nuclei/v2/pkg/protocols/dns/request.go

package dns

import (
	"encoding/hex"
	"fmt"
	"net/url"

	"github.com/pkg/errors"

	"github.com/projectdiscovery/gologger"
	"github.com/projectdiscovery/nuclei/v2/pkg/output"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/eventcreator"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/responsehighlighter"
	templateTypes "github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
	"github.com/projectdiscovery/retryabledns"
)

var _ protocols.Request = &Request{}

// Type returns the type of the protocol request
func (request *Request) Type() templateTypes.ProtocolType {
	return templateTypes.DNSProtocol
}

// ExecuteWithResults executes the protocol requests and returns results instead of writing them.
func (request *Request) ExecuteWithResults(input string, metadata /*TODO review unused parameter*/, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
	// Parse the URL and return domain if URL.
	var domain string
	if utils.IsURL(input) {
		domain = extractDomain(input)
	} else {
		domain = input
	}

	// Compile each request for the template based on the URL
	compiledRequest, err := request.Make(domain)
	if err != nil {
		request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)
		request.options.Progress.IncrementFailedRequestsBy(1)
		return errors.Wrap(err, "could not build request")
	}

	dnsClient := request.dnsClient
	if varErr := expressions.ContainsUnresolvedVariables(request.Resolvers...); varErr != nil {
		if dnsClient, varErr = request.getDnsClient(request.options, metadata); varErr != nil {
			gologger.Warning().Msgf("[%s] Could not make dns request for %s: %v\n", request.options.TemplateID, domain, varErr)
			return nil
		}
	}

	requestString := compiledRequest.String()
	if varErr := expressions.ContainsUnresolvedVariables(requestString); varErr != nil {
		gologger.Warning().Msgf("[%s] Could not make dns request for %s: %v\n", request.options.TemplateID, domain, varErr)
		return nil
	}
	if request.options.Options.Debug || request.options.Options.DebugRequests || request.options.Options.StoreResponse {
		msg := fmt.Sprintf("[%s] Dumped DNS request for %s", request.options.TemplateID, domain)
		if request.options.Options.Debug || request.options.Options.DebugRequests {
			gologger.Info().Str("domain", domain).Msgf(msg)
			gologger.Print().Msgf("%s", requestString)
		}
		if request.options.Options.StoreResponse {
			request.options.Output.WriteStoreDebugData(domain, request.options.TemplateID, request.Type().String(), fmt.Sprintf("%s\n%s", msg, requestString))
		}
	}

	// Send the request to the target servers
	response, err := dnsClient.Do(compiledRequest)
	if err != nil {
		request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)
		request.options.Progress.IncrementFailedRequestsBy(1)
	}
	if response == nil {
		return errors.Wrap(err, "could not send dns request")
	}
	request.options.Progress.IncrementRequests()

	request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)
	gologger.Verbose().Msgf("[%s] Sent DNS request to %s\n", request.options.TemplateID, domain)

	// perform trace if necessary
	var traceData *retryabledns.TraceData
	if request.Trace {
		traceData, err = request.dnsClient.Trace(domain, request.question, request.TraceMaxRecursion)
		if err != nil {
			request.options.Output.Request(request.options.TemplatePath, domain, "dns", err)
		}
	}

	outputEvent := request.responseToDSLMap(compiledRequest, response, input, input, traceData)
	for k, v := range previous {
		outputEvent[k] = v
	}

	event := eventcreator.CreateEvent(request, outputEvent, request.options.Options.Debug || request.options.Options.DebugResponse)
	// TODO: dynamic values are not supported yet

	dumpResponse(event, request, response.String(), domain)
	if request.Trace {
		dumpTraceData(event, request.options, traceToString(traceData, true), domain)
	}

	callback(event)
	return nil
}

func dumpResponse(event *output.InternalWrappedEvent, request *Request, response, domain string) {
	cliOptions := request.options.Options
	if cliOptions.Debug || cliOptions.DebugResponse || cliOptions.StoreResponse {
		hexDump := false
		if responsehighlighter.HasBinaryContent(response) {
			hexDump = true
			response = hex.Dump([]byte(response))
		}
		highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, response, cliOptions.NoColor, hexDump)
		msg := fmt.Sprintf("[%s] Dumped DNS response for %s\n\n%s", request.options.TemplateID, domain, highlightedResponse)
		if cliOptions.Debug || cliOptions.DebugResponse {
			gologger.Debug().Msg(msg)
		}
		if cliOptions.StoreResponse {
			request.options.Output.WriteStoreDebugData(domain, request.options.TemplateID, request.Type().String(), msg)
		}
	}
}

func dumpTraceData(event *output.InternalWrappedEvent, requestOptions *protocols.ExecuterOptions, traceData, domain string) {
	cliOptions := requestOptions.Options
	if cliOptions.Debug || cliOptions.DebugResponse {
		hexDump := false
		if responsehighlighter.HasBinaryContent(traceData) {
			hexDump = true
			traceData = hex.Dump([]byte(traceData))
		}
		highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, traceData, cliOptions.NoColor, hexDump)
		gologger.Debug().Msgf("[%s] Dumped DNS Trace data for %s\n\n%s", requestOptions.TemplateID, domain, highlightedResponse)
	}
}

// extractDomain extracts the domain name of a URL
func extractDomain(theURL string) string {
	u, err := url.Parse(theURL)
	if err != nil {
		return ""
	}
	return u.Hostname()
}
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`package dns`

			`import (`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`"encoding/hex"`
Issue 1705 save responses on disk (#1727) * save response on disk * lint error check * store raw request/response * lint error fix * file path * mock test fix * readme update * .txt extension Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 14:29:02 -05:00			`"fmt"`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`"net/url"`

			`"github.com/pkg/errors"`
[feature] Add coloring to debug information #999 [WIP] TODO: * if there are multiple matchers, make sure the response is only displayed once, with all the matching values colored * remove code duplication from the request.go files 2021-09-29 19:43:46 +03:00
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`"github.com/projectdiscovery/gologger"`
			`"github.com/projectdiscovery/nuclei/v2/pkg/output"`
More improvements, adding metadata for state between requests 2020-12-25 20:39:09 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols"`
Do not show AND matcher information in the command line output if debug is not enabled #1081 2021-10-12 20:06:55 +03:00			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions"`
[feature] Add coloring to debug information #999 * extracted common logic and made sure that all requests implement the same interface 2021-10-01 16:52:38 +03:00			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/eventcreator"`
[feature] Add coloring to debug information #999 * remove some of the code duplication with a different approach 2021-10-01 14:24:45 +03:00			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/helpers/responsehighlighter"`
Moved to an enum for TemplateType in protocols 2021-11-03 19:53:45 +05:30			`templateTypes "github.com/projectdiscovery/nuclei/v2/pkg/templates/types"`
* Add support to run remote template * Add remote-template-domain config only flag to specify allowed domain list to load remote templates from 2022-01-12 18:33:17 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/utils"`
refactor: uniformly sorted imports 2021-11-25 17:09:20 +02:00			`"github.com/projectdiscovery/retryabledns"`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`)`

More improvements, adding metadata for state between requests 2020-12-25 20:39:09 +05:30			`var _ protocols.Request = &Request{}`

Moved to an enum for TemplateType in protocols 2021-11-03 19:53:45 +05:30			`// Type returns the type of the protocol request`
			`func (request *Request) Type() templateTypes.ProtocolType {`
			`return templateTypes.DNSProtocol`
			`}`

Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`// ExecuteWithResults executes the protocol requests and returns results instead of writing them.`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 14:30:04 +03:00			`func (request Request) ExecuteWithResults(input string, metadata /TODO review unused parameter*/, previous output.InternalEvent, callback protocols.OutputEventCallback) error {`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`// Parse the URL and return domain if URL.`
			`var domain string`
* Add support to run remote template * Add remote-template-domain config only flag to specify allowed domain list to load remote templates from 2022-01-12 18:33:17 +05:30			`if utils.IsURL(input) {`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`domain = extractDomain(input)`
			`} else {`
			`domain = input`
			`}`

			`// Compile each request for the template based on the URL`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 14:30:04 +03:00			`compiledRequest, err := request.Make(domain)`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`if err != nil {`
Made code changes as per review comments 2021-11-05 03:01:41 +05:30			`request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 14:30:04 +03:00			`request.options.Progress.IncrementFailedRequestsBy(1)`
Added support for output streaming in nuclei 2021-01-01 19:36:21 +05:30			`return errors.Wrap(err, "could not build request")`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`}`

Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`dnsClient := request.dnsClient`
			`if varErr := expressions.ContainsUnresolvedVariables(request.Resolvers...); varErr != nil {`
			`if dnsClient, varErr = request.getDnsClient(request.options, metadata); varErr != nil {`
			`gologger.Warning().Msgf("[%s] Could not make dns request for %s: %v\n", request.options.TemplateID, domain, varErr)`
			`return nil`
			`}`
			`}`

Added variable check to dns protocol 2021-10-07 19:38:31 +05:30			`requestString := compiledRequest.String()`
Misc 2021-10-07 19:40:16 +05:30			`if varErr := expressions.ContainsUnresolvedVariables(requestString); varErr != nil {`
Merge remote-tracking branch 'origin/dev' into colorize_responses 2021-10-11 13:58:20 +03:00			`gologger.Warning().Msgf("[%s] Could not make dns request for %s: %v\n", request.options.TemplateID, domain, varErr)`
Added variable check to dns protocol 2021-10-07 19:38:31 +05:30			`return nil`
			`}`
Issue 1705 save responses on disk (#1727) * save response on disk * lint error check * store raw request/response * lint error fix * file path * mock test fix * readme update * .txt extension Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 14:29:02 -05:00			`if request.options.Options.Debug \|\| request.options.Options.DebugRequests \|\| request.options.Options.StoreResponse {`
			`msg := fmt.Sprintf("[%s] Dumped DNS request for %s", request.options.TemplateID, domain)`
			`if request.options.Options.Debug \|\| request.options.Options.DebugRequests {`
			`gologger.Info().Str("domain", domain).Msgf(msg)`
			`gologger.Print().Msgf("%s", requestString)`
			`}`
			`if request.options.Options.StoreResponse {`
			`request.options.Output.WriteStoreDebugData(domain, request.options.TemplateID, request.Type().String(), fmt.Sprintf("%s\n%s", msg, requestString))`
			`}`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`}`

			`// Send the request to the target servers`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`response, err := dnsClient.Do(compiledRequest)`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`if err != nil {`
Made code changes as per review comments 2021-11-05 03:01:41 +05:30			`request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 14:30:04 +03:00			`request.options.Progress.IncrementFailedRequestsBy(1)`
Fixed retries in DNS requests failing 2021-03-14 01:01:32 +05:30			`}`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`if response == nil {`
Added support for output streaming in nuclei 2021-01-01 19:36:21 +05:30			`return errors.Wrap(err, "could not send dns request")`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`}`
[feature] Add coloring to debug information #999 * corrected/renamed receivers from one character names to human-readable format 2021-10-01 14:30:04 +03:00			`request.options.Progress.IncrementRequests()`
Finalized first iteration of execution groups + protocols 2020-12-25 20:33:52 +05:30
Made code changes as per review comments 2021-11-05 03:01:41 +05:30			`request.options.Output.Request(request.options.TemplatePath, domain, request.Type().String(), err)`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`gologger.Verbose().Msgf("[%s] Sent DNS request to %s\n", request.options.TemplateID, domain)`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`// perform trace if necessary`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`var traceData *retryabledns.TraceData`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if request.Trace {`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`traceData, err = request.dnsClient.Trace(domain, request.question, request.TraceMaxRecursion)`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if err != nil {`
			`request.options.Output.Request(request.options.TemplatePath, domain, "dns", err)`
			`}`
			`}`

refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`outputEvent := request.responseToDSLMap(compiledRequest, response, input, input, traceData)`
Added multi-request condition support 2021-01-16 14:10:24 +05:30			`for k, v := range previous {`
			`outputEvent[k] = v`
			`}`
Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30
Do not show AND matcher information in the command line output if debug is not enabled #1081 2021-10-12 20:06:55 +03:00			`event := eventcreator.CreateEvent(request, outputEvent, request.options.Options.Debug \|\| request.options.Options.DebugResponse)`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`// TODO: dynamic values are not supported yet`
[feature] Add coloring to debug information #999 * remove some of the code duplication with a different approach 2021-10-01 14:24:45 +03:00
Issue 1705 save responses on disk (#1727) * save response on disk * lint error check * store raw request/response * lint error fix * file path * mock test fix * readme update * .txt extension Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 14:29:02 -05:00			`dumpResponse(event, request, response.String(), domain)`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if request.Trace {`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`dumpTraceData(event, request.options, traceToString(traceData, true), domain)`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`}`
[feature] Add coloring to debug information #999 [WIP] TODO: * if there are multiple matchers, make sure the response is only displayed once, with all the matching values colored * remove code duplication from the request.go files 2021-09-29 19:43:46 +03:00
			`callback(event)`
			`return nil`
			`}`

Issue 1705 save responses on disk (#1727) * save response on disk * lint error check * store raw request/response * lint error fix * file path * mock test fix * readme update * .txt extension Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 14:29:02 -05:00			`func dumpResponse(event output.InternalWrappedEvent, request Request, response, domain string) {`
			`cliOptions := request.options.Options`
			`if cliOptions.Debug \|\| cliOptions.DebugResponse \|\| cliOptions.StoreResponse {`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`hexDump := false`
refactor: In case of binary data, show a hexadecimal view as well #1080 * small enhancements with regards to dumping responses 2021-11-01 20:45:54 +02:00			`if responsehighlighter.HasBinaryContent(response) {`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`hexDump = true`
			`response = hex.Dump([]byte(response))`
			`}`
refactor: In case of binary data, show a hexadecimal view as well #1080 * small enhancements with regards to dumping responses 2021-11-01 20:45:54 +02:00			`highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, response, cliOptions.NoColor, hexDump)`
Issue 1705 save responses on disk (#1727) * save response on disk * lint error check * store raw request/response * lint error fix * file path * mock test fix * readme update * .txt extension Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 14:29:02 -05:00			`msg := fmt.Sprintf("[%s] Dumped DNS response for %s\n\n%s", request.options.TemplateID, domain, highlightedResponse)`
			`if cliOptions.Debug \|\| cliOptions.DebugResponse {`
			`gologger.Debug().Msg(msg)`
			`}`
			`if cliOptions.StoreResponse {`
			`request.options.Output.WriteStoreDebugData(domain, request.options.TemplateID, request.Type().String(), msg)`
			`}`
feat: In case of binary data, show a hexadecimal view as well #1080 2021-10-30 13:17:47 +03:00			`}`
			`}`

refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`func dumpTraceData(event output.InternalWrappedEvent, requestOptions protocols.ExecuterOptions, traceData, domain string) {`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`cliOptions := requestOptions.Options`
			`if cliOptions.Debug \|\| cliOptions.DebugResponse {`
			`hexDump := false`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`if responsehighlighter.HasBinaryContent(traceData) {`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`hexDump = true`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`traceData = hex.Dump([]byte(traceData))`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`}`
refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00			`highlightedResponse := responsehighlighter.Highlight(event.OperatorsResult, traceData, cliOptions.NoColor, hexDump)`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`gologger.Debug().Msgf("[%s] Dumped DNS Trace data for %s\n\n%s", requestOptions.TemplateID, domain, highlightedResponse)`
			`}`
			`}`

Modelling the data flow process and operations for executers 2020-12-25 02:24:55 +05:30			`// extractDomain extracts the domain name of a URL`
			`func extractDomain(theURL string) string {`
			`u, err := url.Parse(theURL)`
			`if err != nil {`
			`return ""`
			`}`
			`return u.Hostname()`
			`}`