diff --git a/v2/pkg/operators/common/dsl/dsl.go b/v2/pkg/operators/common/dsl/dsl.go index 0b99505e3..6bff036a1 100644 --- a/v2/pkg/operators/common/dsl/dsl.go +++ b/v2/pkg/operators/common/dsl/dsl.go @@ -356,12 +356,8 @@ var functions = map[string]govaluate.ExpressionFunction{ }, // is_before_now compares a timestamp and returns true if the first // passed argument is a time.Time that has already passed. - "is_time_before_now": func(args ...interface{}) (interface{}, error) { - if len(args) != 1 { - return nil, ErrDSLArguments - } - isBefore := time.Since(args[0].(time.Time)) > 0 - return isBefore, nil + "time_now": func(args ...interface{}) (interface{}, error) { + return float64(time.Now().Unix()), nil }, } diff --git a/v2/pkg/operators/common/dsl/dsl_test.go b/v2/pkg/operators/common/dsl/dsl_test.go index bf2c5bfef..42bf5810d 100644 --- a/v2/pkg/operators/common/dsl/dsl_test.go +++ b/v2/pkg/operators/common/dsl/dsl_test.go @@ -2,7 +2,9 @@ package dsl import ( "testing" + "time" + "github.com/Knetic/govaluate" "github.com/stretchr/testify/require" ) @@ -17,3 +19,12 @@ func TestDSLURLEncodeDecode(t *testing.T) { require.Nil(t, err, "could not url encode") require.Equal(t, "&test\"", decoded, "could not get url decoded data") } + +func TestDSLTimeComparison(t *testing.T) { + compiled, err := govaluate.NewEvaluableExpressionWithFunctions("time_now() > not_after", HelperFunctions()) + require.Nil(t, err, "could not compare time") + + result, err := compiled.Evaluate(map[string]interface{}{"not_after": float64(time.Now().Unix() - 1000)}) + require.Nil(t, err, "could not evaluate compare time") + require.Equal(t, true, result, "could not get url encoded data") +} diff --git a/v2/pkg/protocols/others/ssl/ssl.go b/v2/pkg/protocols/others/ssl/ssl.go index 6a33f27e4..ded0274dd 100644 --- a/v2/pkg/protocols/others/ssl/ssl.go +++ b/v2/pkg/protocols/others/ssl/ssl.go @@ -10,6 +10,7 @@ import ( "github.com/pkg/errors" "github.com/projectdiscovery/fastdialer/fastdialer" + "github.com/projectdiscovery/gologger" "github.com/projectdiscovery/nuclei/v2/pkg/operators" "github.com/projectdiscovery/nuclei/v2/pkg/output" "github.com/projectdiscovery/nuclei/v2/pkg/protocols" @@ -65,7 +66,7 @@ func (r *Request) ExecuteWithResults(input string, dynamicValues, previous outpu if err != nil { return nil } - hostname, _, _ := net.SplitHostPort(input) + hostname, _, _ := net.SplitHostPort(address) config := &tls.Config{InsecureSkipVerify: true, ServerName: hostname} conn, err := r.dialer.DialTLSWithConfig(context.Background(), "tcp", address, config) @@ -81,13 +82,16 @@ func (r *Request) ExecuteWithResults(input string, dynamicValues, previous outpu if !ok { return nil } + r.options.Output.Request(r.options.TemplateID, address, "ssl", err) + gologger.Verbose().Msgf("Sent SSL request to %s", address) + if len(connTLS.ConnectionState().PeerCertificates) == 0 { return nil } data := make(map[string]interface{}) cert := connTLS.ConnectionState().PeerCertificates[0] data["host"] = input - data["not_after"] = cert.NotAfter + data["not_after"] = float64(cert.NotAfter.Unix()) data["ip"] = r.dialer.GetDialedIP(hostname) event := &output.InternalWrappedEvent{InternalEvent: data} @@ -116,6 +120,7 @@ func getAddress(toTest string) (string, error) { } else { toTest = parsed.Host } + return toTest, nil } return toTest, nil } diff --git a/v2/pkg/protocols/others/ssl/ssl_test.go b/v2/pkg/protocols/others/ssl/ssl_test.go index a043518ab..fef44fbbc 100644 --- a/v2/pkg/protocols/others/ssl/ssl_test.go +++ b/v2/pkg/protocols/others/ssl/ssl_test.go @@ -26,3 +26,8 @@ func TestSSLProtocol(t *testing.T) { err = request.ExecuteWithResults("google.com:443", nil, nil, func(event *output.InternalWrappedEvent) {}) require.Nil(t, err, "could not run ssl request") } + +func TestGetAddress(t *testing.T) { + address, _ := getAddress("https://google.com") + require.Equal(t, "google.com:443", address, "could not get correct address") +} diff --git a/v2/pkg/protocols/others/utils/utils.go b/v2/pkg/protocols/others/utils/utils.go index 804d0a948..89771ca90 100644 --- a/v2/pkg/protocols/others/utils/utils.go +++ b/v2/pkg/protocols/others/utils/utils.go @@ -62,7 +62,7 @@ func ExtractFunc(data map[string]interface{}, extractor *extractors.Extractor) m // MatchFunc performs matching operation for a matcher on model and returns true or false. func MatchFunc(data map[string]interface{}, matcher *matchers.Matcher) bool { partItem, ok := data[matcher.Part] - if !ok { + if !ok && len(matcher.DSL) == 0 { return false } item := types.ToString(partItem)