nuclei/v2/pkg/reporting/exporters/es/elasticsearch.go

package es

import (
	"crypto/tls"
	"errors"
	"fmt"
	"io"
	"net/http"
	"strings"
	"sync"
	"time"

	b64 "encoding/base64"
	"encoding/json"

	"github.com/projectdiscovery/nuclei/v2/pkg/output"
)

// Options contains necessary options required for elasticsearch communicaiton
type Options struct {
	// Full url for elasticsearch
	ESIP string
	// Full url for elasticsearch
	ESPort int
	// Enable/Disable SSL
	ESSSL bool
	// Enable/DIsable SSL verificaiton
	ESSSLVerificaiton bool
	// Elasticsearch username
	ESUsername string
	// Elasticsearch password
	ESPassword string
}

type data struct {
	Event     *output.ResultEvent `json:"event"`
	Timestamp string              `json:"@timestamp"`
}

// Exporter type for elasticsearch
type Exporter struct {
	elasticsearch *http.Client
	req           *http.Request
	wg            *sync.Mutex
}

// New creates and returns a new exporter for elasticsearch
func New(option *Options) (*Exporter, error) {

	var ei *Exporter

	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: option.ESSSLVerificaiton},
	}
	c := &http.Client{
		Timeout:   5 * time.Second,
		Transport: tr,
	}

	// preparing url for elasticsearch
	url := `http://`
	if option.ESSSL {
		url = `https://`
	}
	url = fmt.Sprintf(url+"%s:%d/nuclei-export/_doc", option.ESIP, option.ESPort)

	// creafting a request
	req2, err := http.NewRequest(http.MethodPost, url, nil)
	if err != nil {
		return ei, nil
	}

	// if authentication is required
	if len(option.ESUsername) != 0 && len(option.ESPassword) != 0 {
		auth := b64.StdEncoding.EncodeToString([]byte(option.ESUsername + ":" + option.ESPassword))
		auth = "Basic " + auth
		req2.Header.Add("Authorization", auth)
	}
	req2.Header.Add("Content-Type", "application/json")

	ei = &Exporter{
		elasticsearch: c,
		req:           req2,
		wg:            &sync.Mutex{},
	}

	return ei, nil
}

// Export exports a passed result event to disk
func (i *Exporter) Export(event *output.ResultEvent) error {
	i.wg.Lock()
	defer i.wg.Unlock()
	defer func() { i.req.Body = nil }()

	d := data{
		Event:     event,
		Timestamp: time.Now().Format(time.RFC3339),
	}
	b, err := json.Marshal(&d)
	if err != nil {
		return err
	}
	i.req.Body = io.NopCloser(strings.NewReader(string(b)))

	res, err := i.elasticsearch.Do(i.req)
	b, _ = io.ReadAll(res.Body)
	if err != nil {
		return errors.New(err.Error() + "error thrown by elasticsearch " + string(b))
	}

	if res.StatusCode >= 300 {
		return errors.New("elasticsearch responded with an error: " + string(b))
	}

	return nil
}

// Close closes the exporter after operation
func (i *Exporter) Close() error {
	return nil
}
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`package es`

			`import (`
			`"crypto/tls"`
			`"errors"`
			`"fmt"`
			`"io"`
			`"net/http"`
			`"strings"`
			`"sync"`
			`"time"`

			`b64 "encoding/base64"`
			`"encoding/json"`

			`"github.com/projectdiscovery/nuclei/v2/pkg/output"`
			`)`

			`// Options contains necessary options required for elasticsearch communicaiton`
			`type Options struct {`
			`// Full url for elasticsearch`
			`ESIP string`
			`// Full url for elasticsearch`
			`ESPort int`
			`// Enable/Disable SSL`
			`ESSSL bool`
			`// Enable/DIsable SSL verificaiton`
			`ESSSLVerificaiton bool`
			`// Elasticsearch username`
			`ESUsername string`
			`// Elasticsearch password`
			`ESPassword string`
			`}`

			`type data struct {`
			Event *output.ResultEvent `json:"event"`
			Timestamp string `json:"@timestamp"`
			`}`

			`// Exporter type for elasticsearch`
			`type Exporter struct {`
			`elasticsearch *http.Client`
			`req *http.Request`
			`wg *sync.Mutex`
			`}`

			`// New creates and returns a new exporter for elasticsearch`
			`func New(option Options) (Exporter, error) {`

			`var ei *Exporter`

			`tr := &http.Transport{`
			`TLSClientConfig: &tls.Config{InsecureSkipVerify: option.ESSSLVerificaiton},`
			`}`
			`c := &http.Client{`
			`Timeout: 5 * time.Second,`
			`Transport: tr,`
			`}`

			`// preparing url for elasticsearch`
			url := `http://`
			`if option.ESSSL {`
			url = `https://`
			`}`
testing done and also checked 2021-08-21 08:33:27 +05:45			`url = fmt.Sprintf(url+"%s:%d/nuclei-export/_doc", option.ESIP, option.ESPort)`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00
			`// creafting a request`
			`req2, err := http.NewRequest(http.MethodPost, url, nil)`
			`if err != nil {`
			`return ei, nil`
			`}`

			`// if authentication is required`
			`if len(option.ESUsername) != 0 && len(option.ESPassword) != 0 {`
			`auth := b64.StdEncoding.EncodeToString([]byte(option.ESUsername + ":" + option.ESPassword))`
			`auth = "Basic " + auth`
			`req2.Header.Add("Authorization", auth)`
			`}`
			`req2.Header.Add("Content-Type", "application/json")`

			`ei = &Exporter{`
			`elasticsearch: c,`
			`req: req2,`
			`wg: &sync.Mutex{},`
			`}`

			`return ei, nil`
			`}`

			`// Export exports a passed result event to disk`
			`func (i Exporter) Export(event output.ResultEvent) error {`
			`i.wg.Lock()`
			`defer i.wg.Unlock()`
			`defer func() { i.req.Body = nil }()`

			`d := data{`
			`Event: event,`
testing done and also checked 2021-08-21 08:33:27 +05:45			`Timestamp: time.Now().Format(time.RFC3339),`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
			`b, err := json.Marshal(&d)`
			`if err != nil {`
			`return err`
			`}`
			`i.req.Body = io.NopCloser(strings.NewReader(string(b)))`

			`res, err := i.elasticsearch.Do(i.req)`
			`b, _ = io.ReadAll(res.Body)`
			`if err != nil {`
			`return errors.New(err.Error() + "error thrown by elasticsearch " + string(b))`
			`}`

			`if res.StatusCode >= 300 {`
			`return errors.New("elasticsearch responded with an error: " + string(b))`
			`}`

			`return nil`
			`}`

			`// Close closes the exporter after operation`
			`func (i *Exporter) Close() error {`
			`return nil`
			`}`