2021-02-27 20:54:22 +05:30
package main
import (
"fmt"
2022-10-03 12:12:20 +02:00
"io"
2021-02-27 20:54:22 +05:30
"net/http"
"net/http/httptest"
2024-04-12 00:50:11 +02:00
"strings"
2021-02-27 20:54:22 +05:30
"github.com/julienschmidt/httprouter"
2021-09-03 17:25:50 +03:00
2023-10-17 17:44:13 +05:30
"github.com/projectdiscovery/nuclei/v3/pkg/testutils"
2021-02-27 20:54:22 +05:30
)
2023-07-28 18:50:57 +03:00
var workflowTestcases = [ ] TestCaseInfo {
{ Path : "workflow/basic.yaml" , TestCase : & workflowBasic { } } ,
{ Path : "workflow/condition-matched.yaml" , TestCase : & workflowConditionMatched { } } ,
{ Path : "workflow/condition-unmatched.yaml" , TestCase : & workflowConditionUnmatch { } } ,
{ Path : "workflow/matcher-name.yaml" , TestCase : & workflowMatcherName { } } ,
2024-04-12 00:50:11 +02:00
{ Path : "workflow/complex-conditions.yaml" , TestCase : & workflowComplexConditions { } } ,
2023-07-28 18:50:57 +03:00
{ Path : "workflow/http-value-share-workflow.yaml" , TestCase : & workflowHttpKeyValueShare { } } ,
{ Path : "workflow/dns-value-share-workflow.yaml" , TestCase : & workflowDnsKeyValueShare { } } ,
{ Path : "workflow/shared-cookie.yaml" , TestCase : & workflowSharedCookies { } } ,
2021-02-27 20:54:22 +05:30
}
type workflowBasic struct { }
2021-09-03 17:25:50 +03:00
// Execute executes a test case and returns an error if occurred
2021-02-27 20:54:22 +05:30
func ( h * workflowBasic ) Execute ( filePath string ) error {
router := httprouter . New ( )
2021-08-31 12:55:52 +03:00
router . GET ( "/" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
2021-02-27 20:54:22 +05:30
fmt . Fprintf ( w , "This is test matcher text" )
2021-08-31 12:55:52 +03:00
} )
2021-02-27 20:54:22 +05:30
ts := httptest . NewServer ( router )
defer ts . Close ( )
2021-03-05 12:08:31 +05:30
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
2021-02-27 20:54:22 +05:30
if err != nil {
return err
}
2021-12-15 16:03:57 +02:00
return expectResultsCount ( results , 2 )
2021-02-27 20:54:22 +05:30
}
type workflowConditionMatched struct { }
2021-09-03 17:25:50 +03:00
// Execute executes a test case and returns an error if occurred
2021-02-27 20:54:22 +05:30
func ( h * workflowConditionMatched ) Execute ( filePath string ) error {
router := httprouter . New ( )
2021-08-31 12:55:52 +03:00
router . GET ( "/" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
2021-02-27 20:54:22 +05:30
fmt . Fprintf ( w , "This is test matcher text" )
2021-08-31 12:55:52 +03:00
} )
2021-02-27 20:54:22 +05:30
ts := httptest . NewServer ( router )
defer ts . Close ( )
2021-03-05 12:08:31 +05:30
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
2021-02-27 20:54:22 +05:30
if err != nil {
return err
}
2021-12-15 16:03:57 +02:00
return expectResultsCount ( results , 1 )
2021-02-27 20:54:22 +05:30
}
type workflowConditionUnmatch struct { }
2021-09-03 17:25:50 +03:00
// Execute executes a test case and returns an error if occurred
2021-02-27 20:54:22 +05:30
func ( h * workflowConditionUnmatch ) Execute ( filePath string ) error {
router := httprouter . New ( )
2021-08-31 12:55:52 +03:00
router . GET ( "/" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
2021-02-27 20:54:22 +05:30
fmt . Fprintf ( w , "This is test matcher text" )
2021-08-31 12:55:52 +03:00
} )
2021-02-27 20:54:22 +05:30
ts := httptest . NewServer ( router )
defer ts . Close ( )
2021-03-05 12:08:31 +05:30
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
2021-02-27 20:54:22 +05:30
if err != nil {
return err
}
2021-12-15 16:03:57 +02:00
return expectResultsCount ( results , 0 )
2021-02-27 20:54:22 +05:30
}
type workflowMatcherName struct { }
2021-08-31 12:55:52 +03:00
// Execute executes a test case and returns an error if occurred
2021-02-27 20:54:22 +05:30
func ( h * workflowMatcherName ) Execute ( filePath string ) error {
router := httprouter . New ( )
2021-08-31 12:55:52 +03:00
router . GET ( "/" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
2021-02-27 20:54:22 +05:30
fmt . Fprintf ( w , "This is test matcher text" )
2021-08-31 12:55:52 +03:00
} )
2021-02-27 20:54:22 +05:30
ts := httptest . NewServer ( router )
defer ts . Close ( )
2021-03-05 12:08:31 +05:30
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
2021-02-27 20:54:22 +05:30
if err != nil {
return err
}
2021-12-15 16:03:57 +02:00
return expectResultsCount ( results , 1 )
2021-02-27 20:54:22 +05:30
}
2022-10-03 12:12:20 +02:00
2024-04-12 00:50:11 +02:00
type workflowComplexConditions struct { }
// Execute executes a test case and returns an error if occurred
func ( h * workflowComplexConditions ) Execute ( filePath string ) error {
router := httprouter . New ( )
router . GET ( "/" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
fmt . Fprintf ( w , "This is test matcher text" )
} )
ts := httptest . NewServer ( router )
defer ts . Close ( )
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
if err != nil {
return err
}
for _ , result := range results {
if ! strings . Contains ( result , "test-matcher-3" ) {
return fmt . Errorf ( "incorrect result: the \"basic-get-third:test-matcher-3\" and only that should be matched!\nResults:\n\t%s" , strings . Join ( results , "\n\t" ) )
}
}
return expectResultsCount ( results , 2 )
}
2022-10-03 12:12:20 +02:00
type workflowHttpKeyValueShare struct { }
// Execute executes a test case and returns an error if occurred
func ( h * workflowHttpKeyValueShare ) Execute ( filePath string ) error {
router := httprouter . New ( )
router . GET ( "/path1" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
fmt . Fprintf ( w , "href=\"test-value\"" )
} )
router . GET ( "/path2" , func ( w http . ResponseWriter , r * http . Request , _ httprouter . Params ) {
body , _ := io . ReadAll ( r . Body )
fmt . Fprintf ( w , "%s" , body )
} )
ts := httptest . NewServer ( router )
defer ts . Close ( )
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug )
if err != nil {
return err
}
return expectResultsCount ( results , 1 )
}
type workflowDnsKeyValueShare struct { }
// Execute executes a test case and returns an error if occurred
func ( h * workflowDnsKeyValueShare ) Execute ( filePath string ) error {
results , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , "http://scanme.sh" , debug )
if err != nil {
return err
}
// no results - ensure that the variable sharing works
return expectResultsCount ( results , 1 )
}
2023-06-26 19:25:51 +02:00
type workflowSharedCookies struct { }
// Execute executes a test case and returns an error if occurred
func ( h * workflowSharedCookies ) Execute ( filePath string ) error {
2024-03-14 03:08:53 +05:30
handleFunc := func ( name string , w http . ResponseWriter , _ * http . Request , _ httprouter . Params ) {
2023-06-26 19:25:51 +02:00
cookie := & http . Cookie { Name : name , Value : name }
http . SetCookie ( w , cookie )
}
var gotCookies [ ] string
router := httprouter . New ( )
router . GET ( "/http1" , func ( w http . ResponseWriter , r * http . Request , p httprouter . Params ) {
handleFunc ( "http1" , w , r , p )
} )
router . GET ( "/http2" , func ( w http . ResponseWriter , r * http . Request , p httprouter . Params ) {
handleFunc ( "http2" , w , r , p )
} )
router . GET ( "/headless1" , func ( w http . ResponseWriter , r * http . Request , p httprouter . Params ) {
handleFunc ( "headless1" , w , r , p )
} )
router . GET ( "/http3" , func ( w http . ResponseWriter , r * http . Request , p httprouter . Params ) {
for _ , cookie := range r . Cookies ( ) {
gotCookies = append ( gotCookies , cookie . Name )
}
} )
ts := httptest . NewServer ( router )
defer ts . Close ( )
_ , err := testutils . RunNucleiWorkflowAndGetResults ( filePath , ts . URL , debug , "-headless" )
if err != nil {
return err
}
return expectResultsCount ( gotCookies , 3 )
}
