nuclei/v2/internal/runner/templates.go

package runner

import (
	"bytes"
	"os"
	"path/filepath"
	"strings"

	"github.com/alecthomas/chroma/quick"
	"github.com/logrusorgru/aurora"
	"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader"

	"github.com/projectdiscovery/gologger"
	"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
	"github.com/projectdiscovery/nuclei/v2/pkg/templates"
	"github.com/projectdiscovery/nuclei/v2/pkg/types"
)

// log available templates for verbose (-vv)
func (r *Runner) logAvailableTemplate(tplPath string) {
	t, err := parsers.ParseTemplate(tplPath, r.catalog)
	if err != nil {
		gologger.Error().Msgf("Could not parse file '%s': %s\n", tplPath, err)
	} else {
		r.verboseTemplate(t)
	}
}

// log available templates for verbose (-vv)
func (r *Runner) verboseTemplate(tpl *templates.Template) {
	gologger.Print().Msgf("%s\n", templates.TemplateLogMessage(tpl.ID,
		types.ToString(tpl.Info.Name),
		tpl.Info.Authors.ToSlice(),
		tpl.Info.SeverityHolder.Severity))
}

func (r *Runner) listAvailableStoreTemplates(store *loader.Store) {
	gologger.Print().Msgf(
		"\nListing available v.%s nuclei templates for %s",
		r.templatesConfig.TemplateVersion,
		r.templatesConfig.TemplatesDirectory,
	)
	for _, tpl := range store.Templates() {
		if hasExtraFlags(r.options) {
			if r.options.TemplateDisplay {
				colorize := !r.options.NoColor

				path := tpl.Path
				tplBody, err := os.ReadFile(path)
				if err != nil {
					gologger.Error().Msgf("Could not read the template %s: %s", path, err)
					continue
				}

				if colorize {
					path = aurora.Cyan(tpl.Path).String()
					tplBody, err = r.highlightTemplate(&tplBody)
					if err != nil {
						gologger.Error().Msgf("Could not hihglight the template %s: %s", tpl.Path, err)
						continue
					}

				}
				gologger.Silent().Msgf("Template: %s\n\n%s", path, tplBody)
			} else {
				gologger.Silent().Msgf("%s\n", strings.TrimPrefix(tpl.Path, r.templatesConfig.TemplatesDirectory+string(filepath.Separator)))
			}
		} else {
			r.verboseTemplate(tpl)
		}
	}
}

func (r *Runner) highlightTemplate(body *[]byte) ([]byte, error) {
	var buf bytes.Buffer
	// YAML lexer, true color terminar formatter and monokai style
	err := quick.Highlight(&buf, string(*body), "yaml", "terminal16m", "monokai")
	if err != nil {
		return nil, err
	}

	return buf.Bytes(), nil
}

func hasExtraFlags(options *types.Options) bool {
	return options.Templates != nil || options.Authors != nil ||
		options.Tags != nil || len(options.ExcludeTags) > 3 ||
		options.IncludeTags != nil || options.IncludeIds != nil ||
		options.ExcludeIds != nil || options.IncludeTemplates != nil ||
		options.ExcludedTemplates != nil || options.ExcludeMatchers != nil ||
		options.Severities != nil || options.ExcludeSeverities != nil ||
		options.Protocols != nil || options.ExcludeProtocols != nil ||
		options.IncludeConditions != nil || options.TemplateList
}
Divide and conquer 2020-08-29 15:26:11 +02:00			`package runner`

			`import (`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`"bytes"`
Adding custom ip to protocol generated variables (#3011) * lint errors * Extending context args support * Ip => ip 2022-12-09 19:47:03 +01:00			`"os"`
Fixing directory walk error check on windows (#1951) * Fixing directory walk error check on windows * moving check to helper package * replacing godirwalk with standard library 2022-05-08 08:52:21 +02:00			`"path/filepath"`
Divide and conquer 2020-08-29 15:26:11 +02:00			`"strings"`

Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`"github.com/alecthomas/chroma/quick"`
			`"github.com/logrusorgru/aurora"`
			`"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader"`

Divide and conquer 2020-08-29 15:26:11 +02:00			`"github.com/projectdiscovery/gologger"`
Exported ParseTemplate + use it everywhere for parsing 2021-08-19 02:10:36 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/parsers"`
Misc changes, moving things around as per review 2022-03-14 12:32:05 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/templates"`
More tests + finished tag based execution 2021-02-04 18:29:28 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/types"`
Divide and conquer 2020-08-29 15:26:11 +02:00			`)`

tl flag improvements (#2596) * tl flag improvements * tl flag enhancement with additional filters * added ExcluedTags filter * tl flas to list template paths * using stdout * misc update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-09-20 16:33:57 -05:00			`// log available templates for verbose (-vv)`
Implemented only "tl" to list available templates 2020-08-29 23:02:45 +02:00			`func (r *Runner) logAvailableTemplate(tplPath string) {`
Added initial catalog interface implementation (#2318) * Added initial catalog interface implementation * Added OpenFile to Catalog + disk catalog implementation * Fixed merge issues Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-08-10 23:35:58 +05:30			`t, err := parsers.ParseTemplate(tplPath, r.catalog)`
Making nuclei overall compatible with new changes + bug fixes 2020-12-29 15:38:14 +05:30			`if err != nil {`
			`gologger.Error().Msgf("Could not parse file '%s': %s\n", tplPath, err)`
Misc stuff, added timestamp to output + logging 2021-01-14 13:21:21 +05:30			`} else {`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`r.verboseTemplate(t)`
Implemented only "tl" to list available templates 2020-08-29 23:02:45 +02:00			`}`
Divide and conquer 2020-08-29 15:26:11 +02:00			`}`

Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`// log available templates for verbose (-vv)`
			`func (r Runner) verboseTemplate(tpl templates.Template) {`
			`gologger.Print().Msgf("%s\n", templates.TemplateLogMessage(tpl.ID,`
			`types.ToString(tpl.Info.Name),`
			`tpl.Info.Authors.ToSlice(),`
			`tpl.Info.SeverityHolder.Severity))`
			`}`

tl flag improvements (#2596) * tl flag improvements * tl flag enhancement with additional filters * added ExcluedTags filter * tl flas to list template paths * using stdout * misc update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-09-20 16:33:57 -05:00			`func (r Runner) listAvailableStoreTemplates(store loader.Store) {`
Making nuclei overall compatible with new changes + bug fixes 2020-12-29 15:38:14 +05:30			`gologger.Print().Msgf(`
Check if configured nuclei-templates directory exists 2020-08-30 13:25:34 +02:00			`"\nListing available v.%s nuclei templates for %s",`
Misc changes to update and ignore handling 2021-09-15 04:01:40 +05:30			`r.templatesConfig.TemplateVersion,`
Check if configured nuclei-templates directory exists 2020-08-30 13:25:34 +02:00			`r.templatesConfig.TemplatesDirectory,`
			`)`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`for _, tpl := range store.Templates() {`
			`if hasExtraFlags(r.options) {`
			`if r.options.TemplateDisplay {`
			`colorize := !r.options.NoColor`

			`path := tpl.Path`
Adding custom ip to protocol generated variables (#3011) * lint errors * Extending context args support * Ip => ip 2022-12-09 19:47:03 +01:00			`tplBody, err := os.ReadFile(path)`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`if err != nil {`
			`gologger.Error().Msgf("Could not read the template %s: %s", path, err)`
			`continue`
			`}`

			`if colorize {`
			`path = aurora.Cyan(tpl.Path).String()`
			`tplBody, err = r.highlightTemplate(&tplBody)`
			`if err != nil {`
			`gologger.Error().Msgf("Could not hihglight the template %s: %s", tpl.Path, err)`
			`continue`
			`}`

			`}`
			`gologger.Silent().Msgf("Template: %s\n\n%s", path, tplBody)`
			`} else {`
			`gologger.Silent().Msgf("%s\n", strings.TrimPrefix(tpl.Path, r.templatesConfig.TemplatesDirectory+string(filepath.Separator)))`
			`}`
tl flag improvements (#2596) * tl flag improvements * tl flag enhancement with additional filters * added ExcluedTags filter * tl flas to list template paths * using stdout * misc update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-09-20 16:33:57 -05:00			`} else {`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00			`r.verboseTemplate(tpl)`
tl flag improvements (#2596) * tl flag improvements * tl flag enhancement with additional filters * added ExcluedTags filter * tl flas to list template paths * using stdout * misc update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-09-20 16:33:57 -05:00			`}`
Divide and conquer 2020-08-29 15:26:11 +02:00			`}`
			`}`
Display tpl contents (#2906) * New "td" flag, displays the highlighted template contents New verboseTemplate method to avoid duplicate code Grouped (and sorted) template list per directory * Updated README about the td flag * Going back to the previous template list format The new one can't be pipelined * Implicit template list on template display Respect --no-color option to disable colors when -td is used * misc option update Co-authored-by: Víctor Zamanillo <victor.zamanillo@cifraeducacion.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2022-11-29 13:18:44 +01:00
			`func (r Runner) highlightTemplate(body []byte) ([]byte, error) {`
			`var buf bytes.Buffer`
			`// YAML lexer, true color terminar formatter and monokai style`
			`err := quick.Highlight(&buf, string(*body), "yaml", "terminal16m", "monokai")`
			`if err != nil {`
			`return nil, err`
			`}`

			`return buf.Bytes(), nil`
			`}`

			`func hasExtraFlags(options *types.Options) bool {`
			`return options.Templates != nil \|\| options.Authors != nil \|\|`
			`options.Tags != nil \|\| len(options.ExcludeTags) > 3 \|\|`
			`options.IncludeTags != nil \|\| options.IncludeIds != nil \|\|`
			`options.ExcludeIds != nil \|\| options.IncludeTemplates != nil \|\|`
			`options.ExcludedTemplates != nil \|\| options.ExcludeMatchers != nil \|\|`
			`options.Severities != nil \|\| options.ExcludeSeverities != nil \|\|`
			`options.Protocols != nil \|\| options.ExcludeProtocols != nil \|\|`
			`options.IncludeConditions != nil \|\| options.TemplateList`
			`}`