nuclei/v2/pkg/operators/extractors/extractors.go

package extractors

import (
	"regexp"

	"github.com/itchyny/gojq"
)

// Extractor is used to extract part of response using a regex.
type Extractor struct {
	// description: |
	//   Name of the extractor. Name should be lowercase and must not contain
	//   spaces or dashes (-).
	// examples:
	//   - value: "\"cookie-extractor\""
	Name string `yaml:"name,omitempty"`
	// description: |
	//   Type is the type of the extractor.
	// values:
	//   - "regex"
	//   - "kval"
	Type string `yaml:"type"`
	// extractorType is the internal type of the extractor
	extractorType ExtractorType

	// description: |
	//   Regex contains the regular expression patterns to exract from a part.
	//
	//   Go regex engine does not supports lookaheads or lookbehinds, so as a result
	//   they are also not supported in nuclei.
	// examples:
	//   - name: Braintree Access Token Regex
	//     value: >
	//       []string{"access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}"}
	//   - name: Wordpress Author Extraction regex
	//     value: >
	//       []string{"Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"}
	Regex []string `yaml:"regex,omitempty"`
	// description: |
	//   Group specifies a numbered group to extract from the regex.
	// examples:
	//   - name: Example Regex Group
	//     value: "1"
	RegexGroup int `yaml:"group,omitempty"`
	// regexCompiled is the compiled variant
	regexCompiled []*regexp.Regexp

	// description: |
	//   kval contains the key-value pairs required in the response.
	//
	//   Each protocol exposes a lot of different data in response. The kval
	//   extractor can be used to extract those key-value pairs. A list of
	//   supported parts is available in docs for request types.
	// examples:
	//   - name: Extract Server Header From HTTP Response
	//     value: >
	//       []string{"Server"}
	//   - name: Extracting value of PHPSESSID Cookie
	//     value: >
	//       []string{"PHPSESSID"}
	KVal []string `yaml:"kval,omitempty"`

	// description: |
	//   Part is the part of the request response to extract data from.
	//
	//   Each protocol exposes a lot of different parts which are well
	//   documented in docs for each request type.
	// examples:
	//   - value: "\"body\""
	//   - value: "\"raw\""
	Part string `yaml:"part,omitempty"`

	// description: |
	//   JSON allows using jq-style syntax to extract items from json response
	//
	// examples:
	//   - value: >
	//       []string{".[] | .id"}
	//   - value: >
	//       []string{".batters | .batter | .[] | .id"}
	JSON []string `yaml:"json,omitempty"`
	// jsonCompiled is the compiled variant
	jsonCompiled []*gojq.Code

	// description: |
	//   Internal, when set to true will allow using the value extracted
	//   in the next request for some protocols (like HTTP).
	Internal bool `yaml:"internal,omitempty"`
}

// ExtractorType is the type of the extractor specified
type ExtractorType = int

const (
	// RegexExtractor extracts responses with regexes
	RegexExtractor ExtractorType = iota + 1
	// KValExtractor extracts responses with key:value
	KValExtractor
	// JSONExtractor extracts responses with json
	JSONExtractor
)

// ExtractorTypes is an table for conversion of extractor type from string.
var ExtractorTypes = map[string]ExtractorType{
	"regex": RegexExtractor,
	"kval":  KValExtractor,
	"json":  JSONExtractor,
}

// GetType returns the type of the matcher
func (e *Extractor) GetType() ExtractorType {
	return e.extractorType
}
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`package extractors`

use import () in extractors.go 2021-08-01 12:38:13 +02:00			`import (`
			`"regexp"`
fix golint 2021-08-01 14:42:04 +02:00
			`"github.com/itchyny/gojq"`
use import () in extractors.go 2021-08-01 12:38:13 +02:00			`)`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30
			`// Extractor is used to extract part of response using a regex.`
			`type Extractor struct {`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Name of the extractor. Name should be lowercase and must not contain`
			`// spaces or dashes (-).`
			`// examples:`
			`// - value: "\"cookie-extractor\""`
improved workflow logic 2020-07-10 09:04:38 +02:00			Name string `yaml:"name,omitempty"`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Type is the type of the extractor.`
			`// values:`
			`// - "regex"`
			`// - "kval"`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			Type string `yaml:"type"`
prototyping 2020-07-15 00:47:01 +02:00			`// extractorType is the internal type of the extractor`
			`extractorType ExtractorType`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Regex contains the regular expression patterns to exract from a part.`
			`//`
			`// Go regex engine does not supports lookaheads or lookbehinds, so as a result`
			`// they are also not supported in nuclei.`
			`// examples:`
			`// - name: Braintree Access Token Regex`
			`// value: >`
			`// []string{"access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}"}`
			`// - name: Wordpress Author Extraction regex`
			`// value: >`
			`// []string{"Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"}`
Added more docs examples + Misc 2021-08-04 14:20:48 +05:30			Regex []string `yaml:"regex,omitempty"`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Group specifies a numbered group to extract from the regex.`
			`// examples:`
			`// - name: Example Regex Group`
Misc changes to docs 2021-08-05 00:54:34 +05:30			`// value: "1"`
Added more docs examples + Misc 2021-08-04 14:20:48 +05:30			RegexGroup int `yaml:"group,omitempty"`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`// regexCompiled is the compiled variant`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`regexCompiled []*regexp.Regexp`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// kval contains the key-value pairs required in the response.`
			`//`
			`// Each protocol exposes a lot of different data in response. The kval`
			`// extractor can be used to extract those key-value pairs. A list of`
			`// supported parts is available in docs for request types.`
			`// examples:`
			`// - name: Extract Server Header From HTTP Response`
			`// value: >`
			`// []string{"Server"}`
			`// - name: Extracting value of PHPSESSID Cookie`
			`// value: >`
			`// []string{"PHPSESSID"}`
finalized + corrected typo 2020-07-16 10:32:00 +02:00			KVal []string `yaml:"kval,omitempty"`

Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Part is the part of the request response to extract data from.`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`//`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// Each protocol exposes a lot of different parts which are well`
			`// documented in docs for each request type.`
			`// examples:`
			`// - value: "\"body\""`
			`// - value: "\"raw\""`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			Part string `yaml:"part,omitempty"`
Merged from dev 2021-08-03 20:22:16 +05:30
			`// description: \|`
			`// JSON allows using jq-style syntax to extract items from json response`
			`//`
			`// examples:`
Misc changes to docs 2021-08-05 00:54:34 +05:30			`// - value: >`
			`// []string{".[] \| .id"}`
			`// - value: >`
			`// []string{".batters \| .batter \| .[] \| .id"}`
Added more docs examples + Misc 2021-08-04 14:20:48 +05:30			JSON []string `yaml:"json,omitempty"`
json extractor support 2021-07-31 22:49:23 +02:00			`// jsonCompiled is the compiled variant`
			`jsonCompiled []*gojq.Code`

Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Internal, when set to true will allow using the value extracted`
			`// in the next request for some protocols (like HTTP).`
wip - output 2020-07-25 21:15:28 +02:00			Internal bool `yaml:"internal,omitempty"`
Added extractors for text extraction 2020-04-06 00:05:01 +05:30			`}`

Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`// ExtractorType is the type of the extractor specified`
			`type ExtractorType = int`

			`const (`
			`// RegexExtractor extracts responses with regexes`
			`RegexExtractor ExtractorType = iota + 1`
prototyping 2020-07-15 00:47:01 +02:00			`// KValExtractor extracts responses with key:value`
			`KValExtractor`
json extractor support 2021-07-31 22:49:23 +02:00			`// JSONExtractor extracts responses with json`
			`JSONExtractor`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`)`

			`// ExtractorTypes is an table for conversion of extractor type from string.`
			`var ExtractorTypes = map[string]ExtractorType{`
			`"regex": RegexExtractor,`
prototyping 2020-07-15 00:47:01 +02:00			`"kval": KValExtractor,`
Update extractors.go 2021-08-01 12:38:35 +02:00			`"json": JSONExtractor,`
Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30			`}`
More refactoring of nuclei packages 2020-12-24 20:47:41 +05:30
			`// GetType returns the type of the matcher`
			`func (e *Extractor) GetType() ExtractorType {`
			`return e.extractorType`
			`}`