nuclei/v2/pkg/matchers/match.go

package matchers

import (
	"encoding/hex"
	"net/http"
	"strings"
	"time"

	"github.com/miekg/dns"
	"github.com/projectdiscovery/nuclei/v2/pkg/generators"
)

// Match matches a http response again a given matcher
func (m *Matcher) Match(resp *http.Response, body, headers string, duration time.Duration, data map[string]interface{}) bool {
	switch m.matcherType {
	case StatusMatcher:
		return m.isNegative(m.matchStatusCode(resp.StatusCode))
	case SizeMatcher:
		return m.isNegative(m.matchSizeCode(len(body)))
	case WordsMatcher:
		// Match the parts as required for word check
		if m.part == BodyPart {
			return m.isNegative(m.matchWords(body))
		} else if m.part == HeaderPart {
			return m.isNegative(m.matchWords(headers))
		} else {
			return m.isNegative(m.matchWords(headers) || m.matchWords(body))
		}
	case RegexMatcher:
		// Match the parts as required for regex check
		if m.part == BodyPart {
			return m.isNegative(m.matchRegex(body))
		} else if m.part == HeaderPart {
			return m.isNegative(m.matchRegex(headers))
		} else {
			return m.isNegative(m.matchRegex(headers) || m.matchRegex(body))
		}
	case BinaryMatcher:
		// Match the parts as required for binary characters check
		if m.part == BodyPart {
			return m.isNegative(m.matchBinary(body))
		} else if m.part == HeaderPart {
			return m.isNegative(m.matchBinary(headers))
		} else {
			return m.isNegative(m.matchBinary(headers) || m.matchBinary(body))
		}
	case DSLMatcher:
		// Match complex query
		return m.isNegative(m.matchDSL(generators.MergeMaps(HTTPToMap(resp, body, headers, duration, ""), data)))
	}

	return false
}

// MatchDNS matches a dns response against a given matcher
func (m *Matcher) MatchDNS(msg *dns.Msg) bool {
	switch m.matcherType {
	// [WIP] add dns status code matcher
	case SizeMatcher:
		return m.matchSizeCode(msg.Len())
	case WordsMatcher:
		// Match for word check
		return m.matchWords(msg.String())
	case RegexMatcher:
		// Match regex check
		return m.matchRegex(msg.String())
	case BinaryMatcher:
		// Match binary characters check
		return m.matchBinary(msg.String())
	case DSLMatcher:
		// Match complex query
		return m.matchDSL(DNSToMap(msg, ""))
	}

	return false
}

// matchStatusCode matches a status code check against an HTTP Response
func (m *Matcher) matchStatusCode(statusCode int) bool {
	// Iterate over all the status codes accepted as valid
	//
	// Status codes don't support AND conditions.
	for _, status := range m.Status {
		// Continue if the status codes don't match
		if statusCode != status {
			continue
		}
		// Return on the first match.
		return true
	}

	return false
}

// matchStatusCode matches a size check against an HTTP Response
func (m *Matcher) matchSizeCode(length int) bool {
	// Iterate over all the sizes accepted as valid
	//
	// Sizes codes don't support AND conditions.
	for _, size := range m.Size {
		// Continue if the size doesn't match
		if length != size {
			continue
		}
		// Return on the first match.
		return true
	}

	return false
}

// matchWords matches a word check against an HTTP Response/Headers.
func (m *Matcher) matchWords(corpus string) bool {
	// Iterate over all the words accepted as valid
	for i, word := range m.Words {
		// Continue if the word doesn't match
		if !strings.Contains(corpus, word) {
			// If we are in an AND request and a match failed,
			// return false as the AND condition fails on any single mismatch.
			if m.condition == ANDCondition {
				return false
			}
			// Continue with the flow since its an OR Condition.
			continue
		}

		// If the condition was an OR, return on the first match.
		if m.condition == ORCondition {
			return true
		}

		// If we are at the end of the words, return with true
		if len(m.Words)-1 == i {
			return true
		}
	}

	return false
}

// matchRegex matches a regex check against an HTTP Response/Headers.
func (m *Matcher) matchRegex(corpus string) bool {
	// Iterate over all the regexes accepted as valid
	for i, regex := range m.regexCompiled {
		// Continue if the regex doesn't match
		if !regex.MatchString(corpus) {
			// If we are in an AND request and a match failed,
			// return false as the AND condition fails on any single mismatch.
			if m.condition == ANDCondition {
				return false
			}
			// Continue with the flow since its an OR Condition.
			continue
		}

		// If the condition was an OR, return on the first match.
		if m.condition == ORCondition {
			return true
		}

		// If we are at the end of the regex, return with true
		if len(m.regexCompiled)-1 == i {
			return true
		}
	}

	return false
}

// matchWords matches a word check against an HTTP Response/Headers.
func (m *Matcher) matchBinary(corpus string) bool {
	// Iterate over all the words accepted as valid
	for i, binary := range m.Binary {
		// Continue if the word doesn't match
		hexa, _ := hex.DecodeString(binary)
		if !strings.Contains(corpus, string(hexa)) {
			// If we are in an AND request and a match failed,
			// return false as the AND condition fails on any single mismatch.
			if m.condition == ANDCondition {
				return false
			}
			// Continue with the flow since its an OR Condition.
			continue
		}

		// If the condition was an OR, return on the first match.
		if m.condition == ORCondition {
			return true
		}

		// If we are at the end of the words, return with true
		if len(m.Binary)-1 == i {
			return true
		}
	}

	return false
}

// matchDSL matches on a generic map result
func (m *Matcher) matchDSL(mp map[string]interface{}) bool {
	// Iterate over all the regexes accepted as valid
	for i, expression := range m.dslCompiled {
		result, err := expression.Evaluate(mp)
		if err != nil {
			continue
		}

		var bResult bool
		bResult, ok := result.(bool)

		// Continue if the regex doesn't match
		if !ok || !bResult {
			// If we are in an AND request and a match failed,
			// return false as the AND condition fails on any single mismatch.
			if m.condition == ANDCondition {
				return false
			}
			// Continue with the flow since its an OR Condition.
			continue
		}

		// If the condition was an OR, return on the first match.
		if m.condition == ORCondition {
			return true
		}

		// If we are at the end of the dsl, return with true
		if len(m.dslCompiled)-1 == i {
			return true
		}
	}

	return false
}
Added matchers package 2020-04-04 00:16:27 +05:30			`package matchers`

			`import (`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`"encoding/hex"`
Added matchers package 2020-04-04 00:16:27 +05:30			`"net/http"`
			`"strings"`
adding response time to DSL 2020-09-30 01:05:55 +02:00			`"time"`
poc implementation of dns templating 2020-04-22 22:45:02 +02:00
			`"github.com/miekg/dns"`
adding matcher per single request 2020-10-21 22:30:53 +02:00			`"github.com/projectdiscovery/nuclei/v2/pkg/generators"`
Added matchers package 2020-04-04 00:16:27 +05:30			`)`

			`// Match matches a http response again a given matcher`
adding matcher per single request 2020-10-21 22:30:53 +02:00			`func (m Matcher) Match(resp http.Response, body, headers string, duration time.Duration, data map[string]interface{}) bool {`
Added matchers package 2020-04-04 00:16:27 +05:30			`switch m.matcherType {`
			`case StatusMatcher:`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchStatusCode(resp.StatusCode))`
Added matchers package 2020-04-04 00:16:27 +05:30			`case SizeMatcher:`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchSizeCode(len(body)))`
Added matchers package 2020-04-04 00:16:27 +05:30			`case WordsMatcher:`
			`// Match the parts as required for word check`
			`if m.part == BodyPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchWords(body))`
Added matchers package 2020-04-04 00:16:27 +05:30			`} else if m.part == HeaderPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchWords(headers))`
Added matchers package 2020-04-04 00:16:27 +05:30			`} else {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchWords(headers) \|\| m.matchWords(body))`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
			`case RegexMatcher:`
			`// Match the parts as required for regex check`
			`if m.part == BodyPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchRegex(body))`
Added matchers package 2020-04-04 00:16:27 +05:30			`} else if m.part == HeaderPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchRegex(headers))`
Added matchers package 2020-04-04 00:16:27 +05:30			`} else {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchRegex(headers) \|\| m.matchRegex(body))`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`case BinaryMatcher:`
			`// Match the parts as required for binary characters check`
			`if m.part == BodyPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchBinary(body))`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`} else if m.part == HeaderPart {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchBinary(headers))`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`} else {`
Added negative matchers support 2020-08-23 22:55:11 +05:30			`return m.isNegative(m.matchBinary(headers) \|\| m.matchBinary(body))`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`}`
poc dsl language support in matchers 2020-04-26 23:32:58 +02:00			`case DSLMatcher:`
			`// Match complex query`
fixing linting 2020-10-23 10:41:49 +02:00			`return m.isNegative(m.matchDSL(generators.MergeMaps(HTTPToMap(resp, body, headers, duration, ""), data)))`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added matchers package 2020-04-04 00:16:27 +05:30			`return false`
			`}`

adding dns label to matched dns queries 2020-04-24 15:59:40 +02:00			`// MatchDNS matches a dns response against a given matcher`
poc implementation of dns templating 2020-04-22 22:45:02 +02:00			`func (m Matcher) MatchDNS(msg dns.Msg) bool {`
			`switch m.matcherType {`
			`// [WIP] add dns status code matcher`
			`case SizeMatcher:`
			`return m.matchSizeCode(msg.Len())`
			`case WordsMatcher:`
			`// Match for word check`
			`return m.matchWords(msg.String())`
			`case RegexMatcher:`
			`// Match regex check`
			`return m.matchRegex(msg.String())`
			`case BinaryMatcher:`
			`// Match binary characters check`
			`return m.matchBinary(msg.String())`
poc dsl language support in matchers 2020-04-26 23:32:58 +02:00			`case DSLMatcher:`
			`// Match complex query`
fixing linting 2020-10-23 10:41:49 +02:00			`return m.matchDSL(DNSToMap(msg, ""))`
poc implementation of dns templating 2020-04-22 22:45:02 +02:00			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
poc implementation of dns templating 2020-04-22 22:45:02 +02:00			`return false`
			`}`

Added matchers package 2020-04-04 00:16:27 +05:30			`// matchStatusCode matches a status code check against an HTTP Response`
			`func (m *Matcher) matchStatusCode(statusCode int) bool {`
			`// Iterate over all the status codes accepted as valid`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`//`
			`// Status codes don't support AND conditions.`
Added matchers package 2020-04-04 00:16:27 +05:30			`for _, status := range m.Status {`
			`// Continue if the status codes don't match`
			`if statusCode != status {`
			`continue`
			`}`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`// Return on the first match.`
			`return true`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added matchers package 2020-04-04 00:16:27 +05:30			`return false`
			`}`

			`// matchStatusCode matches a size check against an HTTP Response`
			`func (m *Matcher) matchSizeCode(length int) bool {`
			`// Iterate over all the sizes accepted as valid`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`//`
			`// Sizes codes don't support AND conditions.`
Added matchers package 2020-04-04 00:16:27 +05:30			`for _, size := range m.Size {`
			`// Continue if the size doesn't match`
			`if length != size {`
			`continue`
			`}`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`// Return on the first match.`
			`return true`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added matchers package 2020-04-04 00:16:27 +05:30			`return false`
			`}`

			`// matchWords matches a word check against an HTTP Response/Headers.`
			`func (m *Matcher) matchWords(corpus string) bool {`
			`// Iterate over all the words accepted as valid`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`for i, word := range m.Words {`
Added matchers package 2020-04-04 00:16:27 +05:30			`// Continue if the word doesn't match`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00			`if !strings.Contains(corpus, word) {`
Added matchers package 2020-04-04 00:16:27 +05:30			`// If we are in an AND request and a match failed,`
			`// return false as the AND condition fails on any single mismatch.`
			`if m.condition == ANDCondition {`
			`return false`
			`}`
			`// Continue with the flow since its an OR Condition.`
			`continue`
			`}`

			`// If the condition was an OR, return on the first match.`
			`if m.condition == ORCondition {`
			`return true`
			`}`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30
			`// If we are at the end of the words, return with true`
			`if len(m.Words)-1 == i {`
			`return true`
			`}`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added matchers package 2020-04-04 00:16:27 +05:30			`return false`
			`}`

			`// matchRegex matches a regex check against an HTTP Response/Headers.`
			`func (m *Matcher) matchRegex(corpus string) bool {`
			`// Iterate over all the regexes accepted as valid`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30			`for i, regex := range m.regexCompiled {`
Added matchers package 2020-04-04 00:16:27 +05:30			`// Continue if the regex doesn't match`
			`if !regex.MatchString(corpus) {`
			`// If we are in an AND request and a match failed,`
			`// return false as the AND condition fails on any single mismatch.`
			`if m.condition == ANDCondition {`
			`return false`
			`}`
			`// Continue with the flow since its an OR Condition.`
			`continue`
			`}`

			`// If the condition was an OR, return on the first match.`
			`if m.condition == ORCondition {`
			`return true`
			`}`
Tests + fixed a condition logic bug 2020-04-04 00:32:03 +05:30
			`// If we are at the end of the regex, return with true`
			`if len(m.regexCompiled)-1 == i {`
			`return true`
			`}`
Added matchers package 2020-04-04 00:16:27 +05:30			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
Added matchers package 2020-04-04 00:16:27 +05:30			`return false`
			`}`
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00
			`// matchWords matches a word check against an HTTP Response/Headers.`
			`func (m *Matcher) matchBinary(corpus string) bool {`
			`// Iterate over all the words accepted as valid`
			`for i, binary := range m.Binary {`
			`// Continue if the word doesn't match`
			`hexa, _ := hex.DecodeString(binary)`
			`if !strings.Contains(corpus, string(hexa)) {`
			`// If we are in an AND request and a match failed,`
			`// return false as the AND condition fails on any single mismatch.`
			`if m.condition == ANDCondition {`
			`return false`
			`}`
			`// Continue with the flow since its an OR Condition.`
			`continue`
			`}`

			`// If the condition was an OR, return on the first match.`
			`if m.condition == ORCondition {`
			`return true`
			`}`

			`// If we are at the end of the words, return with true`
			`if len(m.Binary)-1 == i {`
			`return true`
			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
[feature] add binary rules capability add binary characters to the rules engine capability. In fact, the issue is that I want to bypass the utf-8 issue with Golang and have a dedicated capability to create binary rules. 2020-04-21 20:50:35 +02:00			`return false`
			`}`
poc dsl language support in matchers 2020-04-26 23:32:58 +02:00
			`// matchDSL matches on a generic map result`
			`func (m *Matcher) matchDSL(mp map[string]interface{}) bool {`
			`// Iterate over all the regexes accepted as valid`
			`for i, expression := range m.dslCompiled {`
			`result, err := expression.Evaluate(mp)`
			`if err != nil {`
			`continue`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
poc dsl language support in matchers 2020-04-26 23:32:58 +02:00			`var bResult bool`
			`bResult, ok := result.(bool)`

			`// Continue if the regex doesn't match`
			`if !ok \|\| !bResult {`
			`// If we are in an AND request and a match failed,`
			`// return false as the AND condition fails on any single mismatch.`
			`if m.condition == ANDCondition {`
			`return false`
			`}`
			`// Continue with the flow since its an OR Condition.`
			`continue`
			`}`

			`// If the condition was an OR, return on the first match.`
			`if m.condition == ORCondition {`
			`return true`
			`}`

			`// If we are at the end of the dsl, return with true`
			`if len(m.dslCompiled)-1 == i {`
			`return true`
			`}`
			`}`
Initial adoption of golangci-lint for CI 2020-08-25 23:24:31 +02:00
poc dsl language support in matchers 2020-04-26 23:32:58 +02:00			`return false`
			`}`