inconsistent output hopefully 2020-09-10 16:32:01 +05:30			`if err := e.writer.Write(data); err != nil {`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00			`gologger.Errorf("Could not write output data: %s\n", err)`
			`return`
			`}`
Added json output support 2020-06-27 20:19:43 +05:30			`}`
			`return`
			`}`

Added executor + refactor 2020-04-26 05:50:33 +05:30			`builder := &strings.Builder{}`
Add initial coloring support in output results 2020-07-29 00:43:05 +02:00			`colorizer := e.colorizer`
Added executor + refactor 2020-04-26 05:50:33 +05:30
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`if !e.noMeta {`
			`builder.WriteRune('[')`
			`builder.WriteString(colorizer.Colorizer.BrightGreen(e.template.ID).String())`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`if matcher != nil && len(matcher.Name) > 0 {`
			`builder.WriteString(":")`
			`builder.WriteString(colorizer.Colorizer.BrightGreen(matcher.Name).Bold().String())`
			`}`
Added executor + refactor 2020-04-26 05:50:33 +05:30
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`builder.WriteString("] [")`
			`builder.WriteString(colorizer.Colorizer.BrightBlue("http").String())`
Added severity to match output message Implements a new NewNucleiColorizer to colorize all nuclei messages (included severity). Fixes severity color is always colorized even with nocolor flag. 2020-09-19 14:43:35 +02:00			`builder.WriteString("] ")`

Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`if e.template.Info["severity"] != "" {`
			`builder.WriteString("[")`
			`builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info["severity"]))`
			`builder.WriteString("] ")`
			`}`
			`}`
removed formatting dirctive as string builder is used - Closes #220 2020-10-11 20:59:37 +02:00			`builder.WriteString(URL)`
Added executor + refactor 2020-04-26 05:50:33 +05:30
			`// If any extractors, write the results`
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`if len(extractorResults) > 0 && !e.noMeta {`
Added executor + refactor 2020-04-26 05:50:33 +05:30			`builder.WriteString(" [")`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added executor + refactor 2020-04-26 05:50:33 +05:30			`for i, result := range extractorResults {`
Added severity to match output message Implements a new NewNucleiColorizer to colorize all nuclei messages (included severity). Fixes severity color is always colorized even with nocolor flag. 2020-09-19 14:43:35 +02:00			`builder.WriteString(colorizer.Colorizer.BrightCyan(result).String())`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added executor + refactor 2020-04-26 05:50:33 +05:30			`if i != len(extractorResults)-1 {`
			`builder.WriteRune(',')`
			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added executor + refactor 2020-04-26 05:50:33 +05:30			`builder.WriteString("]")`
			`}`
added payload info to output 2020-05-14 18:09:36 +02:00
			`// write meta if any`
Added -no-meta flag to ignore meta 2020-10-20 01:57:38 +05:30			`if len(req.Meta) > 0 && !e.noMeta {`
added payload info to output 2020-05-14 18:09:36 +02:00			`builder.WriteString(" [")`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
added payload info to output 2020-05-14 18:09:36 +02:00			`var metas []string`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
added payload info to output 2020-05-14 18:09:36 +02:00			`for name, value := range req.Meta {`
Added severity to match output message Implements a new NewNucleiColorizer to colorize all nuclei messages (included severity). Fixes severity color is always colorized even with nocolor flag. 2020-09-19 14:43:35 +02:00			`metas = append(metas, colorizer.Colorizer.BrightYellow(name).Bold().String()+"="+colorizer.Colorizer.BrightYellow(value.(string)).String())`
added payload info to output 2020-05-14 18:09:36 +02:00			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
added payload info to output 2020-05-14 18:09:36 +02:00			`builder.WriteString(strings.Join(metas, ","))`
			`builder.WriteString("]")`
			`}`

Added executor + refactor 2020-04-26 05:50:33 +05:30			`builder.WriteRune('\n')`

Finished executer for per-request execution 2020-04-26 06:33:59 +05:30			`// Write output to screen as well as any output file`
			`message := builder.String()`
			`gologger.Silentf("%s", message)`

			`if e.writer != nil {`
Add initial coloring support in output results 2020-07-29 00:43:05 +02:00			`if e.coloredOutput {`
			`message = e.decolorizer.ReplaceAllString(message, "")`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Fixed inconsistent output hopefully 2020-09-10 16:32:01 +05:30			`if err := e.writer.WriteString(message); err != nil {`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00			`gologger.Errorf("Could not write output data: %s\n", err)`
			`return`
			`}`
Finished executer for per-request execution 2020-04-26 06:33:59 +05:30			`}`
Added executor + refactor 2020-04-26 05:50:33 +05:30			`}`