nuclei/integration_tests/protocols/network/net-https-timeout.yaml

id: net-https-timeout

info:
  name: Example Network template which times out
  author: pdteam
  severity: high
  description: Example Network template to send HTTPS request which times out


tcp:
  - host: 
      - "tls://{{Hostname}}"
    port: 443
    inputs:
      # noticable difference between this and net-https.yaml is that here we don't send the Connection: close header
      # and hence connection will remain open until server closes it. This can be a DOS vector in nuclei
      # as it waits for server to close the connection. now we have set a default timeout of 5 seconds and if server responds but doesn't close the connection
      # then nuclei will close connection but doesn't fail the request since we already have response data from server
      # this feature is only required for `read-all: true` to work properly
      - data: "GET / HTTP/1.1\r\nHost: {{Hostname}}\r\n\r\n"
    read-all: true
    extractors:
    - type: dsl
      dsl:
        - "len(data)"
bug fixes in js , network protocol and flow (#4313) * fix net read * only return N bytes if extra available * use ConnReadN from readerutil * add integration test * print unsigned warning in stderr * fix js protocol in flow #4318 * fix integration test: url encoding issue * fix network protocol issue + integration tests * multiple improvements to integration test * replace all conn.Read() from tests * disable network-basic.yaml in windows * disable code protocol in win CI * fix bitwise login ps1-snippet.yaml * hide previous matcher events in flow * remove dead code+ update integration tests --------- Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2023-11-02 13:33:40 +05:30			`id: net-https-timeout`

			`info:`
			`name: Example Network template which times out`
			`author: pdteam`
			`severity: high`
			`description: Example Network template to send HTTPS request which times out`


			`tcp:`
			`- host:`
			`- "tls://{{Hostname}}"`
			`port: 443`
			`inputs:`
			`# noticable difference between this and net-https.yaml is that here we don't send the Connection: close header`
			`# and hence connection will remain open until server closes it. This can be a DOS vector in nuclei`
			`# as it waits for server to close the connection. now we have set a default timeout of 5 seconds and if server responds but doesn't close the connection`
			`# then nuclei will close connection but doesn't fail the request since we already have response data from server`
			# this feature is only required for `read-all: true` to work properly
			`- data: "GET / HTTP/1.1\r\nHost: {{Hostname}}\r\n\r\n"`
			`read-all: true`
			`extractors:`
			`- type: dsl`
			`dsl:`
			`- "len(data)"`