nuclei/v2/pkg/extractors/extract.go

package extractors

import (
	"net/http"
	"strings"

	"github.com/miekg/dns"
)

// Extract extracts response from the parts of request using a regex
func (e *Extractor) Extract(resp *http.Response, body, headers string) map[string]struct{} {
	switch e.extractorType {
	case RegexExtractor:
		if e.part == BodyPart {
			return e.extractRegex(body)
		} else if e.part == HeaderPart {
			return e.extractRegex(headers)
		} else {
			matches := e.extractRegex(headers)
			if len(matches) > 0 {
				return matches
			}
			return e.extractRegex(body)
		}
	case KValExtractor:
		if e.part == HeaderPart {
			return e.extractKVal(resp)
		} else {
			matches := e.extractKVal(resp)
			if len(matches) > 0 {
				return matches
			}
			return e.extractInlineKVal(resp, "cookies")
		}
	}

	return nil
}

// ExtractDNS extracts response from dns message using a regex
func (e *Extractor) ExtractDNS(msg *dns.Msg) map[string]struct{} {
	switch e.extractorType {
	case RegexExtractor:
		return e.extractRegex(msg.String())
	case KValExtractor:
	}

	return nil
}

// extractRegex extracts text from a corpus and returns it
func (e *Extractor) extractRegex(corpus string) map[string]struct{} {
	results := make(map[string]struct{})
	for _, regex := range e.regexCompiled {
		matches := regex.FindAllString(corpus, -1)
		for _, match := range matches {
			results[match] = struct{}{}
		}
	}
	return results
}

// extractKVal extracts text from http response
func (e *Extractor) extractKVal(r *http.Response) map[string]struct{} {
	results := make(map[string]struct{})
	for _, k := range e.KVal {
		for _, v := range r.Header.Values(k) {
			results[v] = struct{}{}
		}
	}
	return results
}

// extractInlineKVal extracts text from inline corpus
func (e *Extractor) extractInlineKVal(r *http.Response, key string) map[string]struct{} {
	results := make(map[string]struct{})
	for _, v := range r.Header.Values(key) {
		for _, token := range strings.Split(v, " ") {
			semicolon := strings.Index(token, ":")
			key, value := token[:semicolon], token[semicolon:]
			for _, k := range e.KVal {
				if key == k {
					results[value] = struct{}{}
				}
			}
		}
	}
	return results
}
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`package extractors`

finalized + corrected typo 2020-07-16 10:32:00 +02:00			`import (`
			`"net/http"`
			`"strings"`

			`"github.com/miekg/dns"`
			`)`

Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`// Extract extracts response from the parts of request using a regex`
finalized + corrected typo 2020-07-16 10:32:00 +02:00			`func (e Extractor) Extract(resp http.Response, body, headers string) map[string]struct{} {`
prototyping 2020-07-15 00:47:01 +02:00			`switch e.extractorType {`
			`case RegexExtractor:`
			`if e.part == BodyPart {`
			`return e.extractRegex(body)`
			`} else if e.part == HeaderPart {`
			`return e.extractRegex(headers)`
			`} else {`
			`matches := e.extractRegex(headers)`
			`if len(matches) > 0 {`
			`return matches`
			`}`
			`return e.extractRegex(body)`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`}`
prototyping 2020-07-15 00:47:01 +02:00			`case KValExtractor:`
finalized + corrected typo 2020-07-16 10:32:00 +02:00			`if e.part == HeaderPart {`
			`return e.extractKVal(resp)`
			`} else {`
			`matches := e.extractKVal(resp)`
			`if len(matches) > 0 {`
			`return matches`
			`}`
			`return e.extractInlineKVal(resp, "cookies")`
			`}`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`}`
prototyping 2020-07-15 00:47:01 +02:00
			`return nil`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`}`

poc implementation of dns templating 2020-04-22 22:45:02 +02:00			`// ExtractDNS extracts response from dns message using a regex`
finalized + corrected typo 2020-07-16 10:32:00 +02:00			`func (e Extractor) ExtractDNS(msg dns.Msg) map[string]struct{} {`
prototyping 2020-07-15 00:47:01 +02:00			`switch e.extractorType {`
			`case RegexExtractor:`
finalized + corrected typo 2020-07-16 10:32:00 +02:00			`return e.extractRegex(msg.String())`
prototyping 2020-07-15 00:47:01 +02:00			`case KValExtractor:`
			`}`

			`return nil`
poc implementation of dns templating 2020-04-22 22:45:02 +02:00			`}`

Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`// extractRegex extracts text from a corpus and returns it`
Added unique regex values support 2020-04-27 23:34:08 +05:30			`func (e *Extractor) extractRegex(corpus string) map[string]struct{} {`
			`results := make(map[string]struct{})`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`for _, regex := range e.regexCompiled {`
Added unique regex values support 2020-04-27 23:34:08 +05:30			`matches := regex.FindAllString(corpus, -1)`
			`for _, match := range matches {`
			`results[match] = struct{}{}`
			`}`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`}`
			`return results`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`}`
finalized + corrected typo 2020-07-16 10:32:00 +02:00
			`// extractKVal extracts text from http response`
			`func (e Extractor) extractKVal(r http.Response) map[string]struct{} {`
			`results := make(map[string]struct{})`
			`for _, k := range e.KVal {`
			`for _, v := range r.Header.Values(k) {`
			`results[v] = struct{}{}`
			`}`
			`}`
			`return results`
			`}`

			`// extractInlineKVal extracts text from inline corpus`
			`func (e Extractor) extractInlineKVal(r http.Response, key string) map[string]struct{} {`
			`results := make(map[string]struct{})`
			`for _, v := range r.Header.Values(key) {`
			`for _, token := range strings.Split(v, " ") {`
			`semicolon := strings.Index(token, ":")`
			`key, value := token[:semicolon], token[semicolon:]`
			`for _, k := range e.KVal {`
			`if key == k {`
			`results[value] = struct{}{}`
			`}`
			`}`
			`}`
			`}`
			`return results`
			`}`