nuclei/v2/pkg/protocols/common/generators/generators.go

// Inspired from https://github.com/ffuf/ffuf/blob/master/pkg/input/input.go

package generators

import (
	"github.com/pkg/errors"
	"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
)

// Generator is the generator struct for generating payloads
type Generator struct {
	Type     AttackType
	payloads map[string][]string
}

// New creates a new generator structure for payload generation
func New(payloads map[string]interface{}, attackType AttackType, templatePath string, catalog *catalog.Catalog) (*Generator, error) {
	if attackType.String() == "" {
		attackType = BatteringRamAttack
	}

	// Resolve payload paths if they are files.
	payloadsFinal := make(map[string]interface{})
	for name, payload := range payloads {
		payloadsFinal[name] = payload
	}
	for name, payload := range payloads {
		payloadStr, ok := payload.(string)
		if ok {
			final, resolveErr := catalog.ResolvePath(payloadStr, templatePath)
			if resolveErr != nil {
				return nil, errors.Wrap(resolveErr, "could not read payload file")
			}
			payloadsFinal[name] = final
		}
	}

	generator := &Generator{}
	if err := generator.validate(payloads, templatePath); err != nil {
		return nil, err
	}

	compiled, err := loadPayloads(payloadsFinal)
	if err != nil {
		return nil, err
	}
	generator.Type = attackType
	generator.payloads = compiled

	// Validate the batteringram payload set
	if attackType == BatteringRamAttack {
		if len(payloads) != 1 {
			return nil, errors.New("batteringram must have single payload set")
		}
	}
	return generator, nil
}

// Iterator is a single instance of an iterator for a generator structure
type Iterator struct {
	Type        AttackType
	position    int
	msbIterator int
	total       int
	payloads    []*payloadIterator
}

// NewIterator creates a new iterator for the payloads generator
func (g *Generator) NewIterator() *Iterator {
	var payloads []*payloadIterator

	for name, values := range g.payloads {
		payloads = append(payloads, &payloadIterator{name: name, values: values})
	}
	iterator := &Iterator{
		Type:     g.Type,
		payloads: payloads,
	}
	iterator.total = iterator.Total()
	return iterator
}

// Reset resets the iterator back to its initial value
func (i *Iterator) Reset() {
	i.position = 0
	i.msbIterator = 0

	for _, payload := range i.payloads {
		payload.resetPosition()
	}
}

// Remaining returns the amount of requests left for the generator.
func (i *Iterator) Remaining() int {
	return i.total - i.position
}

// Total returns the amount of input combinations available
func (i *Iterator) Total() int {
	count := 0
	switch i.Type {
	case BatteringRamAttack:
		for _, p := range i.payloads {
			count += len(p.values)
		}
	case PitchForkAttack:
		count = len(i.payloads[0].values)
		for _, p := range i.payloads {
			if count > len(p.values) {
				count = len(p.values)
			}
		}
	case ClusterbombAttack:
		count = 1
		for _, p := range i.payloads {
			count *= len(p.values)
		}
	}
	return count
}

// Value returns the next value for an iterator
func (i *Iterator) Value() (map[string]interface{}, bool) {
	switch i.Type {
	case BatteringRamAttack:
		return i.batteringRamValue()
	case PitchForkAttack:
		return i.pitchforkValue()
	case ClusterbombAttack:
		return i.clusterbombValue()
	default:
		return i.batteringRamValue()
	}
}

// batteringRamValue returns a list of all payloads for the iterator
func (i *Iterator) batteringRamValue() (map[string]interface{}, bool) {
	values := make(map[string]interface{}, 1)

	currentIndex := i.msbIterator
	payload := i.payloads[currentIndex]
	if !payload.next() {
		i.msbIterator++
		if i.msbIterator == len(i.payloads) {
			return nil, false
		}
		return i.batteringRamValue()
	}
	values[payload.name] = payload.value()
	payload.incrementPosition()
	i.position++
	return values, true
}

// pitchforkValue returns a map of keyword:value pairs in same index
func (i *Iterator) pitchforkValue() (map[string]interface{}, bool) {
	values := make(map[string]interface{}, len(i.payloads))

	for _, p := range i.payloads {
		if !p.next() {
			return nil, false
		}
		values[p.name] = p.value()
		p.incrementPosition()
	}
	i.position++
	return values, true
}

// clusterbombValue returns a combination of all input pairs in key:value format.
func (i *Iterator) clusterbombValue() (map[string]interface{}, bool) {
	if i.position >= i.total {
		return nil, false
	}
	values := make(map[string]interface{}, len(i.payloads))

	// Should we signal the next InputProvider in the slice to increment
	signalNext := false
	first := true
	for index, p := range i.payloads {
		if signalNext {
			p.incrementPosition()
			signalNext = false
		}
		if !p.next() {
			// No more inputs in this inputprovider
			if index == i.msbIterator {
				// Reset all previous wordlists and increment the msb counter
				i.msbIterator++
				i.clusterbombIteratorReset()
				// Start again
				return i.clusterbombValue()
			}
			p.resetPosition()
			signalNext = true
		}
		values[p.name] = p.value()
		if first {
			p.incrementPosition()
			first = false
		}
	}
	i.position++
	return values, true
}

func (i *Iterator) clusterbombIteratorReset() {
	for index, p := range i.payloads {
		if index < i.msbIterator {
			p.resetPosition()
		}
		if index == i.msbIterator {
			p.incrementPosition()
		}
	}
}

// payloadIterator is a single instance of an iterator for a single payload list.
type payloadIterator struct {
	index  int
	name   string
	values []string
}

// next returns true if there are more values in payload iterator
func (i *payloadIterator) next() bool {
	return i.index < len(i.values)
}

// resetPosition resets the position of the payload iterator
func (i *payloadIterator) resetPosition() {
	i.index = 0
}

// incrementPosition increments the position of the payload iterator
func (i *payloadIterator) incrementPosition() {
	i.index++
}

// value returns the value of the payload at an index
func (i *payloadIterator) value() string {
	return i.values[i.index]
}
Added reworked generators package 2020-12-22 01:02:38 +05:30			`// Inspired from https://github.com/ffuf/ffuf/blob/master/pkg/input/input.go`

			`package generators`

Removed duplicate attackType logic + move attackType to generators 2021-11-04 02:28:48 +05:30			`import (`
			`"github.com/pkg/errors"`
			`"github.com/projectdiscovery/nuclei/v2/pkg/catalog"`
			`)`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30
Added reworked generators package 2020-12-22 01:02:38 +05:30			`// Generator is the generator struct for generating payloads`
			`type Generator struct {`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`Type AttackType`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`payloads map[string][]string`
			`}`

			`// New creates a new generator structure for payload generation`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`func New(payloads map[string]interface{}, attackType AttackType, templatePath string, catalog catalog.Catalog) (Generator, error) {`
			`if attackType.String() == "" {`
			`attackType = BatteringRamAttack`
Removed duplicate attackType logic + move attackType to generators 2021-11-04 02:28:48 +05:30			`}`

			`// Resolve payload paths if they are files.`
			`payloadsFinal := make(map[string]interface{})`
			`for name, payload := range payloads {`
			`payloadsFinal[name] = payload`
			`}`
			`for name, payload := range payloads {`
			`payloadStr, ok := payload.(string)`
			`if ok {`
			`final, resolveErr := catalog.ResolvePath(payloadStr, templatePath)`
			`if resolveErr != nil {`
			`return nil, errors.Wrap(resolveErr, "could not read payload file")`
			`}`
			`payloadsFinal[name] = final`
			`}`
			`}`

Added payload validation + misc 2020-12-29 12:08:46 +05:30			`generator := &Generator{}`
			`if err := generator.validate(payloads, templatePath); err != nil {`
			`return nil, err`
			`}`

Removed duplicate attackType logic + move attackType to generators 2021-11-04 02:28:48 +05:30			`compiled, err := loadPayloads(payloadsFinal)`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`if err != nil {`
			`return nil, err`
			`}`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`generator.Type = attackType`
Added payload validation + misc 2020-12-29 12:08:46 +05:30			`generator.payloads = compiled`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30
misc sniper cleanups 2021-10-13 13:19:00 +05:30			`// Validate the batteringram payload set`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`if attackType == BatteringRamAttack {`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`if len(payloads) != 1 {`
misc sniper cleanups 2021-10-13 13:19:00 +05:30			`return nil, errors.New("batteringram must have single payload set")`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`}`
			`}`
HTTP executor refactor + simplifying logics 2020-12-28 20:02:26 +05:30			`return generator, nil`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

			`// Iterator is a single instance of an iterator for a generator structure`
			`type Iterator struct {`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`Type AttackType`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`position int`
			`msbIterator int`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`total int`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`payloads []*payloadIterator`
			`}`

			`// NewIterator creates a new iterator for the payloads generator`
			`func (g Generator) NewIterator() Iterator {`
			`var payloads []*payloadIterator`

			`for name, values := range g.payloads {`
			`payloads = append(payloads, &payloadIterator{name: name, values: values})`
			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`iterator := &Iterator{`
			`Type: g.Type,`
			`payloads: payloads,`
			`}`
			`iterator.total = iterator.Total()`
			`return iterator`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`// Reset resets the iterator back to its initial value`
			`func (i *Iterator) Reset() {`
			`i.position = 0`
			`i.msbIterator = 0`

			`for _, payload := range i.payloads {`
			`payload.resetPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
			`}`

HTTP executor refactor + simplifying logics 2020-12-28 20:02:26 +05:30			`// Remaining returns the amount of requests left for the generator.`
			`func (i *Iterator) Remaining() int {`
			`return i.total - i.position`
			`}`

			`// Total returns the amount of input combinations available`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`func (i *Iterator) Total() int {`
			`count := 0`
			`switch i.Type {`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case BatteringRamAttack:`
Added support for multiple sniper payloads 2020-12-30 13:57:15 +05:30			`for _, p := range i.payloads {`
			`count += len(p.values)`
			`}`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case PitchForkAttack:`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`count = len(i.payloads[0].values)`
remove pitchfork validation 2021-09-01 20:03:53 +05:30			`for _, p := range i.payloads {`
			`if count > len(p.values) {`
			`count = len(p.values)`
			`}`
			`}`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case ClusterbombAttack:`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`count = 1`
			`for _, p := range i.payloads {`
Lint errors fix 2021-02-26 13:13:11 +05:30			`count *= len(p.values)`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
			`}`
			`return count`
			`}`

			`// Value returns the next value for an iterator`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`func (i *Iterator) Value() (map[string]interface{}, bool) {`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`switch i.Type {`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case BatteringRamAttack:`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`return i.batteringRamValue()`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case PitchForkAttack:`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`return i.pitchforkValue()`
Added an enum for attackType 2021-11-04 02:41:56 +05:30			`case ClusterbombAttack:`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`return i.clusterbombValue()`
			`default:`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`return i.batteringRamValue()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
			`}`

Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`// batteringRamValue returns a list of all payloads for the iterator`
			`func (i *Iterator) batteringRamValue() (map[string]interface{}, bool) {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`values := make(map[string]interface{}, 1)`
Added reworked generators package 2020-12-22 01:02:38 +05:30
Added support for multiple sniper payloads 2020-12-30 13:57:15 +05:30			`currentIndex := i.msbIterator`
			`payload := i.payloads[currentIndex]`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`if !payload.next() {`
Added support for multiple sniper payloads 2020-12-30 13:57:15 +05:30			`i.msbIterator++`
			`if i.msbIterator == len(i.payloads) {`
			`return nil, false`
			`}`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`return i.batteringRamValue()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`values[payload.name] = payload.value()`
			`payload.incrementPosition()`
HTTP executor refactor + simplifying logics 2020-12-28 20:02:26 +05:30			`i.position++`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`return values, true`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

			`// pitchforkValue returns a map of keyword:value pairs in same index`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`func (i *Iterator) pitchforkValue() (map[string]interface{}, bool) {`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`values := make(map[string]interface{}, len(i.payloads))`

			`for _, p := range i.payloads {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`if !p.next() {`
			`return nil, false`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`values[p.name] = p.value()`
			`p.incrementPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
HTTP executor refactor + simplifying logics 2020-12-28 20:02:26 +05:30			`i.position++`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`return values, true`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

			`// clusterbombValue returns a combination of all input pairs in key:value format.`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`func (i *Iterator) clusterbombValue() (map[string]interface{}, bool) {`
			`if i.position >= i.total {`
			`return nil, false`
			`}`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`values := make(map[string]interface{}, len(i.payloads))`

			`// Should we signal the next InputProvider in the slice to increment`
			`signalNext := false`
			`first := true`
			`for index, p := range i.payloads {`
			`if signalNext {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`p.incrementPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`signalNext = false`
			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`if !p.next() {`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`// No more inputs in this inputprovider`
			`if index == i.msbIterator {`
			`// Reset all previous wordlists and increment the msb counter`
			`i.msbIterator++`
			`i.clusterbombIteratorReset()`
			`// Start again`
			`return i.clusterbombValue()`
			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`p.resetPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`signalNext = true`
			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`values[p.name] = p.value()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`if first {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`p.incrementPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`first = false`
			`}`
			`}`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`i.position++`
			`return values, true`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

			`func (i *Iterator) clusterbombIteratorReset() {`
			`for index, p := range i.payloads {`
			`if index < i.msbIterator {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`p.resetPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
			`if index == i.msbIterator {`
Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`p.incrementPosition()`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`
			`}`
			`}`

			`// payloadIterator is a single instance of an iterator for a single payload list.`
			`type payloadIterator struct {`
			`index int`
			`name string`
			`values []string`
			`}`

Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`// next returns true if there are more values in payload iterator`
			`func (i *payloadIterator) next() bool {`
			`return i.index < len(i.values)`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`

Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`// resetPosition resets the position of the payload iterator`
			`func (i *payloadIterator) resetPosition() {`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`i.index = 0`
			`}`

Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`// incrementPosition increments the position of the payload iterator`
			`func (i *payloadIterator) incrementPosition() {`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`i.index++`
			`}`

Fixed payload generators bug 2020-12-26 22:52:33 +05:30			`// value returns the value of the payload at an index`
			`func (i *payloadIterator) value() string {`
			`return i.values[i.index]`
Added reworked generators package 2020-12-22 01:02:38 +05:30			`}`