nuclei/v2/pkg/protocols/common/protocolstate/state.go

package protocolstate

import (
	"fmt"
	"net"
	"net/url"

	"github.com/pkg/errors"
	"golang.org/x/net/proxy"

	"github.com/projectdiscovery/fastdialer/fastdialer"
	"github.com/projectdiscovery/networkpolicy"
	"github.com/projectdiscovery/nuclei/v2/pkg/types"
)

// Dialer is a shared fastdialer instance for host DNS resolution
var Dialer *fastdialer.Dialer

// Init creates the Dialer instance based on user configuration
func Init(options *types.Options) error {
	if Dialer != nil {
		return nil
	}
	opts := fastdialer.DefaultOptions

	switch {
	case options.SourceIP != "" && options.Interface != "":
		isAssociated, err := isIpAssociatedWithInterface(options.SourceIP, options.Interface)
		if err != nil {
			return err
		}
		if isAssociated {
			opts.Dialer = &net.Dialer{
				LocalAddr: &net.TCPAddr{
					IP: net.ParseIP(options.SourceIP),
				},
			}
		} else {
			return fmt.Errorf("source ip (%s) is not associated with the interface (%s)", options.SourceIP, options.Interface)
		}
	case options.SourceIP != "":
		isAssociated, err := isIpAssociatedWithInterface(options.SourceIP, "any")
		if err != nil {
			return err
		}
		if isAssociated {
			opts.Dialer = &net.Dialer{
				LocalAddr: &net.TCPAddr{
					IP: net.ParseIP(options.SourceIP),
				},
			}
		} else {
			return fmt.Errorf("source ip (%s) is not associated with any network interface", options.SourceIP)
		}
	case options.Interface != "":
		ifadrr, err := interfaceAddress(options.Interface)
		if err != nil {
			return err
		}
		opts.Dialer = &net.Dialer{
			LocalAddr: &net.TCPAddr{
				IP: ifadrr,
			},
		}
	}
	if types.ProxySocksURL != "" {
		proxyURL, err := url.Parse(types.ProxySocksURL)
		if err != nil {
			return err
		}
		var forward *net.Dialer
		if opts.Dialer != nil {
			forward = opts.Dialer
		} else {
			forward = &net.Dialer{
				Timeout:   opts.DialerTimeout,
				KeepAlive: opts.DialerKeepAlive,
				DualStack: true,
			}
		}
		dialer, err := proxy.FromURL(proxyURL, forward)
		if err != nil {
			return err
		}
		opts.ProxyDialer = &dialer
	}

	if options.SystemResolvers {
		opts.EnableFallback = true
	}
	if options.ResolversFile != "" {
		opts.BaseResolvers = options.InternalResolversList
	}
	if options.Sandbox {
		opts.Deny = append(networkpolicy.DefaultIPv4DenylistRanges, networkpolicy.DefaultIPv6DenylistRanges...)
	}
	opts.WithDialerHistory = true
	opts.WithZTLS = options.ZTLS
	opts.SNIName = options.SNI
	dialer, err := fastdialer.NewDialer(opts)
	if err != nil {
		return errors.Wrap(err, "could not create dialer")
	}
	Dialer = dialer
	return nil
}

// isIpAssociatedWithInterface checks if the given IP is associated with the given interface.
func isIpAssociatedWithInterface(souceIP, interfaceName string) (bool, error) {
	addrs, err := interfaceAddresses(interfaceName)
	if err != nil {
		return false, err
	}
	for _, addr := range addrs {
		if ipnet, ok := addr.(*net.IPNet); ok {
			if ipnet.IP.String() == souceIP {
				return true, nil
			}
		}
	}
	return false, nil
}

// interfaceAddress returns the first IPv4 address of the given interface.
func interfaceAddress(interfaceName string) (net.IP, error) {
	addrs, err := interfaceAddresses(interfaceName)
	if err != nil {
		return nil, err
	}
	var address net.IP
	for _, addr := range addrs {
		if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {
			if ipnet.IP.To4() != nil {
				address = ipnet.IP
			}
		}
	}
	if address == nil {
		return nil, fmt.Errorf("no suitable address found for interface: `%s`", interfaceName)
	}
	return address, nil
}

// interfaceAddresses returns all interface addresses.
func interfaceAddresses(interfaceName string) ([]net.Addr, error) {
	if interfaceName == "any" {
		return net.InterfaceAddrs()
	}
	ief, err := net.InterfaceByName(interfaceName)
	if err != nil {
		return nil, errors.Wrapf(err, "failed to get interface: `%s`", interfaceName)
	}
	addrs, err := ief.Addrs()
	if err != nil {
		return nil, errors.Wrapf(err, "failed to get interface addresses for: `%s`", interfaceName)
	}
	return addrs, nil
}

// Close closes the global shared fastdialer
func Close() {
	if Dialer != nil {
		Dialer.Close()
	}
}
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`package protocolstate`

			`import (`
add option to specify network interface (#2384) * add option to specify network interface * add source-ip flag * fix typo * fix err return * readme update Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-08-25 17:42:35 +05:30			`"fmt"`
			`"net"`
add proxy support at dialer level (#2549) * add proxy support at dailer level * add forward dialer to proxy 2022-09-16 21:36:17 +05:30			`"net/url"`
add option to specify network interface (#2384) * add option to specify network interface * add source-ip flag * fix typo * fix err return * readme update Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-08-25 17:42:35 +05:30
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`"github.com/pkg/errors"`
add proxy support at dialer level (#2549) * add proxy support at dailer level * add forward dialer to proxy 2022-09-16 21:36:17 +05:30			`"golang.org/x/net/proxy"`
refactor: uniformly sorted imports 2021-11-25 17:09:20 +02:00
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`"github.com/projectdiscovery/fastdialer/fastdialer"`
Added sandboxing for payload files and requests 2022-11-16 13:49:24 +05:30			`"github.com/projectdiscovery/networkpolicy"`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`"github.com/projectdiscovery/nuclei/v2/pkg/types"`
			`)`

Lint issues fixes 2021-06-14 17:14:16 +05:30			`// Dialer is a shared fastdialer instance for host DNS resolution`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`var Dialer *fastdialer.Dialer`

Lint issues fixes 2021-06-14 17:14:16 +05:30			`// Init creates the Dialer instance based on user configuration`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`func Init(options *types.Options) error {`
protect against multiple unnecessary Init calls 2022-06-09 17:18:49 -05:00			`if Dialer != nil {`
			`return nil`
			`}`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`opts := fastdialer.DefaultOptions`
add option to specify network interface (#2384) * add option to specify network interface * add source-ip flag * fix typo * fix err return * readme update Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-08-25 17:42:35 +05:30
			`switch {`
			`case options.SourceIP != "" && options.Interface != "":`
			`isAssociated, err := isIpAssociatedWithInterface(options.SourceIP, options.Interface)`
			`if err != nil {`
			`return err`
			`}`
			`if isAssociated {`
			`opts.Dialer = &net.Dialer{`
			`LocalAddr: &net.TCPAddr{`
			`IP: net.ParseIP(options.SourceIP),`
			`},`
			`}`
			`} else {`
			`return fmt.Errorf("source ip (%s) is not associated with the interface (%s)", options.SourceIP, options.Interface)`
			`}`
			`case options.SourceIP != "":`
			`isAssociated, err := isIpAssociatedWithInterface(options.SourceIP, "any")`
			`if err != nil {`
			`return err`
			`}`
			`if isAssociated {`
			`opts.Dialer = &net.Dialer{`
			`LocalAddr: &net.TCPAddr{`
			`IP: net.ParseIP(options.SourceIP),`
			`},`
			`}`
			`} else {`
			`return fmt.Errorf("source ip (%s) is not associated with any network interface", options.SourceIP)`
			`}`
			`case options.Interface != "":`
			`ifadrr, err := interfaceAddress(options.Interface)`
			`if err != nil {`
			`return err`
			`}`
			`opts.Dialer = &net.Dialer{`
			`LocalAddr: &net.TCPAddr{`
			`IP: ifadrr,`
			`},`
			`}`
			`}`
add proxy support at dialer level (#2549) * add proxy support at dailer level * add forward dialer to proxy 2022-09-16 21:36:17 +05:30			`if types.ProxySocksURL != "" {`
			`proxyURL, err := url.Parse(types.ProxySocksURL)`
			`if err != nil {`
			`return err`
			`}`
			`var forward *net.Dialer`
			`if opts.Dialer != nil {`
			`forward = opts.Dialer`
			`} else {`
			`forward = &net.Dialer{`
			`Timeout: opts.DialerTimeout,`
			`KeepAlive: opts.DialerKeepAlive,`
			`DualStack: true,`
			`}`
			`}`
			`dialer, err := proxy.FromURL(proxyURL, forward)`
			`if err != nil {`
			`return err`
			`}`
			`opts.ProxyDialer = &dialer`
			`}`
add option to specify network interface (#2384) * add option to specify network interface * add source-ip flag * fix typo * fix err return * readme update Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-08-25 17:42:35 +05:30
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`if options.SystemResolvers {`
			`opts.EnableFallback = true`
			`}`
			`if options.ResolversFile != "" {`
			`opts.BaseResolvers = options.InternalResolversList`
			`}`
Added sandboxing for payload files and requests 2022-11-16 13:49:24 +05:30			`if options.Sandbox {`
			`opts.Deny = append(networkpolicy.DefaultIPv4DenylistRanges, networkpolicy.DefaultIPv6DenylistRanges...)`
			`}`
fix #1220: no ip returned for dialers 2021-11-22 09:51:13 +05:30			`opts.WithDialerHistory = true`
making ztls global and optional 2022-01-25 20:48:21 +01:00			`opts.WithZTLS = options.ZTLS`
Adding SNI override via request annotations (#1970) * Adding SNI override via request annotations * adding cli flag priority 2022-05-12 13:13:56 +02:00			`opts.SNIName = options.SNI`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`dialer, err := fastdialer.NewDialer(opts)`
			`if err != nil {`
Fixed lint errors 2021-04-19 00:55:33 +05:30			`return errors.Wrap(err, "could not create dialer")`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`}`
			`Dialer = dialer`
			`return nil`
			`}`

add option to specify network interface (#2384) * add option to specify network interface * add source-ip flag * fix typo * fix err return * readme update Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-08-25 17:42:35 +05:30			`// isIpAssociatedWithInterface checks if the given IP is associated with the given interface.`
			`func isIpAssociatedWithInterface(souceIP, interfaceName string) (bool, error) {`
			`addrs, err := interfaceAddresses(interfaceName)`
			`if err != nil {`
			`return false, err`
			`}`
			`for _, addr := range addrs {`
			`if ipnet, ok := addr.(*net.IPNet); ok {`
			`if ipnet.IP.String() == souceIP {`
			`return true, nil`
			`}`
			`}`
			`}`
			`return false, nil`
			`}`

			`// interfaceAddress returns the first IPv4 address of the given interface.`
			`func interfaceAddress(interfaceName string) (net.IP, error) {`
			`addrs, err := interfaceAddresses(interfaceName)`
			`if err != nil {`
			`return nil, err`
			`}`
			`var address net.IP`
			`for _, addr := range addrs {`
			`if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {`
			`if ipnet.IP.To4() != nil {`
			`address = ipnet.IP`
			`}`
			`}`
			`}`
			`if address == nil {`
			return nil, fmt.Errorf("no suitable address found for interface: `%s`", interfaceName)
			`}`
			`return address, nil`
			`}`

			`// interfaceAddresses returns all interface addresses.`
			`func interfaceAddresses(interfaceName string) ([]net.Addr, error) {`
			`if interfaceName == "any" {`
			`return net.InterfaceAddrs()`
			`}`
			`ief, err := net.InterfaceByName(interfaceName)`
			`if err != nil {`
			return nil, errors.Wrapf(err, "failed to get interface: `%s`", interfaceName)
			`}`
			`addrs, err := ief.Addrs()`
			`if err != nil {`
			return nil, errors.Wrapf(err, "failed to get interface addresses for: `%s`", interfaceName)
			`}`
			`return addrs, nil`
			`}`

Lint issues fixes 2021-06-14 17:14:16 +05:30			`// Close closes the global shared fastdialer`
adding shared fastdialer + missing cleanup 2021-04-18 11:57:43 +02:00			`func Close() {`
			`if Dialer != nil {`
			`Dialer.Close()`
			`}`
			`}`